Malware Analysis Report

2024-11-16 15:45

Sample ID 240220-ghnwzacb9z
Target 84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe
SHA256 84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed

Threat Level: Known bad

The file 84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Checks computer location settings

AutoIT Executable

Unsigned PE

Enumerates physical storage devices

Enumerates system info in registry

Suspicious use of SendNotifyMessage

Uses Task Scheduler COM API

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies Internet Explorer settings

Checks processor information in registry

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Modifies registry class

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-20 05:48

Signatures

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-20 05:48

Reported

2024-02-20 05:51

Platform

win7-20231215-en

Max time kernel

39s

Max time network

153s

Command Line

"C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe"

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AE2CFE81-CFB3-11EE-BD5F-6E3D54FB2439} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\facebook.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AE2A7611-CFB3-11EE-BD5F-6E3D54FB2439} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\accounts.google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2788 wrote to memory of 2440 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2440 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2440 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2440 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2036 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2036 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2036 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2036 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2856 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2856 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2856 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2856 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2884 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2884 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2884 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2788 wrote to memory of 2884 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2036 wrote to memory of 2588 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2036 wrote to memory of 2588 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2036 wrote to memory of 2588 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2036 wrote to memory of 2588 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2884 wrote to memory of 2624 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2884 wrote to memory of 2624 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2884 wrote to memory of 2624 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2884 wrote to memory of 2624 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2856 wrote to memory of 2636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2856 wrote to memory of 2636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2856 wrote to memory of 2636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2856 wrote to memory of 2636 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2440 wrote to memory of 2668 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2440 wrote to memory of 2668 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2440 wrote to memory of 2668 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2440 wrote to memory of 2668 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2788 wrote to memory of 1400 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 1400 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 1400 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 1400 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 2068 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 2068 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 2068 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 2068 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 2500 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 2500 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 2500 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 2500 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1400 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1400 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1400 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2256 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2256 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2068 wrote to memory of 2256 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2500 wrote to memory of 1064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2500 wrote to memory of 1064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2500 wrote to memory of 1064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2788 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2788 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2788 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2788 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2788 wrote to memory of 1780 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2788 wrote to memory of 1780 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2788 wrote to memory of 1780 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2788 wrote to memory of 1780 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1780 wrote to memory of 1860 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1780 wrote to memory of 1860 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1780 wrote to memory of 1860 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe

"C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.linkedin.com/login

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/video

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://accounts.google.com/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2036 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2856 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2884 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6249758,0x7fef6249768,0x7fef6249778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6249758,0x7fef6249768,0x7fef6249778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6249758,0x7fef6249768,0x7fef6249778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.0.122269571\115382522" -parentBuildID 20221007134813 -prefsHandle 1228 -prefMapHandle 1208 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1915ab74-e65a-4199-a777-f3e9eed1a951} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 1348 85ce058 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.1.925048535\614709428" -parentBuildID 20221007134813 -prefsHandle 1524 -prefMapHandle 1520 -prefsLen 21610 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {68a0a786-e371-43fd-8cc6-e55dc697a401} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 1552 3dcd458 socket

