Malware Analysis Report

2024-11-16 15:45

Sample ID 240220-f8mk6ace75
Target 3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe
SHA256 3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a

Threat Level: Known bad

The file 3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Enumerates physical storage devices

Unsigned PE

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Checks processor information in registry

Uses Task Scheduler COM API

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Modifies Internet Explorer settings

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-20 05:32

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-20 05:32

Reported

2024-02-20 05:35

Platform

win7-20231215-en

Max time kernel

38s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000429d3af34477a14f8b2dd76917334189000000000200000000001066000000010000200000006f731d8b7018afe205c39dcb44b66439c13f22b8829a5757aae4cac6b677ed3a000000000e8000000002000020000000b90650d8a10cff87affbd1b39f24a224fc51c490c2e3543c81e560de96730dca200000005f12ca3e9e0d9d90906cfc6bad9f0d1d1b349051a81483b875c698bcb9d3cfbd40000000214ec05887f163c3050c8af1908eb0b3a931ab7039f94c9d844f64482b27a93b3923ef43aa15361e7f5fbe38c9fdbf198105dc1527d6c2d73687b6c6c1181a99 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{79B750D1-CFB1-11EE-A1AA-6E3D54FB2439} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000429d3af34477a14f8b2dd7691733418900000000020000000000106600000001000020000000da863c6e282d86c61d86938f1873d4a4d658d72acc43c3bea88fc16016a90ed3000000000e80000000020000200000001f343ad736767f767dcfc462aa74f1a7825eb9eb1c7958bb6fe29052dd8dcf7e900000003d6ecf859074eb799fb9abcfb3efbaa44b387f5ead8d1114874d68fe4bef477d854ae4e3b8afb6b8a422e56b806b4bd20c2658a02e7a4ae160840c0d44643edfb3abf3950df3a1454f0f3fa4a264b7aa37399a8bdadc8fff967c50fb3fdc1c9e12cd6ce8a7b221d813eea9557b05aa859ff8eb9952de70137c119b9ceba18327d4cc089b093d78536a0e203842224b8f400000008f9b98acceee565d147d0ff8195dcf81d4b91f10b3603a5c0b7cc5dd02a4443d7ff95dbf74be68d0fc73216566a354d9f46c93b7f5dc54a5011b97d646b693f8 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 90fcca4fbe63da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2380 wrote to memory of 3020 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 3020 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 3020 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 3020 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 2248 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 2248 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 2248 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 2248 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 2700 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 2700 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 2700 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 2700 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 2780 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 2780 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 2780 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2380 wrote to memory of 2780 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3020 wrote to memory of 3044 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3020 wrote to memory of 3044 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3020 wrote to memory of 3044 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3020 wrote to memory of 3044 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2248 wrote to memory of 2636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2248 wrote to memory of 2636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2248 wrote to memory of 2636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2248 wrote to memory of 2636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2700 wrote to memory of 3028 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2700 wrote to memory of 3028 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2700 wrote to memory of 3028 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2700 wrote to memory of 3028 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2780 wrote to memory of 1676 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2780 wrote to memory of 1676 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2780 wrote to memory of 1676 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2780 wrote to memory of 1676 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2380 wrote to memory of 2236 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2380 wrote to memory of 2236 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2380 wrote to memory of 2236 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2380 wrote to memory of 2236 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2380 wrote to memory of 2004 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2380 wrote to memory of 2004 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2380 wrote to memory of 2004 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2380 wrote to memory of 2004 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2236 wrote to memory of 2032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2236 wrote to memory of 2032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2236 wrote to memory of 2032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2380 wrote to memory of 1820 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2380 wrote to memory of 1820 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2380 wrote to memory of 1820 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2380 wrote to memory of 1820 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2004 wrote to memory of 844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2004 wrote to memory of 844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2004 wrote to memory of 844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2380 wrote to memory of 2152 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2380 wrote to memory of 2152 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2380 wrote to memory of 2152 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2380 wrote to memory of 2152 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2152 wrote to memory of 1748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2152 wrote to memory of 1748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2152 wrote to memory of 1748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2152 wrote to memory of 1748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2152 wrote to memory of 1748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2152 wrote to memory of 1748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2152 wrote to memory of 1748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2152 wrote to memory of 1748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2152 wrote to memory of 1748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2152 wrote to memory of 1748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe

"C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3020 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2700 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2780 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6349758,0x7fef6349768,0x7fef6349778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6349758,0x7fef6349768,0x7fef6349778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6349758,0x7fef6349768,0x7fef6349778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.0.70184430\2100788033" -parentBuildID 20221007134813 -prefsHandle 1176 -prefMapHandle 1156 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f9b9e6cd-a157-43d4-a677-ad5d45f68e3f} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 1292 10debe58 gpu

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1076 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1332 --field-trial-handle=1388,i,16202750439325188508,14417033560156529522,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1184 --field-trial-handle=1388,i,16202750439325188508,14417033560156529522,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1328 --field-trial-handle=1356,i,1969320275156170646,10116548842005642977,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1580 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1168 --field-trial-handle=1356,i,1969320275156170646,10116548842005642977,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.1.1904638550\1333363568" -parentBuildID 20221007134813 -prefsHandle 1512 -prefMapHandle 1508 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d61066e-ae61-4ee4-829f-10a3d8ef927d} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 1524 e71258 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2292 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2300 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2440 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.2.1430046327\1242540447" -childID 1 -isForBrowser -prefsHandle 2188 -prefMapHandle 2184 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {caf76d2b-83ee-46d5-bf6a-9fc956b76758} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 2320 191efe58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2464 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.3.604279183\69638517" -childID 2 -isForBrowser -prefsHandle 2856 -prefMapHandle 2852 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e8a0b81d-d5de-4aea-873e-aa9a79ce73ec} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 2892 e61b58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3136 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3172 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3244 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.4.479118458\2072189490" -childID 3 -isForBrowser -prefsHandle 3512 -prefMapHandle 3776 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {017a6b3b-7ddd-4a15-8985-5aa2bd144010} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 3744 1ecde858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.6.405179057\189801165" -childID 5 -isForBrowser -prefsHandle 4000 -prefMapHandle 4004 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a8ac2e48-9f75-43b9-8ba0-19b59d081207} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 3988 1f7da258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.5.1813421951\804355502" -childID 4 -isForBrowser -prefsHandle 3928 -prefMapHandle 3936 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b8abc0db-0bd7-4691-94e6-2ce174130015} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 3916 1f7d7258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.7.700074450\16750458" -childID 6 -isForBrowser -prefsHandle 4296 -prefMapHandle 4280 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3db0a910-27cf-4448-bc6d-8cc85fa043cb} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 4300 20c5b358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.9.1908861080\1594710805" -childID 8 -isForBrowser -prefsHandle 4444 -prefMapHandle 4448 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b9e9f63b-31bd-4b08-b687-38aaffffea36} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 4572 20e1eb58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.8.74333049\1360578502" -childID 7 -isForBrowser -prefsHandle 4456 -prefMapHandle 4460 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d1154c63-df5b-4ce3-9411-3ada86588604} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 4552 20c5ce58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.10.845803190\149761561" -parentBuildID 20221007134813 -prefsHandle 4744 -prefMapHandle 4740 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {364794fa-419b-4e69-aa55-ae0cd53f5d0b} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 4660 1ecdf758 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.11.89219032\935638" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4988 -prefMapHandle 4992 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {016acd15-9e5a-42a7-afce-a36e182e3571} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 4744 1db8d658 utility

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2236 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1748.12.1811302946\1527990046" -childID 9 -isForBrowser -prefsHandle 2904 -prefMapHandle 2796 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 728 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {22b48211-dd28-480a-9367-f9218fc29097} 1748 "\\.\pipe\gecko-crash-server-pipe.1748" 2916 1ec03258 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2648 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4376 --field-trial-handle=1368,i,320924182934595988,9012464674238206595,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 216.58.201.110:443 www.youtube.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 facebook.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 88.221.135.104:443 platform.linkedin.com tcp
GB 88.221.135.104:443 platform.linkedin.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 fbsbx.com udp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
GB 216.58.201.110:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 52.24.144.241:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 216.58.201.110:443 youtube-ui.l.google.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.54:443 i.ytimg.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 172.217.16.238:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
N/A 127.0.0.1:50144 tcp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 www.youtube.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
GB 163.70.151.35:443 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 142.250.200.14:443 www.youtube.com tcp
GB 142.250.200.14:443 www.youtube.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.178.10:443 jnn-pa.googleapis.com tcp
GB 142.250.178.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.178.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
N/A 127.0.0.1:50235 tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 rr4---sn-npoe7ns6.googlevideo.com udp
SG 142.251.84.105:443 rr4---sn-npoe7ns6.googlevideo.com tcp
SG 142.251.84.105:443 rr4---sn-npoe7ns6.googlevideo.com tcp
SG 142.251.84.105:443 rr4---sn-npoe7ns6.googlevideo.com tcp
SG 142.251.84.105:443 rr4---sn-npoe7ns6.googlevideo.com tcp
SG 142.251.84.105:443 rr4---sn-npoe7ns6.googlevideo.com tcp
SG 142.251.84.105:443 rr4---sn-npoe7ns6.googlevideo.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp

Files

memory/2380-0-0x00000000006A0000-0x00000000006A1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{79C337B1-CFB1-11EE-A1AA-6E3D54FB2439}.dat

MD5 7af836b994845296ebe50d38f5b01c14
SHA1 ff21412d5262ff1034189b33f2fc19a9827259cc
SHA256 bf3af8dc2bb69a174ec2c9627871686861692eafa52e43f357f4600352468450
SHA512 92b5e46b27ea5c93cd87b607a8ad9edfe62fe2a7efb69298363f607da6db84632f45bd3c574187198529b8a843c5148bf03d9f6a522ce215e75270760c257d08

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{79BE74F1-CFB1-11EE-A1AA-6E3D54FB2439}.dat

MD5 f9f223e3056ee71835108581e4045d15
SHA1 1fbfcb05a456fe1f395e623c2177686bda1df973
SHA256 4552260ce6452ebb6f98572f33b4f49ec1693c06082fb3be16235b44710d2968
SHA512 1ef8339ec7420fc926975c21c561d9ac8c9601ddf0d3889e4a1aed6a827b61f502479addedeaa433ba44100d595e62d75c08d8e0d0be909dade5a7359143f1c4

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{79B750D1-CFB1-11EE-A1AA-6E3D54FB2439}.dat

MD5 0d868c2bca703c31ed07d19a7a0c0d29
SHA1 a0f7b139792e66a2742eb17afa626a463b03f996
SHA256 5a8b7beab8f4d4afcc0b8610ff1cc2da734f94e8d4ff772f55da2c114d5fe049
SHA512 dfc2302d5154234c728940cd460b4e9daadb5ecbbb2e8e69d578a50bf665fb5bde4e33ff8e84388cd350e8ee2c7d434fc06453e0a7bb7e47853040ac6bf208d7

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{79B750D1-CFB1-11EE-A1AA-6E3D54FB2439}.dat

MD5 f375e2b5da3c1ef772625ebe2d0ab0c3
SHA1 43c25df0359532891204daac1af8eca900758ce4
SHA256 014c3c1bc32c9d7078f38bd2e697e09e16ce5458fdf39043f1ba71adfdada646
SHA512 cf4f2eeb9a7630fb58f08f96285d335eb3f48e22244ce134b88901274c566541a3ece996bba9afa71f13f9bb1ee0c14d8e1ad11ef5e0b1e5acbe7e6879348b45

C:\Users\Admin\AppData\Local\Temp\Cab458A.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d69398ae458e1ffc4ae63b71d1c02adc
SHA1 66f39161e9b776aa99837fb74fb8ea2c8a15bb2a
SHA256 a9daa0e80dc490533c239d50007d6f6b0a9589f38e9a548c3a1f29a9dac574ab
SHA512 bd3bbedd29a50b455ee4dddd1940de8a0d6df1a1e45c6ff39673b624abc82acb9db55339c83bca1d0dcb22949847f141f02257328eb0ab15f7a6659121090cf8

C:\Users\Admin\AppData\Local\Temp\Tar4589.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 e9bbafe709961252eaf236f5be34e488
SHA1 5fa364396dbd1bae1f222667384cc95fd6295154
SHA256 14bcf98a0703eb439dd3572a3351956a50b9181ee0a52370c0a0e5de8c633719
SHA512 b832179882da3162450b48175e1928cb948710345b736df26271c09337a6a2b1ff2844fffbfd2f507e7d6fdc0c6a49f7639bcdf85085db2f5b8aac986858a973

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 cf7c39c642fe92ca4ec669b9e8ff3fec
SHA1 76413213c3f47df40edf753b6a3d0f6cbe0c6952
SHA256 41b1a0794d5e5a4e347c14679008df772ba82fd081f41c978d3ceec5609ddbf8
SHA512 e65ec70b24de0f284da43aa40f8c6511ea3765f6e3460c764de3dbc7a987d26072b81063d70b7276e3e6c542dbe9570edf3a36419d98e50e859b32ea1896e6cf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 5a80ae911763a318a43ed96f773e68ae
SHA1 b57a4295f029dcd34f12c7b747d28f128e4ed61e
SHA256 f67202384f7b0e6b0f0ae360012d2094a73c75ed3af6436a127f7943e3134267
SHA512 424c8fb16931b0f80df24af9a71c01b43a671e548309047a7ef2fa4463140dea196397c87d549a210fe770ae7451855a1d44012ee20288b384f2d3e9c896004b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 43cb702dc50b878cca23ff4b6d8adf15
SHA1 36f144cdd758ae68d9b03a6ff729de1f74464e60
SHA256 21207f407f992ab169cca6e70b7384efcc481e149162e2bf9aaa3957352eef93
SHA512 f6989dc88002b54446e086ea58a32dc102ecc652c2522b1d1c16978e0041bb356bd580413a1b57545bc65aa3d568d7ec1803e08483b04af1d7518efdb674ff02

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4507a5b669f68da8ca685608b4a5595f
SHA1 040a4c6727d01b86054650ce5aa7278bcfa6ef51
SHA256 6cdbf77365e18f99b4fb91f7111e2895e68add7d90b4656e7c4b76f11cdc1528
SHA512 411662a4dbb25c528b9e34e9a3f535abd6a0389e775144e3bacb9558f7808ffb066fb1c02fc734180cff4ed64edad5eefb0505a74904c462d07ad11978d43af1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0c66d0f8e34e86bcaac7184abbd9a7a3
SHA1 b6f0d634b3a70faf1b6ae26b12548b123ea20014
SHA256 f1235ff085e6558f77a7b72cf178429b14416eb90285cee6a474f85c8b547afe
SHA512 bd64bf4082d5119c2f657485ae7166129bc53f31c65a89ef8a8a936b86acd606574d9ddc4238ceb3aab1e03aba5336260acc6de024fa465e243631393e4749a1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 f4cf041f3c6357384617470c5121eb05
SHA1 0537499bb96530ba91c79aa8fe8c757b99bbe409
SHA256 90389045071c53c6311ea8f6c6aaf3809660e5a2d689c32c68595edf14f61139
SHA512 16e8fb7d673a963db9d9efe6db8a4f5694fd74ae98cbdb175e85ac3f9133b4c4fdb64cd02e0b74fbe2371bc7866cd43f1dd22cc754e4f0e1b9021bfc98beb6ad