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1484 --field-trial-handle=1324,i,2303009823956816755,1082692825835001466,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1152 --field-trial-handle=1284,i,6596404315951301346,10279654162019734926,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1056 --field-trial-handle=1324,i,2303009823956816755,1082692825835001466,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1536 --field-trial-handle=1324,i,2303009823956816755,1082692825835001466,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1436 --field-trial-handle=1284,i,6596404315951301346,10279654162019734926,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1284 --field-trial-handle=1388,i,9501543768193592387,16659028756823328852,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1088 --field-trial-handle=1388,i,9501543768193592387,16659028756823328852,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2288 --field-trial-handle=1324,i,2303009823956816755,1082692825835001466,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.2.998711811\785129879" -childID 1 -isForBrowser -prefsHandle 2432 -prefMapHandle 2428 -prefsLen 21648 -prefMapSize 233444 -jsInitHandle 560 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fb251006-eb97-4d33-b7b1-aba57385e4b9} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 2444 19f05458 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2300 --field-trial-handle=1324,i,2303009823956816755,1082692825835001466,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2524 --field-trial-handle=1324,i,2303009823956816755,1082692825835001466,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.3.68055813\2137320754" -childID 2 -isForBrowser -prefsHandle 2796 -prefMapHandle 2792 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 560 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5f223c56-f225-4b68-b54f-fabe253f7f1d} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 2808 d61b58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2540 --field-trial-handle=1324,i,2303009823956816755,1082692825835001466,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.6.1641390196\536901421" -childID 5 -isForBrowser -prefsHandle 4004 -prefMapHandle 4008 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 560 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5b203988-b111-4e41-a337-7fcdd774be44} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 3988 1ec16658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.5.1200947420\1006269372" -childID 4 -isForBrowser -prefsHandle 3840 -prefMapHandle 3844 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 560 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {98a301e8-8a61-463f-9244-c5231bca5ce8} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 3828 1ec16958 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3484 --field-trial-handle=1324,i,2303009823956816755,1082692825835001466,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.4.1721631120\703180573" -childID 3 -isForBrowser -prefsHandle 2284 -prefMapHandle 3368 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 560 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bcf6d781-6845-433c-8aac-ba5e17c15dbc} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 3744 1e97fa58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3504 --field-trial-handle=1324,i,2303009823956816755,1082692825835001466,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1340 --field-trial-handle=1324,i,2303009823956816755,1082692825835001466,131072 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.8.175806817\1348940150" -childID 7 -isForBrowser -prefsHandle 4364 -prefMapHandle 4368 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 560 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6c7d1252-28f7-48dd-9bd6-635f1dab8965} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 4352 20b85158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.9.723869261\1760350134" -childID 8 -isForBrowser -prefsHandle 4532 -prefMapHandle 4536 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 560 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b9247442-251f-4ce4-83d3-a8a3ab07b6ec} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 4520 20b87b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.7.1958319846\1808095835" -childID 6 -isForBrowser -prefsHandle 4048 -prefMapHandle 4052 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 560 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c0be0584-1b19-48f6-b542-84c99d6e98f6} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 4036 20b84858 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4124 --field-trial-handle=1324,i,2303009823956816755,1082692825835001466,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4140 --field-trial-handle=1324,i,2303009823956816755,1082692825835001466,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.10.1087941492\933252694" -parentBuildID 20221007134813 -prefsHandle 3216 -prefMapHandle 1100 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b4267901-e379-4d50-9c61-dceb5d0ad112} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 3224 1eb06a58 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.11.507588072\1818642161" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 3424 -prefMapHandle 1084 -prefsLen 26426 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {605a90ea-06f2-42f7-9a28-905407ffa339} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 4780 1ec15d58 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2340.12.1028200926\508064409" -childID 9 -isForBrowser -prefsHandle 4944 -prefMapHandle 4984 -prefsLen 26426 -prefMapSize 233444 -jsInitHandle 560 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bd3e2d46-c11a-437a-ae2e-cd92f1a85405} 2340 "\\.\pipe\gecko-crash-server-pipe.2340" 4972 1fd7f458 tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.204.78:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 static.licdn.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 163.70.147.35:443 m.facebook.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 facebook.com tcp
GB 163.70.147.35:443 facebook.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 fbcdn.net udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 163.70.147.35:443 fbcdn.net tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
US 8.8.8.8:53 fbsbx.com udp
GB 88.221.134.88:443 static.licdn.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 163.70.147.35:443 fbsbx.com tcp
GB 88.221.134.88:443 static.licdn.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
GB 216.58.204.78:443 www.youtube.com tcp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 44.227.167.82:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
GB 216.58.204.78:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 172.217.169.54:443 i.ytimg.com udp
GB 216.58.204.78:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 www.facebook.com udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 www.youtube.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 216.58.204.78:443 www.youtube.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
N/A 127.0.0.1:50162 tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net udp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 163.70.147.23:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 rr2---sn-q4fzen7l.googlevideo.com udp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-ntqe6nes.googlevideo.com udp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
US 8.8.8.8:53 rr1.sn-ntqe6nes.googlevideo.com udp
US 8.8.8.8:53 rr1.sn-ntqe6nes.googlevideo.com udp
US 8.8.8.8:53 rr1---sn-ntqe6nes.googlevideo.com udp
US 8.8.8.8:53 rr1---sn-ntqe6nes.googlevideo.com udp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-ntqe6nes.googlevideo.com udp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
AU 74.125.152.6:443 rr1---sn-ntqe6nes.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-ntqe6nes.googlevideo.com udp
US 8.8.8.8:53 rr1---sn-ntqe6nes.googlevideo.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
N/A 127.0.0.1:50186 tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
GB 142.250.178.4:443 www.google.com udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
DE 172.217.16.131:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 172.217.169.3:443 beacons3.gvt2.com tcp
GB 172.217.169.3:443 beacons3.gvt2.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.204.78:443 www.youtube.com udp
GB 216.58.204.78:443 www.youtube.com tcp
DE 172.217.16.131:443 beacons.gcp.gvt2.com udp
GB 142.250.178.4:443 www.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.200.14:443 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com tcp
GB 142.250.200.14:443 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.204.78:443 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp

Files

memory/2788-0-0x00000000008F0000-0x00000000008F1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AE2CD771-CFB3-11EE-BD5F-6E3D54FB2439}.dat