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 da6d006b16ef837a783661b753186fe1
SHA1 3c8cc00a44e67ec9cd0ed5914e9a258398c76b73
SHA256 afa36e9e92059e37b7fa7f71b70631e54fe845bb583f3c5e2ba6d10bc6f4cc7c
SHA512 afe1ef2577b97e3ceb725d4f59786421425c360714d9cda37617cab634a64c45b15f34027e0613b2cdccc41a3970a122258da3ed7d6d80c0c033a7f71d24330f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e744a2014836d5d27d2f5a53bb9e4baf
SHA1 48161a0f6617bfd636ec4872920f3c895e82b806
SHA256 13eb6482db705ea62b2862986aff9bdf99794e9160ca9b87240e7a7dab0db6e1
SHA512 052ab327bd0896ecb36ce569f4d67781dd27882556326c346f91d7c94ee5315470f283ea1964b5cf5289388e70f6ff2d40cc6596abb8d6be23e203a5b6c2b78a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAJVCBJI\favicon[2].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2tj7qpw\imagestore.dat

MD5 f64caa80d1ecb82122c8b3ee99141e62
SHA1 fdf94ca53d8917432b239c8a774050ab37cc5612
SHA256 4ba35f0979f7a109647a1fb1496d447f7daf06eb9427114334383e045facaa5b
SHA512 cb9b2edc370c8e593684b44a908cd581a330f2b2eaf302eb973abc3296af87b798cd365a2df06e5e9198f73dbc0ced00b0aab36de256d744a82482899388c931

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU3RPYUN\3m4lyvbs6efg8pyhv7kupo6dh[1].ico

MD5 3d0e5c05903cec0bc8e3fe0cda552745
SHA1 1b513503c65572f0787a14cc71018bd34f11b661
SHA256 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
SHA512 3d95663ac130116961f53cdca380ffc34e4814c52f801df59629ec999db79661b1d1f8b2e35d90f1a5f68ce22cc07e03f8069bd6e593c7614f7a8b0b0c09fa9e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2tj7qpw\imagestore.dat

MD5 e6e96409bd499d466214e1e7a4e2f28b
SHA1 7c9bba92a2f47d4d76189a77e5e9a39d488cca65
SHA256 b03855bd593897252eb9e442b00c0cb97b09d0bf8c4fa820f471229ab55dd19f
SHA512 fc743fdeb17b5e383baeb497ce61e6bc72ab417c536ed5871716521e257c14e18220bfd3095eb6862d3988983bdf64d64325fcdc115cd507f8aa1e31d72ba721

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\LYXOKPGH\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\23GEO5AD.txt

MD5 1a32c793a895edf0adfcddd911820da9
SHA1 2f1dbaca77373b307d08faee4cb531f75bd3e751
SHA256 ae269784d924a6071d924212cb5d771d9565baeabe22876a8eab89c7e5b7e06e
SHA512 51557d69b0c477372c2513e5807f2e557a38c78298e31f81cebf0e6891dec9242035179d536efcb9aa7ebe136dd9636dc59d33f525b044765df98d618efe7377

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 aeaeec59350a548971f8d1636b471685
SHA1 4254a97ed9d7c7a25b4bc6fa7f49aee505f0ffc2
SHA256 73681f1e257b87074b7b08e6073dea1b0204ee7eab4db48a8555a1852758afd2
SHA512 352f59c14630b64c2e170f6b7b84d3d47bdf774addf5008e47458d942ff5208dcd73adcada33b938ccc9fedfd61f1f0f07355c178cc9a1aba13fac215cfca9a7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 e0e960b7bc8a5ead30420bef8351825f
SHA1 faaf2705010f16b3d402ce5643f8793555f2dcfe
SHA256 4de8657c8009840e7ff14884c611695e4a2a907d0c0e52ae828be192985231b5
SHA512 59ba5b642def3e438bbdd8594daa3e9a018e73c0145ff3139451488adac91657d368d7aed04cb834f24151af5502d758b878354ed64ddc21907d9274d7ec977e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAJVCBJI\favicon[3].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2tj7qpw\imagestore.dat

MD5 8c1208852ac67843dc64948cb81881aa
SHA1 688ba3f0a23dd4f1d31dd7a65fe6574621e5f0e4
SHA256 165749812399f429eba072cd198b3aa1d1e337d6f852d89a4f5164ee5b70a790
SHA512 54ac8c21836e8ac77ffc47e23645fa8ec065287e33ac98d2ace7f9bc0993465b331961a0ef5d039a06db6ccc2ba0e6da6a585e0cf72f6c956e89c3871944447c

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D0I6KXNQ\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2tj7qpw\imagestore.dat

MD5 7fb512eb823b8222117a8e71730ddfb3
SHA1 592cb3ce25c75908b4f0685db2c510b6de976069
SHA256 de6bcaec096da28fc04d4d2230be47bfa2e636d9762e7626b2b999f9e4026368
SHA512 a78db03f3d9c967f2a079f4523ea369847f1ad30a3dfb5f2c23f1048aed26a4fc6f271e01345601cd46d5fd21b206b6489f88657f06943c78303bc210473d356

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bf135b593a27049826226f25006d1a0c
SHA1 34c42f2ed86e22ac12c7e45bb6f1d4893654f5c9
SHA256 53de12e4bddbf1ef7aa2a11409264ef5bc677f0da4732551a3d0ee5f3431a337
SHA512 008f0624f3fec95436b71ceefbfe2221e9660ea01458d4a65751e49e65a206d34c4d1ccc5238cf55edd958cd19aa51f614487a3b24072294d7a79a8044051401

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2057b4d90a5599076ef7eeb164babd37
SHA1 d7fbce917e2bae5b8da642dfa6db146c80c4685d
SHA256 f1b21314bdcc029ab0ac848458d6015de64227f4d5ff4372c9991f1e927dc5cc
SHA512 9b2e5898ccf5f8feffc70ee8bb3cf657a0a4d9925bee6943b1b696cd4e792e0881a1aa1dccb1294e23f35f7220cf8d8c2e60f810e7ed5946f7a20cb346fd020c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 538626db7b2eaa06c7aaa3b8067897e2
SHA1 5b525e2074d5ef7fb582d117f859e16fa48bff4a
SHA256 7307a7ea8648e430a2804e9c119873e20c7e16ae1cedbf6d9b18a11b574cf0f9
SHA512 9b6b360e369c526d702d158b99add0e8bd23272922d7fa1ae20b267baf41c009a756985edec3d7c31eefd4501426086980e4410c93db5fea17da2879a15a5cc0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3714455b8b58b53778c0257cfb905b25
SHA1 1de6ff009192e803a9f9aa1384e0bc6aae275ce9
SHA256 c5361db2fbfd5911c5a1260eb211b73476ebea4dac424b1f26800d1a6195e658
SHA512 8ad45a9ed535f02cd11551930fe1aab5f5d1a1a1d2829d8f6a1b49dbebe0310ac542d156d2f62817f7509e95855080592c63ed05a980dc86e3d7f48fdf35a382

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 da86c283edf0c6947792937bf1ab6dd9
SHA1 72208739dd05ea968230a7643e93e451dabdc5ad
SHA256 c81388c8d0acc803f59c84eecf85473a2ee565916ce0ea2437a5cb41eaa5a6f9
SHA512 18eaffb6764e2a7e79334cff8a75c549a218384f1d53fdf774f1b6391c0a61f0fd57717082aec242a714b3dafbf20cd924879038aede23eef238801d0b14e1d0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c75e7e9c63982b6e122b7cdfa1c661b1
SHA1 65d7126dc182cbd9fabea7fd06f51f978939e5fa
SHA256 ee95bf31bdc0da635ffc22f3015cc93e25e602ae71b1e0c9eba5bf4fa2894155
SHA512 32d8a1850481d4f5dc6a029dbbce894bd37ccc8a8bd71486cc164b52d86e277f30263a2e01c72187e8db2e62cbd6fdaea771cc937c644bb39087b1e8e386007a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 da795ba3ad64879d09c2c8923cbd39a8
SHA1 231967a59f63357d5acb62a5384cc56e827d500d
SHA256 3244dcabfc10460cbd78f223aaea0936f736a617ecfd27b167377e15aa6b0b48
SHA512 5f8b1a8badf5142ebcf174968f9a9d85ca9730b078920d9d6062ea7122517cf554a32660ae9a910bca8d49d02c4d7c8476314e7869d9f3878576c155c494435e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 252ee7b613b4f1a4e6fa3aae5d4602c5
SHA1 33d54b23522071b0563d13d59417e999b2894efa
SHA256 acec526f5727cbfd35dec0f12b92671781fb291bc4a6d429e6e2c3b7a3498885
SHA512 0efbc71ef3cd222b7d7c2a82bde2ecaee9a0b908a44393be74dedd1875ff6ac6728cf443559aa4de2a4c94e61f41c0792ac076c55bfc8257c110824d327da1b5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 35513544f2387e4f3d87510e1f01570f
SHA1 adc5b873570f1a98ade39f9dd14e4bb0df5559f5
SHA256 789f7d8af45953fa913778dcf7bfc5ab204102c933b7ffdff3d7e33f55972a67
SHA512 ab622423a13df900a5bf9e24cd841fbe5b40c0e825d4068ceecf9f2757f502ce64b81eecfd917cec41ea0e0562a4b160fd5aa38741c9a05316e13f0f213795dd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 60cbc69fd5bc661e4aab058479878765
SHA1 eeba30a24d2484ec961c5e3c499486d4667f09fc
SHA256 d7e48b773190daf7094f2e54515927ef850428c62e4ff95f1e33978dbb6893aa
SHA512 f2d089c80791bc2bdff2a3e45a06170c27e80cc13a35ff815cbde87b1ab225dfa610bb0e9fb9de356c0e170749574799cadbd197f078684917ef5200333cd7a1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 951c06ae9151f341ccefffd251c90079
SHA1 c457172b4ebfa8806f5c3e76afe7d7a57dbbb41d
SHA256 1ebf011348efefe63c93d72bc01807cf3bcaf05bd4d1c642b194364562d75d1a
SHA512 134bba09159a4d6e22972b27b7d2ea6a830a397557b424e50bbb1a7e8f17f502d8efa9fac1675eb2354fee2ae533a2fb1767501cca591784aa477d1b2fff3029

memory/2380-880-0x00000000006A0000-0x00000000006A1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 c45e0616ec7c6b20d34f0f14282f62ef
SHA1 eb2336c1ba44a8932127f515d4f9e218c5379aae
SHA256 ee6a697a8106b3fac3486f60d6e5f0e42045f873c97455f4644a5f070d029132
SHA512 30573e4fdfa88c62f6f3a30b265ed6f794ec5e86a528922d40ce273ad4c5108b56119e63eedd639f7d9c29c36e3634e3e9800a0212d569838e01d10051b666ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

\??\pipe\crashpad_2004_SQOHHNYSLLMESZGI

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 aee18839e641d927c18ddd45ebb98e76
SHA1 4dc72f861a3490c9784ee197bf635650b83b4efc
SHA256 40f9a39f7731c02965f8c3f63f3e70df25982a6483c843db3a3133c78a81039c
SHA512 93b61a54355d13ebafadb82a52fb85d2fe18de2e3e674f832f37c888cb2b7108641bff6fd298c15a3e21d993cb1527b0da6b1dd0b5188eab45d8070ca1894d79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\6d3e1d24-9808-4f1a-9849-3087f8b69dc8.tmp

MD5 3188e2e1d4ed897a2a4c84f8382c3ee9
SHA1 acbdf2f4a3f59cc5bf503a66feee914df8323e2d
SHA256 c7d851d47aea1d9dd5f1b347d55728d3e8a11636a089bab255fac2c43ac8fbd4
SHA512 24f3e9d712bf9dcfcde3292f94555f8d1a137d4f9a4233d43fc46056af511e6c671b8ede13dfda474042cf0b8ff12bf34ba0d48400ba45738b438993083b01b4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 43bf8ddeea7b361c157b99fdb5cc383b
SHA1 58a656eda8f9ed13f80a9f99e2bd6a1f239b4f49
SHA256 62953e55cc29e564c166b4c3fec55a07db90be0c5ef01082b2be94b3d19d4daf
SHA512 21a56e527eef6525dae25ad9613739e90829fb87244f895318f8b41ad9eaf863197aeb6f2174531a62645878c1abf6fc78d75daf6b2770dd2587c7cc0f48a6b9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 921f865987498981b8799e3358c955aa
SHA1 d1540581fb09f69737b8f44f5f04a61985bf204e
SHA256 4344e0bc60beaea2b418018735c4bc61b3beb595d361994faaa761886b1c42e0
SHA512 eeef99b2bec587a19a76c161135237e37ff976da103e536c1991093047bf7487fe81a211fe0001b2406f8d32be92cae39a9d5f4bf39ce9f9b151d0da8c1b602c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_FE7F1376F45429175076B763EBF8B3E6

MD5 49d422e29018d7fb2ed8a4e591c9a434
SHA1 5563a97cfcac58e95ed14dbca2e9b5325bf28539
SHA256 2d7edb6387b9aee6d92584f76315be249d8c0b70c4ed7798dd4b2bd0855af276
SHA512 da6f30cdd2d3f34da43ad92a1977f10dd903beb83b5cc72af3bdc36f9e4825ff38b51742abddda7ed6451d0975354ece729ecc2786c56093dfcbb82937dd3d21

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 76a105ba18375e6c18d1d5badbf61eba
SHA1 94cbddcb09609e4804e6aff9e51711dc411e201a
SHA256 2ebb6013e50efade4b9227efa1a16d1fd8eb8a774c94198bff2146366a8cdd33
SHA512 515aa5d7e33c1ef16cc2dd6b4e9b21473d35cb3bad633c04c1460e39b71cf0e004e8ca1d6f8dca7f384fc5139235d859698d4d7d58d6f94cdfa6872cee2600b1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 6e9a5b39845b499b993cac10e6fd39e7
SHA1 8d1479a561ad2e72ebd99ff0943999d888afef8e
SHA256 63e5524eca24d40b335253a9ff406caf25ea00da399fe77f611ea4332bf9773a
SHA512 9c778665d8aa7103f0f43455aab988c0e887f3ecfd41a3063de5839859bbd96b289cf21163c509cfcd2f9e97fb78d03488bfbbbdc9dbdf36830950fb4029cce0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_FE7F1376F45429175076B763EBF8B3E6