MD5 d4ee33b859a6eb19403f2625b0140f88
SHA1 93074b9859922bc2dd7310ba89faa1c1ad752ecc
SHA256 36a8241e09dbfa39becbf1922f00d45e908b05caf7b938dfe4f95811b45e95cc
SHA512 f42af38752fa624cabe3e281e72c11eb77d470c9832f1a8a0ffc336d047738e9e6cd48a0cb1e1ea9339eacca343162b02f9e7edfb4bc449f8f1087464ad01f21

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AE2A7611-CFB3-11EE-BD5F-6E3D54FB2439}.dat

MD5 0b57129e4f547007af3b614161edeac2
SHA1 4d0f1eb9087fa6786ac08bd7225f42556dfb7afe
SHA256 d140dccbf8640a0368a796f3bdcc0c12cb822215c723d625edefa6badaf62eb1
SHA512 a89e1d89018c372aae41b3033f798621d3d056be2b3bc153fb72992d13de43f8299f246922c84191e39614f65af444fce05239bdabbafa2e996b00a8975de58e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AE2351F1-CFB3-11EE-BD5F-6E3D54FB2439}.dat

MD5 287698b0aeb5399a8db535fd42ebf899
SHA1 5974e717b2b67a6a4719e3a8571ff6198a3d0bf8
SHA256 f0dac2f2583a36cf1ac100ed10ace5ed80d2341bb7e98448fcc4514891e90ac6
SHA512 61c48b3075bcdebeb7a83011d48345c79aa3d11fd0c2f5ebc0799ce7841462707b29b07fd931c24d0b7bc3d2b4aff6696632d33e74859096870ca619b5d1be9e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AE2CD771-CFB3-11EE-BD5F-6E3D54FB2439}.dat

MD5 2a69a9063a276f0c02c03090e6c834fe
SHA1 4cf5cc457b16e318fd95460e1cb6d1f8a8f9c710
SHA256 21ec5df689787875b2a95fe2c070a18bf032d2ca444e2a7535559bb572e2bffc
SHA512 997ae49ff8ac2d72a949606bf8390764b53e0a21b61da9a8c93c1d025f8c03ea481975b0d0dc7b480974a2da29d4ccc47eb113364ac004fe1d7afa33a30575df

C:\Users\Admin\AppData\Local\Temp\Tar5EE7.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\Local\Temp\Cab5ED4.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 2211144cf48ff5759140a303dba8e1ea
SHA1 5966030b7edaa9895dfc8507899ae259c1fe4a35
SHA256 a0a805b14a7637fe18192ea6aa7b6618a310a55cc78d25327462b98d39a5a670
SHA512 0ec569e28dc7c67b91c25d3beabd82095f59cdb171cd944f53252e8470ac8c595ee2b4c65a95d4867bd56dd8ed66f50568eb665d1495724ac53a8be53f6bd666

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 37a3327fa5bbe22d0baad993d404a003
SHA1 9fa0f43c1cd386243828eb73864f0e9c54dae59a
SHA256 8a09be648e7efcf49141d455decdd394620a22c70b033c914d56c5856af84201
SHA512 80b10ce14d42c804ffe84a907ecd2dd70663c61783d8dabca7fb811123718b46f16a586eb4f218d708a7b9db3b8861ce1d620f29eb94c5dd4e6d3bc0317898d8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 cf7c39c642fe92ca4ec669b9e8ff3fec
SHA1 76413213c3f47df40edf753b6a3d0f6cbe0c6952
SHA256 41b1a0794d5e5a4e347c14679008df772ba82fd081f41c978d3ceec5609ddbf8
SHA512 e65ec70b24de0f284da43aa40f8c6511ea3765f6e3460c764de3dbc7a987d26072b81063d70b7276e3e6c542dbe9570edf3a36419d98e50e859b32ea1896e6cf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2bc39fce544fcf31f0176c44e333fd9d
SHA1 464d958f9039b1af69c08a5281dc27d1b9f79f26
SHA256 721dd63f41163289edd6803d5ca7bcdba351dd9b5faf4d2bb012b79ca05d7600
SHA512 4270f1f1bc70e29188332cb0cc4df7800cb5b67f8bc4710f82cca964afef23459fb81e2dc0a9bc81e0f625a23c338b9390276b221218cfa3d0e27cc6dd7e8333

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 99259dfbcf3bb0958bf44f3a344e2ee3
SHA1 bb9b1227af40a4c3af885f53e758ab098da4afc9
SHA256 587c0b9cee944e5ff1dcea23ec0869870a8f5f0e79a70d04cbc639263786e319
SHA512 652478e20ac134ecf74ff7c51ec67a12919d03acbffdcd45d2cd3a70559f4ff6c8656c823b6a82af2a3e611162c1880a4b159a0a868eac030a568ce57eaaf6fb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 5a38badc107d5454b46813b98ba14f2f
SHA1 b5c9c5c0c3473626869d55ab576a056034a40306
SHA256 b7646cbc7768a11c5762df3cf335893864570505741cf92f4fc422674c02afc2
SHA512 40e7769c37cef9db31b69cf6584d9ff7f5ee7314fa7e4b151c537aee3c2e32cff4670194c2e4fa9b294024ad5cbbf44d2d738e4f9d33b4176f3720769b30fded