MD5 3a43a2953ebdaebe4968599e020c348c
SHA1 28cc9f5ffe51aaf4ad673f49856e596bcc49f6ac
SHA256 96aaa28e3e40afff2c0704483e82ef079faa746fa35394ace0db432a193333f7
SHA512 029f7995825cb6810dc71434467db2cfca3f11c51edcbee3221e538d51c775b1c8d6440681f095e9071fc3b5cb74d327918ac6b13e673c4273e4624f56f191b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\datareporting\glean\db\data.safe.bin

MD5 398d8a830226fa2c34ade9b971f23d47
SHA1 eaebd0f2bf198f94962e4416bbe496971fc7fd66
SHA256 5324d15df1d0a04fc2fbdb95cc864e3725e959d06cc391744496fdfd1dcc65d7
SHA512 9ea3b3d7851a80b66be5bf586752749b4d95039f36fba43f6e3674eac55df6499df78f85960959d7366ae000a830121752778afbe6bfc9d75a9974d6911e8cf7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\datareporting\glean\pending_pings\a4a643c2-0ad6-4491-af1f-a390b4aaa617

MD5 1919ea1bfff8df5c9120957a83e25992
SHA1 7d1abc29bb38897bb853d22b57174092708a84b1
SHA256 a0c178fdd2d302bd4a045ef2694b081d7acc422ea09da644c972162a0d229cdf
SHA512 d9c0d31536e88a975255deef434e505fd69f2a2f411c3cec3780e68a76356ef69b6b1ac87c9a01e1d6cbf9435b31979c5db49b07f5d7b6280c9777d072d8b6dc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\datareporting\glean\pending_pings\15c2d20b-3ac9-4c23-9bcb-7aa199059b5a

MD5 62564adb144bef360bf2b79e75fea005
SHA1 c1a3f0482c2b78653be46f4d727846c0f4df7b54
SHA256 6addbc69f49eb84e42f47d78642a367932e9d3914b9b4ba2b2ecfede3e3f3852
SHA512 d6df60a3ce977e076df1e8ee82985dde1919faa56a759cb86809cb4abfb2faf08f5b07d6e91966ac8f3c60d6a6d025a83ac74b0ba53f925ceed8366d3eb44a18

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 b7fdfc050a74dfecbf4834ed5fd8392c
SHA1 3d124888d65f80484cc3e5d9b43ca05d94dc0bc6
SHA256 261d7591c1c63892412afafedb0fda9d3180595e256a59e6e1a96058fbaff88a
SHA512 dc685518ae0c203f4f101bdc8477efed869345bed5ad22730babde1ef587680a046bf052342e6691a3412a10a4ec5c17ddfd98224d771f09e8378b36a70f6598

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 8a9febce6956635e8e57417e8d6a57bc
SHA1 0b35fb18b713b949365946a0245949db1c2b9ec4
SHA256 2a421908a3d46f6086dc8c916d096dd7a3947cb72f854fdc67cf3b1fedfe4ce6
SHA512 5ad853fc2c384f946144e0517d479b6c805121e9cf8754d27180159d937774b9ce403fdf7343613df714c3b45cb782869381f1057f57efaa957baeaff36bd4aa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 d3133a7308a41049ed225c29442cabfb
SHA1 6a608b1b32bd258bd9e7786a35f231eb88487456
SHA256 3e4e85c4e6e880cb207e48106992ca6e0698d0035eb57f3bce8d0be7f67bc1ec
SHA512 69a8cfb28de86710590b227c42c662165a37140e90c5c2c6cdd0240f769325a0de49f5dc7f1d56a41815ecd23e3e414696e413cc50c8fa5e243b21a5ecb84d11

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\sessionstore-backups\recovery.jsonlz4

MD5 9c117d4a6936b6710fbbc679d0329270
SHA1 76dad2d91d1c9ed4907d44f52a46c908261debff
SHA256 285a532fa01802c8f96e7db663486825ae0959a21d5eddcb739d4e214e068c5a
SHA512 209fa801b826f0cce2a9cfd7d20b559bf7c9cfecf42fcb20a99517de40380bed3f133592d11e07eeede67c992ece1a09a303489651a5842a3c6c30d6c1f1613d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\prefs-1.js

MD5 635b2b6266c0cab078728f6b1bda363f
SHA1 9ba0f2f9ae624ac2f13ab05ec1a4ffc9b185bb0e
SHA256 42771d6cf119ce69647dd7eaed2f3755082f07dd441284cab34c31c20198df75
SHA512 3424d555807e02b51fe896a4681986fea2a556a18c8c476cbe9ce28e57a7c3b5e14b008fd6ff54df69ddc38f485bf5b93832376d0907caa5a02f126df33037d4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\storage\default\https+++www.youtube.com\cache\morgue\43\{0c1e6946-edf6-42d2-beff-b5946cae972b}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\storage\default\https+++www.youtube.com\idb\3036909256yCt7-%iCt7-%reebs2p9o.sqlite

MD5 3c75cbeb72786343219b8e5991fc7475
SHA1 42ed3ed714fc4c49ef829b1e601647f64c40f62f
SHA256 1b0d59dd9d63833239f98fc0a1ec62891e688ffd98ac1b58dca8953a83aad1b0
SHA512 48b3d02de5f12e8586c7a3fd09736e208a4ac4e327855e212e402275f71c3580b2cb36775487b6577403d8c9c7ff1d88a5036bc67e179aeb6f99b2d0bbd9c6c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf76f769.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\sessionstore-backups\recovery.jsonlz4

MD5 901a81bfac164b6e176cdcf158f895e3
SHA1 89b898f567553a98ac41565be39ad56535f1bb1e
SHA256 05e0ea54e61a85dc317ed680a781a281d6f34ae50c5faed4cf687f41cd69f1ac
SHA512 91f9425c2180bdff28adc1240a46871f624afb0167c7a23f43ff132ed7205f22ba0a759b229191a075ece4add30fb50076f8e05df0f1583923605e0b538ab578

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_FA6E4B522C9C404D38E1A6F1BB26EC85

MD5 7f6619062775fdf6aceb697678145229
SHA1 86c635f35388d03b9e3358789786341e75a6bb3a
SHA256 387ea4ad80c72c8c33fccbb310e0859942afbaeb32025234eab51c23af046c48
SHA512 4f964f5d441e3bc56df767400a9d7f8b06bedc144540f1ba0cfc80ecf99abe2158da449f108debc3c83af55a9ce088eeb83e366693a99906a74cd2141a8d6ba9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9560dcc99d099ccd800d8077f7e9ab05
SHA1 a4c21d9cefa3b8b17f08f297e5687ff29c4bf12b
SHA256 3781a545a8bcf06cca59f9f94c1205da803079afc5e1f7f01fd5c8f018092c85
SHA512 1cb0488b7ac5c8e46f111dc8a9fd05c1d4ccf427afb9ead0d8491f0a86cc7f50ff1e0fdb35bb387925614e838bb9392c4bc58e6d361e3b8c8375aedef8d730f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\prefs-1.js

MD5 a9eada698607d329cbfb91a10887d68c
SHA1 5cde15344ef0819b8048c7acc9d698bcbadb7a07
SHA256 aa8757fe40f02b54a4a49e55a422832725a999b261de6161d23c2717c7e7e60e
SHA512 53bcdfd4b85b79a7ffe28233acc144e0f77117d734c228c243b8e7f8d3636f334229e5d0dd038214ce5ec6c813c90efd36cc05a57fa68d8213f178a8eb2c0f66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 88d0825a4a383c02e083392d4efd4353
SHA1 fd0e937ac58c7ea1a19abaa20ec440712d137963
SHA256 c3c1ed670a09ca464cf63492275c6f6dc1895debd706c4bc340dbdec04b8e33f
SHA512 978cbf648f3d894851e8e8b7a7c51d257d2b993f4b79f80eb776c35f2032f9357dd3fde204c8f8ff05f3818d2a975cfcee2a9463dc8aad1608498950bc825457

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e15d1e8cb4041ea40423e7062a24214d
SHA1 061b5cde176ad492c299594fe5ce660aeef5e062
SHA256 492c449506f8e9bb433bc847de1c85cd93de39e38ac967c2c98b2671a00c21b2
SHA512 21faa476894364cce59b043e511a91c0f4c85c26a0f88b98c47c9f4af62d1d33f36aed6a4ae1df3c322f53192ae0b41a26193f70afacef33062e4e1c9e609afa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c59f78c85984c83f004b7d9c5f9b2497
SHA1 d8edb6999d68d1e539e4b3fb8a96b70488f6d768
SHA256 bc1b4c2647cdee56391936036dcf1ba3b2fc8656e0e35aec08ea46f3ec284a89
SHA512 3daed440685a3c7e2c32bd3c43016217246ee458c3dc4ef8949c9968bf9bde20ee004079dd6aea1c7cf98c28b70ed911050300a5bd266fc58fa867a56e6be6d5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a2ed01700224168f05a45f33fe0fd6b9
SHA1 0473e07fb003ea709906817588078c406e10c32a
SHA256 39ed6908ce0d1fd323a1993c7f4f718e82a9bfc34d8104fae0adae2653ee928b
SHA512 fa24f8d715d9094f9e58a572552d38a50ee2f580985ae551d6a2a4a62e72f18ec26f6cd256911bab014ca0c291f8a7d501e77f4b25c9e60e079e6de9f9ef7db4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 baaca8ca448abf84bdcaa16928bd1727
SHA1 b0d97a2398e1062183a12f0b58712d6302033ebf
SHA256 1ee5448d375b2f127afa95c73f57c4f0c0f3b9cd07ebf3b47a79081ea8506c34
SHA512 a62fbce4d89662f499b24c9d079970e8b6c0712f3bb57cf0786c7d1959e939a98c6c634572a0c83939c6ae82e9d5d9a2a4f366c9754c1fd3112cf5ac55a5ba57

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\prefs-1.js

MD5 ff65d11a46ae3ecfab0b72798e32da1a
SHA1 bfa7fc1e29cdd180b4696b4355be439f4ac37943
SHA256 43683986f259705810d3e0ea55daaff07f1485ed98940045f0134335ed27bea9
SHA512 f813a1fe7b9dbf7ba3abc0bda4673557a51f15651cf77493f7d60beba854d5f989b933e696c75ddabd8e8f08a2cf97f5ef061825a814b2d3fb3fd867e2e0e4ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b70ca45c9c95d4713545b708c7e99529
SHA1 adeb65b7aaf686346715065bf664e6ef998ccbe0
SHA256 6ea33a5f811b3d8d497418ec38312a5eff3982f85004532442022ba5aebf1f31
SHA512 a4f1dd17903750688157350ee08abfcc5c9c992646e023d023b8fc48de73500fe9d4ac39fa328f1393696b156c78094996ee841651caa219150ad32796ec2156

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 25088f819645b7f7ad3885c633e6a0b1
SHA1 3aab615a875e421c4d628f62e66513363d0fca75
SHA256 719dc679acad4c1a2842892b96ed5c5b9eb777b75177f20ad1fc9d9028daf2df
SHA512 e17e2149d0dadaed09b7141357f3f62c0d23860f0bfc2d6c6bef377062c895e62fd67bf4abcb1894aed5f8684f1cc6040a41960ac770caf2a859595c2bf69484

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f2a0ddbce697bd7a4196dabc1186381e
SHA1 0b33be9bf45cf029c8b52a150d80523942f3302d
SHA256 ff4b51b41310d615504f8666e2efa9be2cb46592555e6fa3e99a835260c8caf5
SHA512 ef4b59c393ae655728863c239a7c3bc2791477cf9caaf92c52bacc4f9f4770cd3ce9789d62704f07e369a55ea4e564cf8300c8de9bdf35c790fbe1212be70e75

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 135ae4dc563ac3c72c574649180c9863
SHA1 ea4f33caa667442db0488a5942591472c1feec64
SHA256 ff343b850e6ad47688480e04d09fd9fdf021e61ae830f08cfdc9612b9cc8c239
SHA512 9c952238b3aaf0c0a97d059153b7062db86ff9823200dafa8c9d7311f75f98aa9fcdfbc0062a811f6bc9b402639828afdef19b4232553e6bbd68285c4d7d49d4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 0e34a6c3307edaff6404d0664da41f00
SHA1 3756b2eb448a27c11a9afb98e3d09db1295cee3a
SHA256 ebe5667051c7f36881cc7cac4409e0bc4fe325a31b60207e56ff47a151421c1f
SHA512 cc6d1b09d726b5091617bbd5088fe3521127c0a28af2533bb4970ebe0ccafb82bc08841eac66485926f672c64ab6de3ce150073f924569880accb671087a0768

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 18cec07030e7f232e5ce3affa7ad57c5
SHA1 1c771a0681d9d5b95d4d41f34383a166b4de2ec1
SHA256 d973b5993b7b478a7ca8c4155b876f2fd3e641a7c48799ecbecfc3d20be165dd
SHA512 ba3cb0b4c9bd10a592391d2b22c5fa8aaf79ca880f910447d0a6612364fcaa486acd287feaa64e29465a037cc354f4db54c357e63ad01b0d6f731f2d6964f497

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 627ee00a2f1f91649b0b6be8f3d80826
SHA1 6b43020a4fc8329cfad590719ed4d6d6dad8f5b3
SHA256 e7c74ca65b0c13603e086df8345b02d43f979d280eda4650a1ad870802f7be20
SHA512 ea265c485d74b96903a7d04ce5449120e7bbc1d2693a104040920011819d3cb7d388b5c8f8c4bef2b056b80403469185428296cac2bbc1893caf344cb916f536

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0093771c2691dd8b264255df2426adb0
SHA1 6a041a4861616f9396b7e6863c994a24b2e90e29
SHA256 fb7da5f4907dfa1890e87a569c0f430354e708e2e872be92c77bc32c405364ef
SHA512 8312424857eb63be210c31c0a5af59cda4e034261fbd637ed58f2038e037904246ec850b5cf6075c3b5a77e1604d990c37fd8578eb6610cea110dd068a8ac334

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 71568188215597911aef43158cbad047
SHA1 038b96e025a7935ad77fc3f0f2ffea8fffdf4b52
SHA256 24f7aed41a06837fe0096e45ea228d6c6e4128188ba69d68cc8b9bcce52fd013
SHA512 3eb9be1fb5be52be9a56ef7f9d89bd9dcf98df7c81d33c828bcc1a1a04961c0b49e22903a464ff85a979934bc5d95cfce27b4a1de105daddc5824d48d7f5f456

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z2ud2i1e.default-release\sessionstore-backups\recovery.jsonlz4