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 078416d3d76cd5eaa00a3037e00e4b62
SHA1 e30b2de0965090a8a568c13612d0d6ca231498d4
SHA256 c54abd62a51fdb3ba470f0a7e30bf334b96d253bd43de07df0467b357c8fc363
SHA512 cac6f894c2a4d1628239af2f4a2fcd9cbe3626d4952ceb2cf6b00210ac5a7d8039417e517ee469caf13ea13ff3218afcc4b081ec6d062de6778405623bf4f12e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5676234f54b1686374d582701cecd5d1
SHA1 d6340929cadbaa18575de3058e3524cf6ddc443b
SHA256 80e9e32d5628ce50ecf1b21a56b5086e71a8c42059160153893dd252e21bdcba
SHA512 68227e09cbf19c67669a28e4c3077902e6e738da227f0d5a75190fe93c12ab549575e61f2819d04b05e1dc426db2a922fc972f9e1cb170c77817c97e847e994a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 50defd210554637b3d1b6a52df2fc27f
SHA1 702b0ce6af3b1348d8712ad24109d52517cabee3
SHA256 35bf227af3435c93181702d54572e983420cf724134caf9cca0c5ca32e14df78
SHA512 88b42e2bcb24e73dbe0bf572ac47899d960cab93cc21603556ed4634c2820eec14d63d41ef75700cb6b55b507d2f926f384219d368cd0c04ef57e4f36914c638

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7296f1aaad91b11415332c7148635b77
SHA1 cd3283f9957af3a93867e64c509c327217566929
SHA256 13d246fede054ea4ec98ba9e6730c07f79badd0d898f67f2475f74c29ec0d733
SHA512 77226d5c4f7ab662f306fadf49304ff5846ae22b28227a32218175a3e99bad41c2a1b4f33da57515675e0813c7c07d88fe3c11dcb1d19fcb39f59c6f4e4f7edc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 f4cf041f3c6357384617470c5121eb05
SHA1 0537499bb96530ba91c79aa8fe8c757b99bbe409
SHA256 90389045071c53c6311ea8f6c6aaf3809660e5a2d689c32c68595edf14f61139
SHA512 16e8fb7d673a963db9d9efe6db8a4f5694fd74ae98cbdb175e85ac3f9133b4c4fdb64cd02e0b74fbe2371bc7866cd43f1dd22cc754e4f0e1b9021bfc98beb6ad

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_520FA7AD0A5B7A5300910F5BBDCB6D0C

MD5 c2df6b31bf64826197dd0abf13ce74bd
SHA1 2b55b4e88f46d637609db9b168e88624fda73436
SHA256 3a9b24a7380600718525e73c2d525f1897e9017cdfe4b90dfc06c9f743b1f552
SHA512 b9878501d376323397cad5d6b67b2626f22c699038afbf706b0c778ffc1777bc602cff16b35e253692a474e88bca78d9a810ed77c8b8f3ba6221f7a9dc3f58b3

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOO61SKS\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2s0hu3f\imagestore.dat

MD5 6f5e98cecfa36ba6fb67853dbef32c7c
SHA1 3a98d76de52df2ef43b130ebb03c602dca0ff467
SHA256 a3a51b806b2a220f7adc3d5a2156e8bbe417ef0d0829259f5de3942e2823791a
SHA512 3088450ff48c48dea574cd424707f9c5f47e478686b2634535e955d4d2d81258376e9a6b6aef47e0e17bda921ae89fdadd323de33fa2bd1747248f34885f7bde

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LSNXCBKV\favicon[1].ico

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2s0hu3f\imagestore.dat

MD5 1e8a8844787949e1a59bdb36b4bed755
SHA1 965e1d3825055b8624a38b5ed1dafe0672b59744
SHA256 fdceb5e9df796e906ed0e78fc6de73e3fff622de9b52808ff614c1515e875c1c
SHA512 c233154a6f16858e70915f9164286b4eb542c7348088c1119f762c3f3d9f9d8a3d29a45060ea293bb18c98962313a5bbde70c1bf12f782993e771f65af4a5124

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\JMB9NB84\accounts.google[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ODCA0BOI.txt

MD5 43b9bead58253845b8a46fdf31d2509a
SHA1 3fc0a43098e2bb92604ac790f8268e4fcf5b5c36
SHA256 25b36edfb7325d5e3ac155501645f6f27880a0782724689af5e111132189e264
SHA512 24db66323170649372e5b6c5283d212fc7a49a1251fd344aa80a44284f72d4286431afc2515c08a19cd4ea4e48730d1195836f5eca4980b9342716dbb5ecf09c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 aeaeec59350a548971f8d1636b471685
SHA1 4254a97ed9d7c7a25b4bc6fa7f49aee505f0ffc2
SHA256 73681f1e257b87074b7b08e6073dea1b0204ee7eab4db48a8555a1852758afd2
SHA512 352f59c14630b64c2e170f6b7b84d3d47bdf774addf5008e47458d942ff5208dcd73adcada33b938ccc9fedfd61f1f0f07355c178cc9a1aba13fac215cfca9a7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED

MD5 3ac4ec8e8a1b1daec1971a8787bf18a0
SHA1 40fa169132c1047cc0aa835f4bec852f40cb7f89
SHA256 975c1db40d113e6a7dccfb6032975259d41e30683c70080d59e1bb98b5d00c92
SHA512 d1fc5c51eef641f6b62e6e2ef904385da2ddb54486d4169e9d586143f9553b17d6898b7231423d08c065069ac6e218182e51fb6ea532a845711f19bc111c05de

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2s0hu3f\imagestore.dat

MD5 5652e175e1ac8b77b240bdcc402ec6ac
SHA1 382498bed0fa6a81c6dec67cdf908b8b1c429dc4
SHA256 9b6b28bb1a327f35461e339ed8d83ebe278be434f8d9f7337bd52f310faa7c73
SHA512 0afccddd55929859fe4f9c83cc067c150d83ccb27ffe4257928f1e93b6889601d4c91274e75a3d960438145a67c5a4256565f50dd4bc71a61a30be05a1450a27

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LSNXCBKV\favicon[2].ico

MD5 b2ccd167c908a44e1dd69df79382286a
SHA1 d9349f1bdcf3c1556cd77ae1f0029475596342aa
SHA256 19b079c09197fba68d021fa3ba394ec91703909ffd237efa3eb9a2bca13148ec
SHA512 a95feb4454f74d54157e69d1491836655f2fee7991f0f258587e80014f11e2898d466a6d57a574f59f6e155872218829a1a3dc1ad5f078b486e594e08f5a6f8d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LSNXCBKV\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2s0hu3f\imagestore.dat

MD5 bf02789d58193abdf04ebda676d0d708
SHA1 ba83b244490898625248f2321468987ebb651429
SHA256 aec4407664abc2736a9a51af182cf4ebe13ab4be82cbf479b1691052e1bab028
SHA512 1d03134f0fe980aa7a820029d04f3e5bc95071f80dea91fc25be6cd470f7bbf7950aa72a9085be987764292f9a92f9b0878e9c45d653bfd3249bc6e849ba01c0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fb49e30944343c62aca189655cd6e076
SHA1 65dbaa3cefada2d09a0afac0d3b215c9d774a2b6
SHA256 8351dc7064fd9fef0be707aebbf1100d34e47bb8aff8c57a6e395012a38f4a46
SHA512 196e5929014dd2c0ccd76b254d44436084c30cd1aeeadc86b3010e81f24fb90b0b7ef5e957cb1814baf84f298f15a078b6f16c876608306a73dad6ebbaade320

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c83201c4a0b956b87e4d0ee899c34eea
SHA1 e759b9199293c687b6a79bb7c3e71596ea6dddde
SHA256 81df45539ad20be0eb1cf15a5dfaf85d578dab1293bb46aebadd00885d934f2f
SHA512 9aaa851066133e7e2a0d6895d79c24b93381388394e3b823d02ae3d8b1098550ce276aaa3c7c225ec09e9cc198e2682be1f1aab582ef55a94229b7e7d101c9a5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c2b8e65235d120c43dc7adccb9e134f8
SHA1 10a3cbf671514d99c0c3c20ce0cb736ba662657b
SHA256 5d3120f53933613f8984aa8b9db2b52520c5d0f26dfe4b9f1d5eb1cd5d97db2e
SHA512 26e770fa9d8b4c301d1a0d9377acf6449692dbf5386ff026d3814b381ea2434b5e42a39b56f2daee30756a9eb8fc63b35908371147dc752897cf5a2314bf8291

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 544fb7f917d636b433eb5867543473e8
SHA1 97b65283122140fbe0b63f45eded0fb65f6d300c
SHA256 8aeaf7eddd80dce2afeac51b592f9074b78595d044f7808ac10dd069d20a6474
SHA512 5f374c7dc3dbab7933b730ee436d7d62c9dc251027dcd63d9f4bfad60b9e2b9f55526f6b8d5ed8169d832b21d4e7574b4e74ba93f63aabcd9b902ba96e9c821c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c38c51b8863c0340a17efdb42b66500b
SHA1 2b5e8c2315018fc75546b3b471730131cc5eb281
SHA256 a456652b840d7b9e99f82498d2055c5305b1cccb5a7959eb9585d5505b2f7679
SHA512 5862e44ac99b1a1fae8344ebffdb70043d7b5d14f30d2379f1269cd546dc4fefe8e2b6e6c83187d6bc6a126e7f2f67b8aade57dfc3565132cf10777542edaf44