MD5 108adcdb951ab481ab466450586ea092
SHA1 703b55bc2923fe5997ebced2041961b81998a83d
SHA256 58fdc479baab4cf471290090dd53528e4d08c76f195b08099829a3362da656aa
SHA512 49c400ae4075403b2edc2dcd210d1bf4c2fbefa2715b692f7086fcfcef5cf129afdcc4dbec5a6d37ba8c3792bc6923e08be70a55c736bf1219eaed2b5efc0662

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 61831f77076c666417ac3382dc28836d
SHA1 df59c75d522c320fe32ff82b4032cf619e6bb8b3
SHA256 0167fa6b75075581df52b054c77f0e60f93143fa26727e0e3ccdc32f0e4a2430
SHA512 d6ea371bc2ca082baf7c6a2e93983bbeb3fc6f54d3ad2299fb080192288bbffc76d2352564cad561e39e2b6a7329ec7d1d3beead7101b1a128d1c55e1c553536

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e5828f3e59242cc10ccaa2a154590df6
SHA1 f2b56ff587b8f7926a48a91cbca1aa801bf7af01
SHA256 269d8d380d7273eff9b9c452c2ae2e315e1e61ce41a7d153a217f094772bc778
SHA512 2c0c6a16ca2cd9b8092b6d5b4c26358097cb4507c9a4c23e10995463934061efbff1bfc068f1905ce7d93cc1e0e56acb6be3c4b1b5f64516006831c86cba4ee5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 54588e4a1b76070b48c5c8d24c77bdb1
SHA1 4496340003e78aa8949cbb8d9af9e1607e8c1a2c
SHA256 83b5cd2f9863fa5d1ce13da9299dd946e30ace80c8b4f56523d7c780ce464543
SHA512 2250c978e194e05c952ec26f787a8d9cb9ad90127802d3be659ee7bf5eea78ee39dc846d6971de6df031f244743432e9d53bbf6c5a3403f47a32939f48c27764

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\06af3418-846b-4aee-b8c7-36088f0c0d25.tmp

MD5 e4e47c7f5b0ba5e47898523c7b207f00
SHA1 28c970772036147b029eec6a8dd4bfd6fa40ae38
SHA256 28b5040ccf6fa39f7469669bbd28f9de6d0de5fd721dac931b5064dbcbbfe427
SHA512 8442ec9f4107a4069aaf9bbfe01ba629bbd146e24f628e5a4fb5c57f55342e7e0ddc0fe1608164068225ef936d59fba3281005076d867ce8ae660d4c822fe38a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a19fe05205732f0ca5393760841a4383
SHA1 d001369833ba9094d6d80333f7c4f35faa376456
SHA256 888895de8f0661d00418854d5240c016c4aa2527a54f96c85ee85944fa3e7c76
SHA512 bf29d8d0d57832e87d1ce6c3d3d384b2459236256b4352c2f5896b964e7225680c8e8b2b943ea2adc5619084f897a05279958093ecbd517225a690889629c4d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c6b2b13d02d25b39a850406382ed84b3
SHA1 72693415af2dadc709c262ed47eb0291a543b76c
SHA256 6e047821320d584a1108c4150b4a64f503564e2fa4705bb8522994da98798527
SHA512 2cfa4f16c1b8ec5e08c1f64fbba922b5afc0addf958c865c1038142551ed99db3d23a692ef95ce00949be3a2442dca76ecb5534d840d8510310f2ff3f41f3fd6

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-20 05:32

Reported

2024-02-20 05:35

Platform

win10v2004-20231222-en

Max time kernel

150s

Max time network

152s

Command Line

"C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1168293393-3419776239-306423207-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1168293393-3419776239-306423207-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1168293393-3419776239-306423207-1000\{0F2C0333-A97F-44B8-8318-D08A608C4A22} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1168293393-3419776239-306423207-1000\{CCC46DC0-21FD-419B-B2C1-CF899589BDCF} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 5700 wrote to memory of 2708 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 2708 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2708 wrote to memory of 1836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2708 wrote to memory of 1836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 1376 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 1376 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1376 wrote to memory of 2032 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1376 wrote to memory of 2032 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 2172 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 2172 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2172 wrote to memory of 2584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2172 wrote to memory of 2584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 4200 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 4200 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4200 wrote to memory of 5664 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4200 wrote to memory of 5664 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 4924 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 4924 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4924 wrote to memory of 2988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4924 wrote to memory of 2988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 5244 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 5244 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5244 wrote to memory of 4012 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5244 wrote to memory of 4012 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 5492 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 5492 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5492 wrote to memory of 5424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5492 wrote to memory of 5424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5700 wrote to memory of 5392 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5700 wrote to memory of 5392 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5700 wrote to memory of 2072 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5700 wrote to memory of 2072 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5392 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5392 wrote to memory of 2676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5700 wrote to memory of 3648 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5700 wrote to memory of 3648 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3648 wrote to memory of 3644 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3648 wrote to memory of 3644 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5700 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5700 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5588 wrote to memory of 468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5588 wrote to memory of 468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5588 wrote to memory of 468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5588 wrote to memory of 468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5588 wrote to memory of 468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5588 wrote to memory of 468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5588 wrote to memory of 468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5588 wrote to memory of 468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5588 wrote to memory of 468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5588 wrote to memory of 468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5588 wrote to memory of 468 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2708 wrote to memory of 5832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2708 wrote to memory of 5832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2708 wrote to memory of 5832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2708 wrote to memory of 5832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2708 wrote to memory of 5832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2708 wrote to memory of 5832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2708 wrote to memory of 5832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2708 wrote to memory of 5832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2708 wrote to memory of 5832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2708 wrote to memory of 5832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2708 wrote to memory of 5832 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe

"C:\Users\Admin\AppData\Local\Temp\3ed356b88af2907fcad812a2ca7fb093f31d6f14e5e54889215a60d913627f8a.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc456046f8,0x7ffc45604708,0x7ffc45604718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc456046f8,0x7ffc45604708,0x7ffc45604718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc456046f8,0x7ffc45604708,0x7ffc45604718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc456046f8,0x7ffc45604708,0x7ffc45604718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc456046f8,0x7ffc45604708,0x7ffc45604718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc456046f8,0x7ffc45604708,0x7ffc45604718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc456046f8,0x7ffc45604708,0x7ffc45604718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc36e69758,0x7ffc36e69768,0x7ffc36e69778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc36e69758,0x7ffc36e69768,0x7ffc36e69778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc36e69758,0x7ffc36e69768,0x7ffc36e69778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2728 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,7121567785630163076,14669576215886011015,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,7121567785630163076,14669576215886011015,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.0.1046463798\791987183" -parentBuildID 20221007134813 -prefsHandle 1868 -prefMapHandle 1852 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d19eaa7-d467-4451-80e3-6ece8a8bf421} 468 "\\.\pipe\gecko-crash-server-pipe.468" 1960 208bfed6558 gpu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,1011584159945825158,13938425422460451348,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,7625744466677984320,12445425325733901434,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,139633114722524739,5425154918668908368,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1444,14205370457742845128,8767515718255184234,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,2363786770742392453,6822270475345032814,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 /prefetch:3

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.1.1923466056\353561915" -parentBuildID 20221007134813 -prefsHandle 2404 -prefMapHandle 2400 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5554efd2-af48-4099-9390-10152d7525d4} 468 "\\.\pipe\gecko-crash-server-pipe.468" 2432 208bf63a758 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.2.1884396036\598849420" -childID 1 -isForBrowser -prefsHandle 2944 -prefMapHandle 1400 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1cfce907-335c-4d4d-8b11-14c6d921e115} 468 "\\.\pipe\gecko-crash-server-pipe.468" 1600 208bfe5c758 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1948 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2180 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3864 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3848 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1900 --field-trial-handle=1968,i,2737279477040677314,16431119891038179413,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1916 --field-trial-handle=1984,i,10253264463102457586,9711463692552177253,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1968,i,2737279477040677314,16431119891038179413,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1984,i,10253264463102457586,9711463692552177253,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4868 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5024 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.4.1042376651\1617153691" -childID 3 -isForBrowser -prefsHandle 3796 -prefMapHandle 3800 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {38fdd088-a56f-40ea-81f1-25942dafd89e} 468 "\\.\pipe\gecko-crash-server-pipe.468" 3788 208c2badb58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.5.1634005269\2069933512" -childID 4 -isForBrowser -prefsHandle 1740 -prefMapHandle 1684 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8700b109-4f16-4739-ac66-3117aef4ed5a} 468 "\\.\pipe\gecko-crash-server-pipe.468" 1736 208c38e2a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.3.1083537065\310468356" -childID 2 -isForBrowser -prefsHandle 3364 -prefMapHandle 2944 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {83e71595-3435-4bdf-b04c-adb53cdc992b} 468 "\\.\pipe\gecko-crash-server-pipe.468" 3268 208c2b70e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.6.1547065982\611448133" -childID 5 -isForBrowser -prefsHandle 4700 -prefMapHandle 4672 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {39b6d667-3ffd-4cb1-aa92-ab4e74c7904f} 468 "\\.\pipe\gecko-crash-server-pipe.468" 4712 208c4caf258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.7.1974451789\1701396614" -childID 6 -isForBrowser -prefsHandle 5560 -prefMapHandle 5564 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9df68c72-ad9c-4ed7-a29e-179b35ff1fab} 468 "\\.\pipe\gecko-crash-server-pipe.468" 5580 208c68f6958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.9.619277316\1849279232" -childID 8 -isForBrowser -prefsHandle 5328 -prefMapHandle 5416 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {016322b2-c0c5-4043-9d0b-1ee98175b319} 468 "\\.\pipe\gecko-crash-server-pipe.468" 5432 208c69d6e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.8.1917494174\2024437715" -childID 7 -isForBrowser -prefsHandle 5668 -prefMapHandle 5664 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {28f61935-e2de-4642-a071-36e1062b6f5c} 468 "\\.\pipe\gecko-crash-server-pipe.468" 5680 208c69d6b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.10.1601380775\179047000" -parentBuildID 20221007134813 -prefsHandle 6136 -prefMapHandle 6192 -prefsLen 26381 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c6d544d1-9f2e-4b8e-a5f4-cd8b7e4f6970} 468 "\\.\pipe\gecko-crash-server-pipe.468" 6176 208c63fa958 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.11.1802712525\958382605" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6340 -prefMapHandle 6324 -prefsLen 26381 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ceeb0320-39fa-4114-addd-d9e881987630} 468 "\\.\pipe\gecko-crash-server-pipe.468" 6352 208c36edc58 utility

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6964 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6952 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="468.12.2048386945\1120865169" -childID 9 -isForBrowser -prefsHandle 3136 -prefMapHandle 3356 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1052 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {63e27985-e388-461b-b687-a3b8375cab18} 468 "\\.\pipe\gecko-crash-server-pipe.468" 3188 208b3365c58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3372 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5904 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5916 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7392 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2180,4240224304368439271,6581730451810365154,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6388 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=212 --field-trial-handle=2012,i,12859308190659199518,4520261059490953685,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 194.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.linkedin.com udp
GB 216.58.201.110:443 www.youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 13.107.42.14:443 www.linkedin.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 22.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
GB 172.217.169.54:443 i.ytimg.com tcp
US 8.8.8.8:53 54.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
GB 172.217.169.54:443 i.ytimg.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
GB 216.58.201.110:443 youtube-ui.l.google.com udp
US 44.227.167.82:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
GB 172.217.169.54:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 82.167.227.44.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 static.licdn.com udp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
FR 152.199.21.118:443 static.licdn.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
GB 157.240.221.35:443 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 rr5---sn-q4flrnlz.googlevideo.com udp
US 74.125.3.138:443 rr5---sn-q4flrnlz.googlevideo.com tcp
US 74.125.3.138:443 rr5---sn-q4flrnlz.googlevideo.com tcp
US 8.8.8.8:53 rr5.sn-q4flrnlz.googlevideo.com udp
US 8.8.8.8:53 rr5.sn-q4flrnlz.googlevideo.com udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 rr5---sn-q4flrnlz.googlevideo.com udp
US 74.125.3.138:443 rr5---sn-q4flrnlz.googlevideo.com tcp
US 74.125.3.138:443 rr5---sn-q4flrnlz.googlevideo.com tcp
US 74.125.3.138:443 rr5---sn-q4flrnlz.googlevideo.com tcp
US 74.125.3.138:443 rr5---sn-q4flrnlz.googlevideo.com tcp
US 8.8.8.8:53 138.3.125.74.in-addr.arpa udp
N/A 127.0.0.1:60095 tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 172.217.16.238:443 www3.l.google.com tcp
US 8.8.8.8:53 rr4---sn-ntq7yney.googlevideo.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
GB 142.250.178.4:443 www.google.com tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
US 8.8.8.8:53 169.109.125.74.in-addr.arpa udp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
N/A 127.0.0.1:54887 tcp
AU 74.125.109.169:443 rr4---sn-ntq7yney.googlevideo.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
US 152.199.22.144:443 platform.linkedin.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 144.22.199.152.in-addr.arpa udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.243:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 243.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 11.214.240.157.in-addr.arpa udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 102.11.125.74.in-addr.arpa udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 rr5---sn-5hneknee.googlevideo.com udp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com tcp
US 8.8.8.8:53 74.8.125.74.in-addr.arpa udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 18.134.221.88.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
GB 216.58.201.110:443 youtube-ui.l.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 216.58.201.110:443 youtube-ui.l.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 16.173.189.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 12f5ea17522d20f57cfc7ed287507d1c
SHA1 683a34647d67a7f0db4b48c8e5ab2bd96b1ae58b
SHA256 25fe9a74a26f05364d78e4fef7962b5509f562c825da977bf6ee46a31e2392cb
SHA512 6ba3e8a3b7eb2fbd8edf13571a7a430b334dc86527eb4368ba3b8c2e7bcd24073cca99677ddffa633643046536bf7c7516076a9018f7b3c7c63a9f2a26de67c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 3e71d66ce903fcba6050e4b99b624fa7
SHA1 139d274762405b422eab698da8cc85f405922de5
SHA256 53b34e24e3fbb6a7f473192fc4dec2ae668974494f5636f0359b6ca27d7c65e3
SHA512 17e2f1400000dd6c54c8dc067b31bcb0a3111e44a9d2c5c779f484a51ada92d88f5b6e6847270faae8ff881117b7ceaaf8dfe9df427cbb8d9449ceacd0480388

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 bb2cdf82802bf69b297c9fae3fa48e85
SHA1 f26dbf7984929197238377b2b3e37f974447448d
SHA256 29998264d3f24068d6705e32cb6306f042797a0025aaebda57b3c581a49be0c7
SHA512 00535865805747cb5fe10f4f67872b52e94fd0ce51937f94a7662254027919b13df4af538557116cd4a8002afbeb295c601a79d5e64c8d2d2de9cf377eba1db7