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7b09819badd70e5c09873b5eef02b0c0
SHA1 25103784c785bb3fe15972f3e1cfcae80ceb2def
SHA256 1cd42f5f8b4aac1fb9130b31ce036e08581e24e96d175bb2b1afeccf26b27a01
SHA512 d1fb92ca5e0df70bd1ad2edd45271b5fec4ae32d143f2758d2694ac117a607b3f8bc6958da8468dadb48593a52557520b6a23588905c383ead78edeffc06e71e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c250ae0fac5ef3f1f901208d926fcb83
SHA1 1dd5ceeab66930cf17f37a9086c3e21961621ce8
SHA256 d8c53c459e91569610e7417ea8d425f81d504717cb55e83bc7c1ab25175f9e34
SHA512 3e5b6469c52d5ace7ece967e09954760b2fac745b1260772829b5c2713a45114afb43c54da647dce414d35fd2e6fa04c73d3e7cac9f6c0c8043a5daccf330fc8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f0edae0d7c299a925de31f65249eab34
SHA1 7b38a82a7e0ef81961631eff1cbf1f6d1397e647
SHA256 ae08465f3b07b4f7493c22a3397b93dda91c9cc97b55132398acfd79f5c50924
SHA512 04a010e45fed9b7842fd35905070c74d02c66dce39efb6852f99518a5e0481b87aab9a4c0e92577dea9b775bf8c8606f994c670a13a5ffa7bfb3d6fe458e7351

memory/2788-849-0x00000000008F0000-0x00000000008F1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 da34f4b069d4208e643bbe5904660ba7
SHA1 8fef8e21cdbd32ee130cdd5d2369f4eff1f468d0
SHA256 24271c2602a6fd012c611bab3119efc1032a4e94ff2aac598b5ad5c5db7fd38d
SHA512 3273ffd4377adc31ac025981816295253238986f6fb178b5096692bfc5feea3ac2f81bfec3a18610f108cf8bca1c465a9fd685285dfb9d3df08aa07a06446aee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

\??\pipe\crashpad_2068_AKOWECQSGTTKDXWM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4afd4ca27d6a8ccabac7266aa26542c6
SHA1 3743d5af292052c55a06c1675062bbf3b4dc696b
SHA256 725d114ccbf59ae159ab8af1ce9482430c298d5163ce79fc650c7884a6b0ae3f
SHA512 146b114a124f8b9262f9047292a016285d2232a7dd2f6a07be041cd7891f70a640585e606c6d1e0a51da30a971b75b3e5564b0e1936342a6fcc6771a712704d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e80299fca7f497b59e51cd49ed809da2
SHA1 22db7a584a64ab438862d38304090d867ad19474
SHA256 b7e955e511fa594cdcf219c0d4439898e0a41f05f1c4af5d3360add2d881da6b
SHA512 c9efd7b52b6f8bf5265f4af0330d846bff20e90e5fe8568a301468232295c30cdef27291b3f998a198e7c9ff2139fc7464545ed7eca99359d01c32dcc25d790b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\datareporting\glean\db\data.safe.bin

MD5 5cce0f24d96d8960c812bc27a337d39c
SHA1 1db7f711ae036d80e38ca9d429e188f2fc4187a1
SHA256 456cc1ecfa5bcdbe3d1a899f7431dca0d6f8a6f9853da1b7e31e683f1e479f23
SHA512 d5a9d71c989ae12a7beebcc1be051f17109a852453fdbc022ce8b3e130356540a96626b15b987fc5a6309f0d1042b96a351b8e47aefc5fae1ebb15f749758abd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\datareporting\glean\pending_pings\fb36da96-601d-4aba-b274-5486ddea9e11

MD5 fe48a31d298d74e723019e550ebb3d60
SHA1 4907c8365f1a31328b3195fcff77df469175a381
SHA256 77e0f1c1613b9ed8e20aeae9d54fcdf904698f4c8cee23090369aab154658959
SHA512 cdd5dd7dc0b541b4bdc3558bef71a390c9d948b6f76cee98348f6865c6d7feccea5e7ea8ce0e209c0657ed34002f06b6ca8f9e3313442929e9fef9a113341cc7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\datareporting\glean\pending_pings\fd298afc-1291-4dc9-a998-b6b282719961

MD5 5094c0e89a06b92b8b728968b0c21cb2
SHA1 4154a09b052e0b84eefd4d3577a3d78000958523
SHA256 0e7cabd35c0ef673e37938f0dd18abc5a3c5bf329a21fef6f0a1a89676c6f4a1
SHA512 0a33e8b8c339cbb4928cd445c14e60a8f2b04f688077d635d7eef212735fad43646a6bf3324c932285519ed146c73dda80dc0c3075ebb9952832bb16831f0c31

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 6bc11c760679a04a8e63abee3e09ff8e
SHA1 2455f1176b7167374f98daac4d08a2d4995f1c66
SHA256 baf1a6ef580161c4df2bfa5d7b5709270d0a00c387596326eb990ca6a5dbd2dc
SHA512 c0ece5ed32a1870762ba81d66e618c54b1ecff53f1196756de9b11e3d536f77c6e05c8240a7ab25aba23be08034f287fdc7cdead1e4d7b2145fb8c942e5423be

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 76a105ba18375e6c18d1d5badbf61eba
SHA1 94cbddcb09609e4804e6aff9e51711dc411e201a
SHA256 2ebb6013e50efade4b9227efa1a16d1fd8eb8a774c94198bff2146366a8cdd33
SHA512 515aa5d7e33c1ef16cc2dd6b4e9b21473d35cb3bad633c04c1460e39b71cf0e004e8ca1d6f8dca7f384fc5139235d859698d4d7d58d6f94cdfa6872cee2600b1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_B88EBDD1C39B7C1DDC0A20A63167EC66

MD5 d3cf808836f5228675aa3e661a46573f
SHA1 aea3566478ca46f1265b5690b4120df3445c3d13
SHA256 48f1606099cfd5d9f93749561078a1a74bbdc161ed5508304247164a56d061fc
SHA512 91412b53037854dcec8a147718654bccc2a63eae876ff0841d81af7398f31f7a67ca13aae6d5bf2d387d033244ac50efdab3dd01461875c2bb8727bce4022272

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 921f865987498981b8799e3358c955aa
SHA1 d1540581fb09f69737b8f44f5f04a61985bf204e
SHA256 4344e0bc60beaea2b418018735c4bc61b3beb595d361994faaa761886b1c42e0
SHA512 eeef99b2bec587a19a76c161135237e37ff976da103e536c1991093047bf7487fe81a211fe0001b2406f8d32be92cae39a9d5f4bf39ce9f9b151d0da8c1b602c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_8F986B155B6342EE1ACF678AFF6889B0

MD5 5e1983385e1b435038c1f7802dfa4f82
SHA1 06afe288efb44b3ce3db6985f719062af830c58a
SHA256 88276856b71af0d7e58e993939839fd08c462da8b2446045048af7ea0b4e51a8
SHA512 0e2f1fa1021cf5804b7ade56b028df32ff53861506498c1ee7440cf4c843558ecd6f8a9e6a5d96e18b0604641ef65d0ef35c55de583e54b8514fd633e974eacf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_FE7F1376F45429175076B763EBF8B3E6

MD5 e8bd7542a20c2b8276cf7993f4ce9710
SHA1 ba13f4128d13e0c7b97129ab21205aefa9be9a9b
SHA256 f275d5f76b85b295a48d51654161066aab1631630c8b63c29778ec211d34e279
SHA512 ff696fd08bc4c74f0be2101e8105bd5b689b4692796fd2a910aa516d13c6b6bdcfe2d6ff335dc2f2e47e2e8ec4832d94edc4abb5ab978dba8ae4967ed6ee7c5d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_FE7F1376F45429175076B763EBF8B3E6

MD5 3a43a2953ebdaebe4968599e020c348c
SHA1 28cc9f5ffe51aaf4ad673f49856e596bcc49f6ac
SHA256 96aaa28e3e40afff2c0704483e82ef079faa746fa35394ace0db432a193333f7
SHA512 029f7995825cb6810dc71434467db2cfca3f11c51edcbee3221e538d51c775b1c8d6440681f095e9071fc3b5cb74d327918ac6b13e673c4273e4624f56f191b1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 95ef20a55a90ff3fe801ea37ee359b77
SHA1 c96e09af434c384326735fad575fe17834820789
SHA256 cd8524420a591177024f28cdbe6defc098d68f018e85132f4d72938511c1dc51
SHA512 63168501bdb3744d5530bceb0a83fe0352aa217d9f555ca84aba54c7a927e2f83a9aff14f3c3309f62754ea6f69dd70ff424712c5493498aa964ed2f6d371a97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\sessionstore-backups\recovery.jsonlz4

MD5 8046146bd05df46381addfe3188df4f2
SHA1 937eb147e59c926230c1eff16f6dbb6d7a419a87
SHA256 4cc18478f2519bbd4db5a2ec2cacb988fe0aa29a85a73a63c4709a5599df8be3
SHA512 4c2776cc8a4b417db4954f0f6a37b52138edd8ca618cd3ae3ab28b10849821f6d4dbb9e1e825d53af555a0cdd1478030d86023622eeccc0d135693c05783a615