\??\pipe\LOCAL\crashpad_2708_FEAGFTGMSVJMYCSK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7ed526cdfef01d1ab52109a517528188
SHA1 89fa401c608f2956763a906f0ce481314a60c8e9
SHA256 d6a94fcd54abbd1046faca9356d9f27f703df1aaf6c8e5f9afbddafb9217c595
SHA512 def3cc524f53258e616a2189bc9d4be68db3c832a4bcc0b0f8607e33aafc297dbdc282382662510c6b78773fb4f3810302a46214b3756e61985f70601b365945

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e13d3f9a42ab3229f3fbf90cb0cc5be5
SHA1 2b1c0fe2f04907b05cd92135dd292e5ee3880ffc
SHA256 112802beb3f056b491856466391aa762e8f667c3680767db7a6d8917e275d09b
SHA512 0e3dd182f07dceccc9e19893200ad8b7e348d114e6fdaf0fc0e451d73342094948febb139eb2d1a2feb3a8ee34e5ae9bcd9bc338a2fde25c0f54f5d5c7f529b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 79d702e376439a18b0386e6db3476737
SHA1 463344e1a8bd78006a1e3a0f995a84ef9c52784e
SHA256 b6bccae9cde6e5e223ba1ecb6228f1b51ae29d0a47f090f522dbb3a753ce6b89
SHA512 dc8f57e78e4c8c103a16d92816f8cb7eb16b84b3799cead04432e089951248000ec44c3762095318f0e04a98f7a15ae1acb4c51698c51aa7bded6eaf373d4ff3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f8f74806a7cd056913be826b2696b99a
SHA1 2fcddae06cb71d3a60ab86bf4205c8dc8cc64298
SHA256 8bba06f428da57d7f2b2b13a062cdb7ee6ca4eed6bc8d15d73a598564dac6945
SHA512 a4f07f297a32ee0ece66a78d447800db7b4a9cdeab56e8d976bb64d7ebb329cb5b28a9d3cefd9ae9f34849d402efb8c967eff2037055bbe2df8f43d3466e99e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 736b030cf1b42ea52f36105a3782e328
SHA1 8cb04a0e944b3e600d77f9e720c9828b32804bd2
SHA256 34430c3d1861aa66b53e70a9e67068ba11f53808aeba7d8fc16628434026e7a5
SHA512 d7699ef154f4135a9d533049d041401af5d9f45be094c4227170393c808caff45154f382784b0963c0bf5005378c70747d652cfe02446762baee6e3fe5bbdfcc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 24ebbb4d7de574888766aa46956a9ca1
SHA1 1a71252f8ec75300d626b193afcb6f5edac1e963
SHA256 06b7ad09cc9b5262507d6eaa8ad9b8829a9785341c0a56ea40177c16abc74727
SHA512 a58edb9218a3524713a6fdb2ac957aa20e446d01e6a2616268e95734b37d0bb254b4007362644cafae9fca6a9e5ddb0862ef691c6bf9770a5231310cc23f6621

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 64b9bd884e6e1072f60cfb4e8a396b77
SHA1 ec06273ef8f7cd900a24c083226de51a1e198da7
SHA256 b18b2758b70aeac0ac6120ecc94ff8027d05fe83b8865c794d6d18d2eafd0a15
SHA512 873414f5eeec9a6394f1086ab52ecd91b068b876c1d965b870194b72b095298532a1ff72c47bb5183201743a3d89545cc0e9cde23bb88045b67d22196174c06a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c0086bbe39ef4035ed660a40aedc6700
SHA1 1517949ee04afe8bf3d7c576e05eefe2b1dc36ca
SHA256 5f7419cda482c5f709d5d2ef90d1f32670f8e9f0b658d5ed19237c20ca9633be
SHA512 07c733444fbf03905eaed9f8b1fd914ccbd10f1dc6b5c6276641ddac05bc256ed75f5c342969fdd29d390189b79c5ab8d295b4c10d0aa2cdda48e50d1fae49ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 8549c255650427d618ef18b14dfd2b56
SHA1 8272585186777b344db3960df62b00f570d247f6
SHA256 40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13
SHA512 e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\0b0efba4-2dfd-4047-846e-91efb3eb304d.tmp

MD5 42091fbca08420d1c63fbe92964f0b7d
SHA1 410e3cf400d6eb2cb3a1d73b6ce8a45047c66fc3
SHA256 5e3e28dba8941af7ea0dd59cb7d84a1723ed03ab6ace24bdce47dbe7c75fe7a2
SHA512 93b1812c62c9337af1c73d658cff8279ff325a8b1f8af95ac144c5ed99421fd62d38c51012af4b1e916d3d429221ea7e6a8775a75f2b873f1ab36bea376e0d3f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\datareporting\glean\pending_pings\58639342-5109-499a-a692-abca15b0518d

MD5 67e849913c9f5c6d4af06777f63ba5e1
SHA1 3271d8db812fdcb0b5b8413437068cef76ba4259
SHA256 8576f052b1f3694716bd0c0d036e025cf74d28106637678a3ef87082c42b1f3b
SHA512 320c2435bd5be2f556369d5601a7e27e824314a3e50841e204b9b4ff9b541b5912c29d8411c90901c7557321b25d59843b129b44275f4d1d2eeb4c14219fd880

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\datareporting\glean\pending_pings\29804b24-29fb-48c6-a5f2-847190b181f9

MD5 c282b685a775b35f187978da82f8c35a
SHA1 fc33a6927f5e52bc50fb381bb7d5c10e7b6e7280
SHA256 01185e876028443ed455bd12aaa0f6b20d5c4a63128c614f8385f11efab5b87c
SHA512 a69b7430fc40a529b54c681d95323746e7c4b28a6a7dba66d4321a2d430db603f02a615d143da80762861ebdf49a5d5cf1201e0cc733fb0d7f4b2168cf8be617

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\datareporting\glean\db\data.safe.bin

MD5 73c26d38ecd5b3c94ddd7fe2a293aab8
SHA1 4d229eec2881fe4b0dbe058d02f31018e3d3c527
SHA256 75027f9223a2c77a56c86c4e996d695c2a175b700e21680f2959458680ba2439
SHA512 e300de8a25a58315c07846f72c8cf12fcecfc5322631c3a7af55ffd871c1c6fa93e513d754476d9285321983d2754a658915086ba37fbf28b2fb6fac007984f6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 12073af823007ae20c7b3a14b70da94e
SHA1 6f38b90eb5ecd0ce2f3ecdbe9f18d7412e5298ce
SHA256 d00f5c773ce637e3514f0c74ef1d1ff11a371cc5be323fbef17acd3835e3c6e6
SHA512 91df4bf86a99a79e9e60f2db6a1107af73fafa273c9910adca1e804f63ee81970f5683b460e85c56fbab8230cd8d44e55c294b2cdd17f5ec61a31e900c3b9c38

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs.js

MD5 6f22812410d3e5c77704f09c92772c6a
SHA1 926ccaaacf0f50b5c9b8e2a5a30ad9998f5c9978
SHA256 52ab5594288188c77d56ce097322fbfdf23ee0b4807ef994d52d9f644eef8a8e
SHA512 d4a6ade6218cfebb957aab883190aebc54c151bd8a999f673e40686429b9361c931679700deb9c3d3438cda1302fa7a854938a1c85fd18ce224b397c861cd0b5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 d223b4a4bbef4d4dd7dc2dcdd9390b66
SHA1 2c9315916ad44e174a0ca9c6a55d6cc917c17758
SHA256 f859959847d595ed508b4f38dc03944f8411a7acaf384b21faf9f1a80eea76a7
SHA512 f92bb05525f5a0d7085fbfde1a3661f05f776cfd4cb618c8cb7d1b9fbaba5672abd482ec9700b962a8bbcc58328420a6f059420609b7cfeccc305cf6401055dd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs-1.js

MD5 cd3336b9049f222327354392909be175
SHA1 b09ca6e103f3c0822def2afd100bebc6a674038a
SHA256 4e9447a9a2a239e7023891c02693b671218d0bd7dc7b7906d5eea96981d6d11b
SHA512 a65a491d14bf35a495dd6e80a3cfdf28ed25faedf0b09322eab4fb854cb981b6fa22a63b44769c49be1ca641121254646f651d0ad7f8b55892c999d13fa00f96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e0a0925f8c44634f65d1a5ba8da296ec
SHA1 aa5aa374981ea5c47289878d0097897be2b98533
SHA256 84e9374dd459d5bac4b1e922f24cc93c0acdf2e898ca8cbc3e0dfd26399b576e
SHA512 74b89ef00471011b1ec41aa79a5b0fc94397d18990a6f9d84f9e9e3603237682cb9467b3734f909c4864396b7773e04c0678aa9b09c69b990c5bdfded0e00a85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5df29569ca30495f7002f66a50f67830
SHA1 efd9bec8fcb0db1e432ef89273bcff423ad48872
SHA256 f54e9e157eafb1f79540631e73472d438438976bbecc397ecc6ecc1f510ec619
SHA512 78a105390683e8051baf572ec5238ac03cd869ab329a5897816cc9fcbd9ff449aef1310de9cfb1f91bcf59c1f8f78c8f3d7cfeec50b2daf72dd1e78c1c25dfed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 7a204d478c8dfe822bf86f9103bbd9b3
SHA1 7114b36ea1588d9372d730b2ee5dec7a3aee36d1
SHA256 d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb
SHA512 f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 d7aa243170256be86fe498513f8f0dd1
SHA1 e7252fd4a3ec7b2bf79fb5463c01d8bd3395aac4
SHA256 b35aa1868bebc2d90e4c837df9227d1f5cbd518b890adb2a6aea8a609a0afcdc
SHA512 6a139b404e5438b3fb2b267439fb145ccbf98bb2fe07acb0703003291817d44a4c95556543940569641ba9c04b791b17e31044908f2c14218f20e77c9750ddb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 57212193eec978d4c68e9055f7b16fa3
SHA1 4327790a0950cd69a72a6445b8908f490fc407b7
SHA256 70ed73231b6f5fcc3ed60301aa1dd519058a76a0e23affc2593b208de9cb68fa
SHA512 b27f280d92c0f3dd545f8e9cf86379de2fc112a7398ebb051c376055057dbfb1bf691d64984d8724737a291447a57bd9b4c269438902353ea08293e4ca7beb64

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 2b9776807df1c30ef66c45ef60237487
SHA1 17e925fab39688d0d907687da86f566e283ee63b
SHA256 58a7c2031d7dbf5bda9614b64123996aa3bfcb5a783f901145baf087066c04a8
SHA512 e67162fb491ca513627e9fcb69a5db19a15129856ea3d01c2f0b5add061811bc5a0d4b6d8e53e4d7fe155b3bdf4a786cff697df5165368616589b411f8fafcf7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5504f36fe8cf50fbb2b5e6833914e5c2
SHA1 6c61b4e77d3ffa32d884f08785bf57a9b49412ac
SHA256 937c5df9b303b6126b12f44889294a00259fa1ebb45beb2ba1fc67271d24d932
SHA512 3eb3a37a858ee476c5b826a8319e78a0e6946cbe92adb4ad138a3af4d840624d9a568d26aca7b7ca19149e4e82910e1e2010cd740c65bd8b2cb358d5506a8870

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 1b1b142e24215f033793d1311e24f6e6
SHA1 74e23cffbf03f3f0c430e6f4481e740c55a48587
SHA256 3dca3ec65d1f4109c6b66a1a47b2477afaf8d15306a523f297283da0eccbe8b1
SHA512 a569385710e3a0dc0d6366476c457927a847a2b2298c839e423c485f7dcce2468a58d20133f6dc81913056fb579957e67f63cf1e20b910d61816210447cd1f1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 95c52168d15f005e579650baf6e47345
SHA1 055b1fe216b83e86ae02f8a0ee30e122222594e3
SHA256 550c5280e32b8270ff417d49ff09581b98c8449a0830a569b4cd9e9a2c35a0c3
SHA512 eeb2b543ca3ea0e07b3ca523a88715caee4f14586ab74d86676f90327a79c53d530afe1564c56c800242453d7e6b46e83c3fdca3f97af8b401022e908a3fa122

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 b3b3a2a25257cac2926de3c7ca377d77
SHA1 722c60c46ae895110fb1c8beb92cb2add490758e
SHA256 377c00695a5d2fc56c554f6823521be5d44a0e969c0d5ae2fc854fff7b831654
SHA512 43cfadedf3e2e13fdd0cb608263abb38d0809d0d1548755ab97047b75ae70921e5c47a9ba8618c9282350ddb201c94850e88516ad41bbb56c190fb30d0520eb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 cefdf1fb62f07b1e61528f7a568d3c3e
SHA1 df6642e18d248f166c1585da97a1b73c6ecbf8de
SHA256 53417559b15f2bb6aec05b745069e30cbdabcf3cdc784b641add6b1f1b5a57aa
SHA512 66c7ff2399a725bd9d3084d0dbee998b85e9d09f16c9fade7bcf8462e7701d849cd61b9574a2b65c0d54a32d4701b407394182870c5a7f58ab5b4332b67cac08

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 e4871a2a01805f6a4e4b5b302fb51c79
SHA1 5ba1b6c82c8861baae0d2ad4e969db97b05398fc
SHA256 8fe4ca7286a0bca3d62f59e060e6de37466a99e4e2eb293a533d5e470470fe2f
SHA512 007882924601b014e95d9d5cf3a804c231d0b192dc1b714adba25e393e6c7c1adaf068a99ba4848f8a1308f2c9ce4f3b947fab576437d5f8f59f22067f803eb6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a2082788343d3a3bb04245fb8289ee5e
SHA1 f4c501dcad49209fde62a5f5db9a28b3f8a80536
SHA256 06c0c9bda9b6302e8b57485336378b0e63679c7f07050759f4c9ae95ab953d00
SHA512 56fd24fe07ffff8dabb0eb9747e8808b2db9ff2832713e9e246b91dd87f2201c20c04c6d30213a14f80e736f632bc6089047b675b6daa9d8b5cc17eee24df754

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 dc3b8c50e8c0eb3efdb4f61a11b07f95
SHA1 d0ff754f54871d9d06fda35d7ed84a396473cbe2
SHA256 fa158e2b238e5515c36f41e294701218c9b1c9908aba7382469b4a82820c9b35
SHA512 50c7bf882fe3e7e42078ca3c2b720ce87d450fcd4263f984e47a126d914cdb314ee6f1920ca22e196e9487df4d8a863a66c4590565b9d7f8ff7aba25e40c1b2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 e7509c0974f418f9abc9cfbe6680c85e
SHA1 1b05ca39e4e5007eb16292ac9153dd09e6e8b491
SHA256 5dfeecb28f2faf93c24e4755b3bdd2d1d32bac448f7ec94ea3eab9e934a425f4
SHA512 f16b7a2ef1e574328a918c42a6291ba3bb8fb146104de2f10471228d122ca27cec21e06fe3ed74192f6b72f01895c6c527f2706a9aa6c582b8d270f4a58d7d42

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\207\{5062edb7-ea03-414c-ad0f-c90c634370cf}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\idb\2814287215yCt7-%iCt7-%r0ebsbpeo.sqlite

MD5 77f32027c5a3e1b823955a8f4758838a
SHA1 2e50f147a593dd80e5a25c1b8f489729b3e18989
SHA256 59125248bc3dedf8a38eb6c25fd4b29b4a768879ac437909ebfcbb582946031f
SHA512 c4b1caca368bd63f6a873dfc8bfda8c6c539ce777d6a73faa909b7b93e9b71049e9c3770eb0323cea3ac55c88dde354516a932e8589daea14f279c57d770c6e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 e0b09f1582f65ff1189128b212390f8e
SHA1 15ae324402650c441b28d6325a8e51efed120c2d
SHA256 27a997bbd058a63981f18ee6927b80c20a0eaab7fe08eb0a3a4f27c5f3478548
SHA512 c5b8e4022451f3c1fd19c68a5fa0de31d007f99f249c7a6b735a261b670b2669200f08771dd21b023a7de460bda47fe3b5ca94fb235be66bf28ee87621000f75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 4793273b2e80fdd1f3aaf7f7ed2b5c83
SHA1 b3df14bc039eacc2e822b34fb8c1ce1b9d716c42
SHA256 4d1ef3d88ff4e2cb17e8152b0bbd89ce468a6c62459ae0e2a1ece7a8a3fa2e1a
SHA512 53cd50b0dace350dcae8df6d774f2e153b96bf50ec457f598f833e153807504ce44c83deacfae4a6f98e21ef1e0f4be8ee8d46fd41f73e71178308b3febd16a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 00e4719e921c916759eaaeb965fb9b6e
SHA1 f0e7c979c0a1e85ac78d9dd231502fb425b18cd0
SHA256 5026526565cff03c7fac8772152e339d2161d8b473c2be9f2bd85937a47aa6d8
SHA512 b67fdeaad9acbe718c8713b6c4ce3dc7c4d76726f94febc6539d245e47b8893c744c338d6c2b18c5cad99e9d0141d1ce514e53d67dbc8d1d825e5eb08c5a5781

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 769287d0597f2baa517207a337bf038f
SHA1 3db7e68e2009f19907d2287caebf99eec0b8287b
SHA256 5e930a1c171d4599bb6daaf71ac52b2b50eb0f15e1ac08c0ba651fb27dd06b0d
SHA512 f504f98bc5550d19e1fb186fe35c0c9d67411259ea37e87404d503af6c04b3a6724959499f2be17ef753fed53bf892f0c27f6dc11ded18a7d22eb6e3c28d7d3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3648_1840581291\Icons Monochrome\16.png

MD5 a4fd4f5953721f7f3a5b4bfd58922efe
SHA1 f3abed41d764efbd26bacf84c42bd8098a14c5cb
SHA256 c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3
SHA512 7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3648_6041088\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3648_6041088\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 468f56c49e928f7324bb12c425b1028f
SHA1 e62a69dce5978ebc31f113e66c8a298cd812192e
SHA256 281f7992219e8282dcc55a27a46c7b7391381f3b17e23bfd859804051ba46228
SHA512 ae9a65b88d3c9868245d161547f4759b58c16935a50c3e0b4c17d966b302ef7253c66539b14c6897f2eaf53da75848ded6c7c4086cb48f2a2d6b9eddab45209b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 25e5c0e70c2ac4a34381ce5ecb215934
SHA1 8e28339339cb2e53d7d2bfdd39c70f3fbd4752ce
SHA256 6c78fe8f2a244849718e1d0b81f633fbe16061dfa17ea898d62de4e961407791
SHA512 ab926e2bade606771142117e4ae18ee612f2f56c1cf3e97be6f652278298cd72e7b294f76ef06f51c1b337701f6cd6aaa03e5ab2b2637c9effd7c3437c2e8c63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe579b27.TMP

MD5 9944983780b0fc45b940f0b3bd4f5ca0
SHA1 3f24d71f7fa47d18716c0d1e6110a3e711f6d789
SHA256 6c84a8fd6a684eae6389120ab6a9b2f54fdf3c53b5d6bd37363135dcc3ad40e2
SHA512 632ce440a7429b314ac95406fe004ae39d2417711b4b43afeb2be1f6d8e31d63d18d05c1cc99ae39f027899aa4e5acbbf0dae0f65deccf274c2214028bfc6b7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c1a07f8b88e150cf2106e9964f238757
SHA1 738d004dda461046bd381c63259dc69599f3d256
SHA256 b87111dd284ac5e00db5b791030958edd6f7bf5c4c86116982041b570985f99e
SHA512 8c9987ce62052ba225c986a840573ecfd86a6f0363693f9331524f5d8c02b3782032b5ac22189fb561849e5dcf307fc75fe2fccae390514e920e51a625e9ca9d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\176\{2c2d4429-6f3c-4565-ae31-2ce644b953b0}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\249\{22af9173-1b2f-4480-813e-7a96c02b37f9}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\57\{cbf6d08b-b328-4228-a9a2-919dc9740039}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b3c6296be6fdcca0f7ad4a05ac7d6277
SHA1 747cce3d57756aaa4925a0cb2898c13d5cb0397c
SHA256 9022390ca8a8042d879859946f9c8b68a438f980eb98bb9652db6ea49af7bc85
SHA512 d3f34103e99dccda75ff752f34690eb61a43cef1310b6bbcfffdeb832bca71bcc1049f7bcdc05911cf78b9b231d11346260e1987caed17b38ed8ec1e82ad507c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 410be8753da88391ce362a9b37bc898c
SHA1 76c76cdea232c0b3079d0b560c07b5f142462ad3
SHA256 05a653856ce1138a3e34cd3acc08322d24fbfcbb2521bb17df1bea11e2f87ea3
SHA512 85d3561a26abb140c7660258a6863b0610ec1a82448913e9f8526e61d3ba81ed44f6e2acec41575d09d1452cb48403781beebacf39d1b2d6692d2eb7a3f7437e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 426d8e217829ed1343ae4a592b79f6c5
SHA1 e444f83ed8524ce6862cb85e6a587215a2a8415e
SHA256 0ad7610390db0e850386726817f3755424106fa3eeb3a4a9addf7b0ae101d98e
SHA512 d9b5820223b2386a3deb57d46d7087591a39d14c8c179bc7f402c65b2f54254e006d4184172412823efa0ebd20e64a81515aefff39d65db307698cbbab8b2d93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 01bd3600a7d8d85ec2c77dad7213827d
SHA1 ef0a110ee5b3de3328f08cbdb2da2ff0b76562cf
SHA256 ba53c3b7724dbc5dace0169208112cfa86e0dc005755042a76565cd51e92064c
SHA512 b798d116c7815e4728bfc91c1de7e5bfee3b67290a0bd69885a2b80a81245151694483d4721d0800a58b0ac9558af105c6ef6a9649ac1035ffc58d2a5c0c6f53

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 e3885e3796e0f3406885ab02b68a767c
SHA1 01752cabafb171777247d3d05e92d901bc45fbf3
SHA256 0608f7085009310e179e93854a2a7c79a4f5e1b5e3cdd0cf2a88e625a0d59508
SHA512 57452bc56fc0aa15e549a890ef11497a4bba38fd038e31440c85d15af22d0d8d6ace5d4ab309b768bcde0e8d2fa18179fffb0cb096424e4bf02d3455315558be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7be283bf91414c9369f7a531588828e1
SHA1 ecbb7d9ae4608048b4bb4bc41056d14acd818904
SHA256 b421b99fa630bff3da24e451996b2387c097dabcf82fa3ca3d57494de4c88b1f
SHA512 0df21fa184c3c16e9359eb3e2ea59070e962622d177b0531020ce8d4c98594c9cd8c74d8f5c7e62bb05ba83e6eff870ec813ab692d968f32c08456a826a8b486

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a7b9.TMP

MD5 7ae8b08a1040684e982d1dbe17b81f23
SHA1 7aa70e4be0c24d6e597372ebc40cbf9f56da1d3e
SHA256 002a862d33dff405073e469998c2c6df0ff3febb1b5e6ab19135b8631e1799a8
SHA512 8e71e101c08aca977a28635acd29d0d832c49bbe46e6062186769558f21692446c89f64adc815e134cd0afdd8804b74deebf44f8047a330cb1229ebcf2c8313f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 843bfbebfbe8c71b3d7be3c192139568
SHA1 372b6f66dd112bb685a037d25938399e3fbe9c20
SHA256 7d52135f0fa1930631e1be9bc8637c7cf9222f61b7fc140392806662c8556b9f
SHA512 7ced3005fcf7c3ddb6efa85572f97dba530a523962eee7e6d8ad3d2ebe38c50ad8d1b612e37686a0ff77cde3d932e40c6e6370b984d7cf0d47732d6fa885b5af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d28da4d12ea5accf2444bc39e8410569
SHA1 b56d50d108d688d9bdf55973a9b37c30f3bfcd90
SHA256 d06423743880896260fb5648404748a114d3c45d62a40e7881c9dfad18e51e38
SHA512 62fbd45c2bafb043cb45aaf4a92dd636b3214e1af28855f81072cbe57e30881a2fbb5bfe93b1010dd1a7e1dfa59f5c0d5eaefda524e816edd9d50a3afa36ef93

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs-1.js

MD5 8eedb93fedc9ee99d6c34df0efc50048
SHA1 98d1323d6af89b211716d7f2db1c3b5a00145b1c
SHA256 91442303cc5b864cf4d11a504fc1b43290f1afc2d69e15a63146d260a2ed98e8
SHA512 8b9a66ff29e79f1d6491d833765e507b9bb7dac89f9189ddc4138ddf06616f6213bf9be3c3cd8aa2172787bb84449b16533d7662f7e437cfe44223602154c1f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 f86c4e5144b32acfdd0bde90b797fd6d
SHA1 7bd9d7e278ec81f55b17dc263e9fdc19507b4752
SHA256 e01941109edaab29b03c3596f49984a1ccfa53cae34b22153fa608f7fca88b10
SHA512 04018c0ede3de630e2e14bc0d780612cd4820ea7e36f54a9a5fcb12bdc983e615711c37b1bdce58c4d918d2717ca36fda4a5cb5dbb60f9cbc967d0348a4ddd8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 d7abe4c5197cac40a4bfe5c9910595cb
SHA1 7d60055c5f57c570ff1fca995f16eebad77ee0ce
SHA256 542b2a954c80da314e377b10bb1b8e23068ba6502da694879211793068443a47
SHA512 2bebcfc7a551e59869f087c509ca9157add3a085d1ebe74654460837c5d72ce84b2da0276d2a961c69d6cf9620575353156125f03e6fbd274ed7c50fae477515

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 1ccfec0095eafbfadaed6121bba85a50
SHA1 42138a9ad0f9100933ae9771a0570b388886130f
SHA256 233c7744c658121611b9a44ee51a360c515567f912caa14a0c23d330ca1156d4
SHA512 e707689cf462b6f89cb6d91acdf69ad1de4e15698688cc2697affb9a2ba1b1f45d12835d9fd76203f4d17265b10b4e3ee490e9f86514ce648978115a035afc27

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 76bb8d860d0ac11761eb5d75364fa8f1
SHA1 065df0eaddb533634ab206a580fa3a7ba940a3b9
SHA256 e64e6baf0d70d47e65a8db0717617fd03e17610b0b51739a62973c8b160f5700
SHA512 601e3cb9bc83ad80c3929af2b1a8e31b78516b77a1b37593942e24430079a24f9462f978b1fafa741ecbe387c9f4e7ff6b9de57a9db4e2b4ed1a3458e0e1e1f7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 51d54dcb62e6e9487528d9c7610d14be
SHA1 d0ad303b6414a2228e3bb2a8048168eb74f419b0
SHA256 6753b05c9d870f53966bc582c824934d087f74cfd73318581d056547e0dce8d8
SHA512 1883d4d7135107d89bd414fd8a0a796d88748e5a1936cda1216570867c43d026ed84005eae1577dd37713deb240d77bda160e89012ba49dea7c772139eacb71a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 4c9ce58c6e78077a982c856e804b2a69
SHA1 0b6276138d8b46da13fb4ce1bef9be08ba53ead0
SHA256 eb7bfaa6aa6eac961b616e59d00a6861de8984c791f2de6ffbc75940fef8261a
SHA512 ddd14ceaefda93679e821f12b89d32338bf3627a7335bc8a52abeb69861c3bc2959a2167db861506a3dffe0a94d9c152635d45e6dd4ac5838bd1eb2baa213967

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 593ab71e2c05de4ec509aa02809cc3c7
SHA1 597738aa1145bffc1d586e3827063ecc09ca7946
SHA256 78c0701b881992b9242d8171892dae896087dd789627c3f21460c151c59f631b
SHA512 3618957e49525461af1a3fbd2d5f855b7743dbf4e5f632d7ee6d61abf58975e5583eb02bcf0b6d9d2263b7e3c0ec43945346bd9a6417e028be4ec53b2ba81368

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 1bf4a498496024847ae131bd1360b6d3
SHA1 b150821ac58eb006e1bdc4b67e7f1a78629ed8a0
SHA256 9e846f1b2e3f534358636961e12310b66b1a208525ebad25dad0a92396a94ebd
SHA512 2056e87073e85cf43caaccefa817731d6650076ddbec66b945a8c78749b2013fa3d12e43025bd9c276ba2e866e5aac0eba6d40e4b2e535493b56990fd6bd2765

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 a4decd55932478547b2315abdd2c5450
SHA1 17b19a24eda0f1d5bafceceb1f008a106c2aaf45
SHA256 c805c0468318e86a77e90e65ced9dd15e84c006b2a74d7385ec4c79a885ec245
SHA512 e8a7f96b66a991dc08eb679b1043dbb16dfbcdf806e7756d64b6c0c8907b42745838d2713fb64d2bd5ef6c0283262ea28524f84edecf991241b0b9d6035f0c6f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\169\{2a01d8aa-4db5-4afc-ae48-9f25f36fd6a9}.final

MD5 2300eafff09d478fbf68f49fdafbff49
SHA1 12f127da15a69beece4f71f600975e0503c77ce1
SHA256 f8c94c9f9dd4455eb89053d024bfd28afa482a9c697732ce5acb2df3144e885f
SHA512 93d447b0a87e4c25dbca71a80a198693b12c684c0a96b370693d693899230460bbd8c85c137dcc0b4872bd2d85fd0d10bfe3f4137c1b08f01da3a9bbfa481447

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 928f110abb83cb11e2bcfdbbc822060b
SHA1 362a98a0cf267b619a12aeae3b8aefacafbd2555
SHA256 0bff993cf587fe3e587c95abe83946ab0688a4268700162a53474f163d78e8f8
SHA512 03459df0b3b1884f350ed50853042376775ba9786656eed0abe0f9e30969d1638863ae71c8187707adc82b833a0c31ff11a00626d59fa829007a118156a7a871

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5c2c7e3f77333fd161018c3608ab5542
SHA1 29f7c4227ff983d5023013d66912d16959905d8b
SHA256 30ea99e2366801f447a0c335df08425da9249f3aa1584380de38ed1ec0a09841
SHA512 11e7d72a97a00b15f1809c230c7baa6a5ff3701787d66cd731efe7c4a73353b6e53814bb09c7e4cc89caa860355a648a3d7066d657686b1a59f37037778fc2f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\7c864991-5e63-4658-8acd-a1925f536880\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a838902f1a2ac09e5f0a5ec370773561
SHA1 3c04d9c1f01065b19d6f8f0e9acef286b81db694
SHA256 0d1d1f0dc358135ff6ab99e722c62d49f7bdd134344379d1afa2dda523bc8d70
SHA512 75b08373bfd2c40a477abe95530057ffa4974524a8d231eb5efd55b5ca2d30416f05d19a8a698cc5a3f6924fa0ba3299b9c0d5ab02a8cde18f63571160993cd8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 7dc6cf963a0d5b1b7c356afd4cccbf81
SHA1 cfd93e1efa977274ae1f3091b6dfaec2b5699afa
SHA256 b50aea4efb8f5bd60fd3bc761ee9456d277975c91c063db08e343a25dffcef53
SHA512 808bd3143d6f2109690e9b85336503efc408249bd8cee2cbf96c771bdd2e8deaeb7be7959f84575822a438dda5f1906c1febc0353671347b2b3e1a5f5ec80d93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 007670cc1614df7d08f6400b5bad3c3a
SHA1 9b3d162314c50b7c30e336bcf681b7aeed6444e0
SHA256 79df770180ab3c8fefe964ee8590578853578e07eef2de1d4b17349ecbb83979
SHA512 083c39a06a114642d73ef392c4fd8c5345b70e83a3a25727a31f26700a1afed117e8ad15af43e945899baa99593be1f386f6ab77d346077350c893b7219b424f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe57ccc6.TMP

MD5 c480c2039ca26a19be6495169649bd09
SHA1 dcad0e38801c69de1c3d4e645c6624b023102103
SHA256 7876649886fff9cd7cd2f55d756d9a870d012a275c89c795252ef750dc61fe91
SHA512 fc104eb4220a2d382b738fc556475a5f20a5bc6bf4f1761db56260144828b1cc08937d8281f4f9a6959d82f914d195119288e3f93f9a75d592f43cbfa47066b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c22e2f5b18a6af0ad0aa9ea48edf8ca2
SHA1 0a69678abb61504a9e5803f06df2229420cea33c
SHA256 542ddaa277245a140442034b8751ab69a3aa75b2d6202e20494752cb52fe06d6
SHA512 331099615c8017831887ccce59fab7835fcd5cdff053598ce8d4bc122f8897298b23ce7840afcce3d67e8ecece94c4243b014fa4e21c1b099b0ee2081ba29197

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs-1.js

MD5 48039a2bbf764b3da3606012d92d494f
SHA1 59068767670d6ac6c9bc68d428b2922a34ab1ef8
SHA256 2cd3010c54220ab8d9682b0f540326589514c1e8b21f4b4bd0b9f9c8459595e9
SHA512 e95f01930baa70cddc74b5a15cf4e277085cfb70cd965609433bd9ba4ae408149dda81927ae2fe2cfc3be691f96e102a3fbf8cc9f1d7d95353e1e1521bd3e9a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dcfbf6539797dfab1b3598530200997f
SHA1 e549936cd52d7dea7f17d5914214bc072e006374
SHA256 d1dc5aee4769bbdbefdd238f860309aa03bbe26e929802c410c7014c0a5486bb
SHA512 10a70c16fa2f3855f681eba1d46441f98b2b454f48e4ede3fff3e7adbd225c54f4bdd5be410dd2fa3b5c63e0097a96f0642499b1ead3075a91eb5f0687a1ae64

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 d9a3dfa7003d12566d169afe703a8965
SHA1 343dde71a7d2f0878beb0e0066754afa35f314e4
SHA256 76ac0daf0191956c1636a20b3d85aa23f060e995eff4b841ab45a1c3bf9b3e55
SHA512 45d25dc63e6a9cd7d27fe40cf8a9cb3ce64c7b8edf5f0b03c421f5f4243b920e97a38466e45188947d26c4301b16ac070903425c66e6a1133932c2889928825d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 d67044d1941d83269ce17dbbfafc9c13
SHA1 a44ce5361a0fcb4d6d3d6b342c47012bf5ba97fd
SHA256 65f6d6598b533911596fbae497f72350b391eae5831a32465e4c0229bddf9e77
SHA512 24c7208ddefe896f5125d519e08bb703842f6ac3ee42e176a46b1f94716a27423d19cd6106010cc3543454eebe5adb03ddf6f84789e6a90030a1f569dff37a31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 c7dc6f67d0ba03942c47b65bb6f9bb06
SHA1 b8f3f273a729cd3caea0c323bb04f58dcf25b315
SHA256 c001ca97b8094251c9223d22e688dca8627c79e3c5cd1d51adfe21e88d16c2b3
SHA512 e2acbd3debabc97e9ca86f367cbd8a1acee505d7320af03018aa38b3f3e8832b75f5ab6049a0ff19bbf2be8fa62be886a3e8456fc16d4c1fd6e16ecbb8a23b90

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57ef13.TMP

MD5 5f8e93ae55a159b6e667817ad652411f
SHA1 ad7cab9ebd1e10b44b0f46523c73297fe90b54fa
SHA256 45b3ce1a4ea4e8b4b28d11d35e9bcf42d043e90decd6ec14543fcdc3e2a44c38
SHA512 d1f22e0375625f01acb1fead90119b406024614c2107027cb8b869607c1e4e28fd2b1410de9a3d7720b5b3ae305682bf3ddba212b18dd5ba85d5d38c7e08318d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e78f9b063bf81ce6f3dc1744a63a2f64
SHA1 e7ed49976b5af2a42d9560bb934e7320b8dc4b1a
SHA256 bf88df56649cf9597daaca353bca4ad097d02732d5a8b4d1f67a6ea80725f004
SHA512 88386fb3e3ff8852bff1d3f1e429bfd8ef2bb928916db443694c5da7b862b2ad458ed4b93e0f95601134de5e554b8e4d33c85b53f64a9bb08e864ff7c2ad1b09

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b03b44c434bcbccb800404e5fc1bc2c9
SHA1 aad287c79c4ff0e2d744adfc99afd785ec149898
SHA256 75c61ac384c0d5b8458ca792012cbfe7cfde3ae614509a7b68cad760fd3aacdf
SHA512 16a64e5bb0b392e7f7279a471897684c451b45828bc042c4a297a31963c501d2d6d969b1ae899e257b1517332759f38d379e7af1e496981b963d19b201febc85

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 61efcbd912ebdb85e15997c6fcd9628e
SHA1 f7a97362b1d12dbaffc2724b55b6f07388b5f72b
SHA256 18ed824367e8a1f22dfbc4ceccfa263630e45db8c28fd4d8f1a76f947e3b6ee8
SHA512 b4fe01d5399c8105d44ddfbf14b758ebb7cbb5565d8131d117d2b4a112fb393608feef7523ec8b7e81e219a987fa607315902ab58014d4c0e105809972abc557

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 0be9686f8ce00567249930545923272a
SHA1 6564387af6d00c6d1298b7e655572a5c8c59d6b4
SHA256 8ce5e66118ac73996e1cfa037513594d0b686792d497edab27e1182830458c67
SHA512 9e2a347371efb09fa01c90e5129bb35330fce786f7d3d5ff4fd9693e5af4f0e60c093b8fa3feef8a6b49be7bbc2046e7421b674bbddceeadcc716a4b0b5b8c83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e0b16966-f6c6-4d9c-abb7-0a170a46ce33\index-dir\the-real-index

MD5 4ed5b07e9d65c8cc1f4cebd34a55e0f7
SHA1 71357daadb4e977233bf6071e05a8e5301740a6d
SHA256 1362c255e5f4cd8211f575f99e4e5631c9d6ab09048ab82b25a551ee68c3df8e
SHA512 0dd5725bf3022c5d6c88af136366cc6aac0d11fcae90bbcb53a7dd99339853e29bf0f1a3be56528a7e1887fa72dba44af94e3b498869852b7bbc26405c0aa901

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e0b16966-f6c6-4d9c-abb7-0a170a46ce33\index-dir\the-real-index~RFe58270b.TMP

MD5 2ced463717632ff56665b402bfc6ca07
SHA1 64dbbb976fa93520a06cde2c368bf1783c629ff3
SHA256 4de2f5372b12e425c9299f1dd0648816e26f623338507a376b128b244e8eb8b4
SHA512 a9c330f7a95501080005d32f727e72a77743404e18eeae833ed5a5d86cf35408bcf9cad60c8aa8f5e370005f33e1198792c6c798e83a962dbb5d38260c9ae9bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fc51c5587af2a27fada6d08aa73c9252
SHA1 c762b996b276c59dd7ece7a048cd18e18c935c58
SHA256 1bbf65ce82d65b6b9609b232847190b0513b86bfa4d4bea411ceb784c908c506
SHA512 0bcb23e6a074ba9b26c7d711f4f099463985e55b8ecb0204458020d51bdd93c6b638168313617d4508e4fe75b998a98666daba883bc004054cdfd95d2f53bc63

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 709f7544bd3e74c424113e6853948595
SHA1 a8c1d9e6c8493091727f0e303e45ab92b773343a
SHA256 0f2a35c8b824d54b483d0b2ea10964bb7af8eb6b1c86d40efbac4c55e1123a2f
SHA512 c2ed4cbb5e48d04eeb63c94d7d88acec5af101c2da003a34379023d8454d810ae357d0b4265da7027af38889fe307ca597f815111295ed62520f39aabeb2020a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 7378f426d93d2f806b536db7d5d1ef37
SHA1 3b7a025816a583f4d77e2d446666cec3d280143e
SHA256 d40eeb6f1bcee392df7288d7ebb484b3e8fc769fa52d13a41804d59573799087
SHA512 44fbb6d3b806dc28ad340c33163649a12fbae9bd70823ad39da45a36e3325efaea3e4d060702d0aa08f417592b7a512b967610e361b08101e7f981bb9cedea5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 04ddb66072a25cbbc04c81a1ab6423b2
SHA1 c35b059889525c588ac44c158546d9083205bf8c
SHA256 6ff2f5d3f18f965f15af0904fd31bdc9e72f6a9e2ce1f05752bd8fe1dab5fa01
SHA512 2c86cb54e5a7bbb3586a08a41dc8620d42e97f74cbedd01a4e65f14ae3068cdbdf416c8f5a0c5b2dd409b5f603ff98f086c9bf1393e549fd331e4a57405c4a92

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 688373b746a86fc5fe5c4883a34087ec
SHA1 dc4f4c9b33e9dd19f5216a9789d2d19a8d31b99e
SHA256 d673d790fe51fa15fd67e8ca735f0f34aff69041dc6df5be8aaf5eedbe41354b
SHA512 a94fe5ce3566919f90e86abf384f023914acb1c91675ad6b9a8b63f05e933045ce22ac4622b6feac0a61eef2a95dc08067f2963775ed280ccbfc74acea6ec6cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 708ae2923eb1b2594e4dd9811668229d
SHA1 ebaba5e7f4a57e58aec0d85099188b8fb66dedf3
SHA256 d057859d5cc31168c038af52e74e9e2cda6f99bf69cb79f999fb08e07cf8adfc
SHA512 25188ed0f9e2e07acd52fd41a0a1f3d2011099603e0b593c50859bcf78731d8eca56c796e1e9d93ff3693b79872e66f25d966f6d8b15b6bda44c7666732e667a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 46750dc3499feaf5b20ae86e084240cc
SHA1 aea9972ca432b2f7e0e1d426d7b382527aba720c
SHA256 b534850b2a679784600a64e280dcbe8e2ddcef943ea24c02c9036a92e3549681
SHA512 2e21174e69ac27733677451c1484364c2f31b2cd7e3862494e37f4c9950cf943a46f52786677ffae28b311f33e2a958ebac342725443bb2b044c5face87876e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 86eac13ae042c5838d20274274d5d82d
SHA1 a1edc2336435162d57edd8e9a4a2b7ce2d693fdf
SHA256 2c700f68f9355697fcfb8a1be428158cc2937d2e0d01c0afbaed92cb2cb0c125
SHA512 313452f845e01faa3b45d9b37dd7db8bd1f2596684762d9affd50c1479c73592f06160f459c1fb11e4f7f38d185208b9c86c373f1abf34349daa3314382e337f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 4c44a4c4705e1e7ff214516345726b38
SHA1 c50da19ec6fbd99ee4c4f305e9ece188e0d19233
SHA256 7202e097880e3d2f06bd216cc9277332b95ff8b7d3a676d3ce89b869eebed990
SHA512 58c1de9c2d940b1d6195d96320c3b15030439ab71b1bf6a0d9e67c88213a3d1d29602a3079fbe4ce9cde6e6879020c05c237e1a7517c942b6c26f9da681da979

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59ac1d4164990bc76c5addad9126c834
SHA1 9e92687d65723d896b1f6380c0225b20598be17f
SHA256 f68c72d81674500fa1df189424b123c650eb55f251e655d4ed00f1c24f45bb63
SHA512 3509034041c7026efd948c8be60eec26b9051da8d69db7b46efc23e58301cc67906f0aceaae17f4d6e7c40dbc1d86a2021c390fc857990ebbfe9e7f5b7d46260

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 a11fcf88c53f96622c1580589eb27630
SHA1 726f098ea71a3db06ed46c5d60becb5bf7c97838
SHA256 13c1bb470fb2c1cbaae07c6abec9b13116ec0f7c32f6d0ef7ecce1c406b4b685
SHA512 349addbb5ab610809f92e6f33973d8d4bd57f2463067300564ff197d2bbe9da0f82944b1da9d2f9abf9b6283c9b89ca3dddbfe3ef295576f91128385df7976c5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 0d397642016624cb7dee3f2ce171b432
SHA1 57d8840c1753e3bc161144cf84cddacf9d4b5166
SHA256 ae9c45ca1605fe7ab167df31d742304086d64437cbe09dc6471dd71afae2f36b
SHA512 3c75d240361cbfb796858c27283d9ae311779e8ea28440d77089bfd0895188338262f87875d9abbf8a0b0d082231837f3eb39aa21e7fcac0af9d4c73c87b96e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe585d5d.TMP

MD5 4d173547b6db86e187c52e3fc53c45f7
SHA1 ba1f653a4b91319d49871c57f27c5e6fb7303162
SHA256 6895d122d5d32d3aced65aed43c50c5521440e1732dfdfe09251c68e7dc1185d
SHA512 a7962f1d5303cf0e7926f61f5650f073fb07b34e31049e443e73cc122597e89b20a4a8c8a963c408e071e05e58842fd10426ba81912d579b417da699e5e1e8d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 24e87219fc7a4acf9c8cf5195dd20929
SHA1 024aa18cfa152ca843a66a601fd2d051d22d8945
SHA256 f2560c703feef683af5cfd31ed7ab92ce2f5eb669061c62725875a34d75c16c2
SHA512 d19500d7a68684b8b448599bc5659832f48c6812fa5d0f09c2e23390679f84b0a222f3de1f13e9d4c27a1eb58b3f2e86f48439dbe863c4bf2f91c040146a3ba2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 64b3b5fb7733a3ba37956a0979fcf549
SHA1 c0f58e4f0b0128b84b396b193d5e717f16333a9d
SHA256 fc92ec32277af5150556d40a2ea1857f8cd538c6167d9fd1d2512de3f1aa0bc0
SHA512 b1aee1eb8a756e5a78fd9b9729731846777050b8a5a41b422b53f6f515778c9ab997002aa64292117ca68c12d7e0b8c34ef13159a928c428091fff9fa8277dfd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 fdffa05550939c0096876098093873a9
SHA1 86b92b3f08e3fb9f386a78eebebfa1e41671e275
SHA256 767e6c792c0cc4cdc0e40c9dbd7911bced361d609ef1407d4f716685c06f4fed
SHA512 d41d248f694811db0dc5b8e2818992a2cc43780a8a677c86783e4fd6e87bef0e062c4d96a1dd39209c31fa52c5f963c31a31be5363aac2dada4a25563bbcf738

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 75f70d8b59bb5d0a372741e208c6f4e3
SHA1 61d4ca8f447a9286770e255628a682620d01434e
SHA256 4148e0ccf4246c80b8dc6f1b37dd170ff5c51581a3d69e99fb6542f87507711f
SHA512 a213255c7b2c5b97c951ed374c35cc6b57cbe8ceee6d2ed841460cfed1ab5cd9278afb3b05f4596748a1a935577373d91ca217acca4683aa171e935dca9ccb26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG

MD5 4238e84f5c91ace25c3962f5a627c20c
SHA1 fa1e6c27b1ff459248a790647ea198d047f72baf
SHA256 5a27c8633f8b0ed5bf231310f6148e1dbcdf80d2187df73a282b602ed07f3a96
SHA512 250d8283210c334b80782bdc57d9b7e2d44d634652fee92f371d4ff17fb97e768f6534d44fd752dc333db6a41d0b36924fff38b1e587a89b6c3cadf6bd4ca378

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 00e11c1a76b6a44ca28dacac050ea639
SHA1 d8f1dd298a46d66069e05efd83e8fb7533ce6b21
SHA256 b24db40e56408d95130fc64634a64481d7bf7fb8298c8b6f4f40c08e950df057
SHA512 651c8a6c3023129820f40bfa890835b9b1c0a4ea063ae0c6036b87a4897e555a019d4190e376ab9b2ca585c6c2cd80d11b04f5cd864e83cb374bfa80697d4d47

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 93e9a6f3ac5cfd5fc3bab57552be2be3
SHA1 f937095c45f9d102178ecb74aec13d34c1c365bd
SHA256 59aa2e9e26ff2bfb73f9a651ff3a48815567311f91b96c03e810c801cbe00480
SHA512 54b8d100ee42eca3cfe50dcbcc8d9ec0cedc881dbce6fede9c9d8cb8b98ae475255440350ca904b7becc2febeb9c4b7dcc565fb93a71e34c7ab9155e40a37083

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 263d1b53eacf28618c6fbfe242ebd277
SHA1 24337c61b7e34d33ace8f1aa00c99d20e34dbe1c
SHA256 804d1984e653cd7c03dd22e43c4697bac4c71d56e8e8056006cc3da02b2b8f8a
SHA512 3c6ea7ded33e0d70af534311d084094c945fcf7dc10f3c0785027a3a80fbe3b48676b76b455b70a0d54999798b6dafa1b274eb3d9a0bd3de7e9dbe3559f80957

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 dec1c620536a170fff78da477acd61c2
SHA1 be3a7b782da9139be439d19231027e5e97348ad5
SHA256 aec0516eee5f76187be344e9014de3f894756cbd3e51d98b304b99933d8c3812
SHA512 2809f7f3776ccbce937f0432c6d5d1ddcddfa2cf61bd75ad93265b6b18e1651bc4475c295756ab4bcf7a79336c2d1623c0b047d0be28808937fb22df3ffc6404

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 87f52c71e788816b4d55e4a014bbf1da
SHA1 1cda57603a5cb270dce497f156da1aca009bfa2f
SHA256 2c03c2af401ce10530c8859d5ef4aa233a2ceb8d7778ef2cc188648a7f86b5e7
SHA512 39647db26f13555a4265867c3469933823902408ad8070c2e60ba2d454e36b0fc16ecfa1fffd2d07ec5bfc2c2debdf8fb6f6a12ac85386c51d6dc0fe27eb5288

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 6cacce791cb778d6482d0a85ed362f7a
SHA1 0f96cbbd61d5c7020b792c0d0b0cf7733281b659
SHA256 be2d9027c0c36a3389e51261b17a1db4b2f1bd02c510238849899efe27ec2557
SHA512 816b11b96cfeb97b593b7f3b100f3716fe3b4e8cd8f1f816f5037c76ccb4eddd6a1f127362e8c524bbda2fb5fe78718f89995f88e76baaeb10f96a43c7587dc4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 2850270bd990739995362701ea5620cb
SHA1 2312053cc5d9fe17f18b30189db25eab67ab9d76
SHA256 7beba92d12b78d0db945c30c31b1745a375d15526653c8dc77425c3a04de3b0a
SHA512 76935eca0c684116b8f88c7272569ca4512738ee4fa6617ef65775262af4a1d12c8484cdf59a50f163da631a7141feff6ab2dc8d2d8b1b0e15bb82cabe16d7c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 6244144827d7bfba923baa8b8b5e98fa
SHA1 8fb6b9196ba45c79754b90b1586551f32e06dd02
SHA256 ead4b7cc1ec03fc95c3bbfdf883ddf63df4f1b6c7c740edcb0953b4618553310
SHA512 66114ee671a9edfee93506d3f15d5e4dd9c2d135236b3956daa5deca86f30363383422958b4d21903ded5050c9be3086209c9f5f8d7825c5b0663e77acc52f8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 1c616980122941f7e12b8d5bf93392ea
SHA1 1a394784813d646241e8cfdf32fc0b54c3d2cd7d
SHA256 a7d92cd215675a476f582e10f63c78433cfed038cc4d891c36b71d64bbb41773
SHA512 942711bad11af4289c94f47bec858909d6695d81096b19e4cae51780e73bdb78127c874a986fa9d80ccd286f63a0d31d202cdf2d6e757630c5838b1bbe0d8fec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 dbb705ea3d298e2ed0ab39bba7e96a93
SHA1 abbf9391469f5ea30926b0ef4e550fe1ad234f53
SHA256 ffc771c2099c5216e42a71bf81ad01bc607d77315f7e487d74f9ab68a2ce365e
SHA512 959a0719bcfceac4e7e543152988fba270b121c2698ae97e7378f5f2b8f65008ca9f483c090bd5c4cd349efe2030973c11393068c9610c7ceffc8c8127266fc6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 1c20b28926a17bacec80c2e9c8f3b78c
SHA1 f1fabf58249b05e6db7216425abcded686178ee0
SHA256 a88eed0e924012a12db3fbd7ab811dc778e341d75d912e3e3a527c8156a9bdd7
SHA512 bd7e76b99ad2b5e97baa2ea4df51c525549aa720c6d0eda53e9ef1522c9e0f0e4ceaafaf54f7693250866861caafcff3ed2e2ea95449319f8434b058593346cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 a475291df5badc882b32e352e5ea5d71
SHA1 27c3f81794ebcf05bfe36e474a6a07fcecc610a3
SHA256 9a76d79693c68af806812be0b94f22e49e3961b3b75b7b11d8cc7e153f6d8bf6
SHA512 8bd249490d55872202a5d4df877cf93738bfd17a3a8a9428a45ac130aaa57b19ca86fc68f0964c22907c69d61ebc7f701c2b5ba37295cdeec41cab77a932293c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 48c5f0d7cb5798640364c88a58a7c89e
SHA1 4e9672ea6709c245463dce2b2202fad9eb005a75
SHA256 dc21c084929bbc517d54c564baffe35e4c9330b8e093b96ccbb57debadba13fb
SHA512 74df03f9e5a3207b31f4574278bb1e10d93349bfa8b8374f3e8c1c1707234984a25f804588258fd9022e635a252cec9c99901183ef2fd9d634f28ffae19df74b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 094fe0c2f5205cc147566ab301a26458
SHA1 c7a3d5f75fa5e67c89e2777cf2c3f9c03f592c04
SHA256 f465238bc279db5b53291f9a616d08bba5ce02950ae3ea452a7777d141eb5e08
SHA512 ab76caf2f86502e48ecdc02f878ed314db0c84cd55319f656a9d33cc673212c83e7770e602be29843ad15ab2affc6c26206fd50a4d74b9d608f94cdc9b1afb60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7a0e227a8ddb25705e28db2fcd77cacf
SHA1 326199249c69df2e395949b7d0c0fe4daf064cec
SHA256 e1cf72fab4be2ab0766c294173b006d80eee14b906e71dc13b9489ccb643a111
SHA512 5bb917e381ab2017f596d2766d88e10a139fa111e0c59a8cf8d2ec729ef59151f5658cbc8f13d31f72fe5cd3fe28d11b80bb8df66f68b26b15e59aeb4ab1855e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 e9056f773cf18b13e5db6268e481da2c
SHA1 e0c4e4b23e5b0b47cf3416ad9fad5537dc309434
SHA256 0e41131b2aa165fa3f255dc18bd2360d1fb3b33ff06d734a2600af20c836f3b9
SHA512 610780958369de557f5b2302182c9155ebcf09b05432bc1dbd2d9018307b72d2bba7eb455fdaf363b010b781fd398fbc506eb3a7e9d56c5a2920f01617f865d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 063582d3c0a065bd7e6e1cc2ee42482c
SHA1 74468c428c9197c870f64ac0baf6b3f50f1d7b35
SHA256 c4c8aa1041c1da2f0a989fedafcc049031f9c53133d2ba0d1e73463852526dee
SHA512 05ab2b8e59fd5d2d85ac38c13f7846ed1729cbaed1331b67e871a0451f9f0b8bf7e18234b45d034803bafe69b59a90a8f13b31d250abcfa6dfeacdf7dddd8f47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 725d6aee51d988a819fa83bdc8a1c600
SHA1 870efa0f78c9a6d735f423819c6d5b11fc619403
SHA256 088792a1159e3172d1101b8c90b1ab8eca046d64c8b6f3d3543a57350a9461b8
SHA512 bfe0054e40d796e5bbc84c15d561a7b576efec762d12a53988c5514aef672edcc2b5abe2ab7a81f65d38802b4a144ad31c797c2102202aa096da4869388131ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f5b8a91e334fcae7378e70330515c78b
SHA1 7d578b822a4779284fef75f27e54c285248e3995
SHA256 0a02931aff47e768b4bf7e1e6fee6c5d95655ed51dbfe37191274364157c2290
SHA512 15ed1dbd96c63b05e0171b604e1f6a6d997af845691b2177a4ea21a964b78887c819fa8a390ae9ca703aa6cc10e3d68d3ba8d26c4302730a14427c5eecaad724

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a13665464893ecf10c291c44e7419773
SHA1 6ae8e853eb310160ac6a88d013eef13fcd1142ec
SHA256 62c3101e8e5853d44919339fbda73581e1cbd5b65cfba3b7fb240553edba8f7b
SHA512 9fa67a1bf35028a2459932588eb0ffbdaecc8aba2b86385b23be3072f8f63ae1338692571e26810c7c67c7800e957e9d8a2a6632cdeb3d65336e71f73faeaac8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 fac71488ccf148eaf882d220e99d6580
SHA1 338c9d1aee9f24a5c444d6f142569acbb33a5963
SHA256 8b5d10ac25257b76b14f3d49f98b9400379a79de04f55baba63b985af767c02a
SHA512 b769d8f920583fa90445cee17e4a4a8dfb519248af3ed20e7478e94a02dfc4f6ddf2de35b33a845d7272497569578c5c76176221c3e3ee7c6fbf4593c5f7a824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 7a0a58df493838332626bc24ce71c13d
SHA1 d84b3678f260e172aa826428c7f07f912ea23679
SHA256 d7fdff1ec368723d5f2fc51f1b6c4fe1834c8c67352093c822c3054da37a8e9f
SHA512 5806bd8799556dc69ed29e001f57e33edc3befc0f2f3f47792718eb5fa7e9a65f434e0fd0df1b21d7828e98bc5e5bbfa9aa000837155025a9f1890e89bfc2560

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1ecac5391777a73784d95017fa0c9742
SHA1 36d9f2e25c8bc52cd779c8f38067cce403aaa8ef
SHA256 3202309d3a424d798c82e9565cb6689aab8cc1b0600912f04a19529dd145c59f
SHA512 491ee17b2e967f98fdffbc8764bcbf13fb255072e33524654ddfa0208c294a8136c1f258260acb8139571ef7c82cc3c50e17fc5b865817fa386b47e974a61bfd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 21912c88d7452438858c80669b78f812
SHA1 6116566aa12e3657523cbf4f838f617e5ec373ba
SHA256 783e2914ee2b89b26506c98a38afa384b95a8a89271ee19aa9a101395b93aaae
SHA512 72aadc9069b03f60f4fdec52819f6153de72d9cc310f2df6c373fd743233616930d0ae0c192d0ca6e7d4871e235a9eec96e88ad4c3620fe96a4ca6941eae2de4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 2c341252108f2e2594c18b716b645666
SHA1 eb54a42c7f6276f62e98159c641e06a6b5289ad1
SHA256 863c98b6cd73c9756e5cda20e6c769405570fb3bb714beffc043e2bc2dce56a7
SHA512 7ceed4a20a032a9facff6e5964b5a2a48cbefb6329e417f1bb112de89751231fe2c1d5f3690fb3888520671bac7cc8c6f99ff321c0454d61ce461d71498ba77b