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\prefs-1.js

MD5 1fc25aa49d739af1518a891f23a8f2b6
SHA1 f11d278820a3207ae0e052ec6bd960b7341f9b1a
SHA256 72f03d820b6113cff118aeace6c5b47a0dcdf475859c7da45526dd159acade48
SHA512 d855a7f2d1a3ab396e794ee078fb840c14cbb94299203c7921666d83f1b16b7094b89f1af26240cb0fd6cbac9e70a5308bffd54a89115bf86010130fa4750ceb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf76ef6e.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 537747bb7657a7ab6f6bc0d283b21795
SHA1 8fb24e1352de5b2aae19f1644f1988fa0db2c28a
SHA256 9d9309db12f6b75ce7505a3713bcb21d8a2f583319d5b47773774b06823ac11b
SHA512 ceb2ab7ea1f157f2950a107bd5e3b646fa45580cf82a8a8d332566e034daef2d8cdc82a191108ec6ed7a28cc2e6860e05b53b3e60b33c4d3232b220c0790317a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\sessionstore-backups\recovery.jsonlz4

MD5 7706b36fa88141d767076538cda750cd
SHA1 a11c9aae0eeb3e8df4ffd0b9ec4192f112b39aa2
SHA256 57e24d9f80c70a5e3a6f7d1a06b7c38d1489461a9676ab1753337636201e228e
SHA512 51afa4d0fbf7456f8bfddd41961d76f341d6c7093d946855cde433be36529170642484c18b4e82b624b37f9ba4f44413a00bfa510197afee1dc34ed91e2b44b3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\cache\morgue\188\{2b5b7fd5-bf33-4952-80e5-a8fba987aebc}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\idb\3758478617yCt7-%iCt7-%rae8s4p5o.sqlite

MD5 9d2013fb3b05f244aba2f41423128d5e
SHA1 7e800b4a1283a090ff03eb07d55c4ffcd516ddb0
SHA256 86c375df0ffa6bc063c179637f857d7fd3887e1b6e26796a8899ea3cb5c94f72
SHA512 451b512d67a573ea5ff836e2410d15c5598500e2372d9fdf989f024005e2b327bc67be3160daa46c868e2e311826ee9a9f1f03fcb2757793afb75b326fbb2535

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eba7d615e464aad6ad158b36005c88c1
SHA1 8d50bd85153037d3098b5a2ce9e58409b7a5be1b
SHA256 807c64fdca5a390c958ba460c74a0f6c56241d0610a95e8bab241eda6cf2878b
SHA512 0c60671c50a30a581e593bae350d706621e7b7425335969c9a06df3eb511d834c452ab53175603aa64f2199d03a5d546881e4d0e7edb07b5913dde3b36118034

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\prefs.js

MD5 bf607a5e1e6f63bde83c849581799c84
SHA1 0504cb95f627b77ddc4b1f5bcc45bb7730b92920
SHA256 332b15396d17be491401c742077a69f25e37d465ab7687b1093c3aee776ba33a
SHA512 331b77aa0aff1d11ce1624b2d227c160c8b54f459ea94189034ff22bbe4675cad9e2571b7d8da7566264ff2de8ec42944b22fa28909afc9c4ed2c15d7b9135e2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\cache\morgue\157\{e1e56a09-0933-4306-a09d-05d6dc43a79d}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\cache\morgue\104\{d15e9023-d79a-41c7-88c9-84d4de1f0a68}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\cache\morgue\24\{fb376b54-0a81-4844-b787-1e4bd3c74618}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\cache\morgue\143\{9c6b1a22-7db8-4516-a19f-21b59ab2d38f}.final

MD5 f8a4486578289f338eccea68bf578c6e
SHA1 6cbd17168a35b3f10b74a28f1fa3a83e161a7e35
SHA256 264c3ef4f7bc3f390875ca49d87ec35f9c4f0bbb0eabfdb38073951253ca721a
SHA512 e896ce1bbfd145a4c38f7e81a8afb12c3f354d5632f24f26cf19e8b5f1a466fca8d098e7277a4c0979170c37be25b6cdcc0654ae94f46908bde1810d4c03c3c1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\cache\morgue\250\{77ad922f-3646-40bd-8db2-abc2935fdefa}.final

MD5 cedfd917c042bfd5faea22058d451ad1
SHA1 5a98904fbf1c9bea6d27f75c42aa49c66db8c54f
SHA256 9cfc9e25c7e723abf5c14049886f33d836c6ab91b40218920efbdc864764f3f2
SHA512 5f7513b881549aba1fad170019ddf45e780ddb6a576e08365f4c9ab2c8bf4e7d2d5053b1db4ec6a2af570de21a182fc8981a0790881172d8605c023fbbbba4d8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\cache\morgue\147\{8ac4562e-1395-4143-95d0-a601a7420993}.final

MD5 5dac736054f1bfd6efddc9f8941f6513
SHA1 8d333e22dc6fa20e26c4732d5ff91c954433185c
SHA256 e1f390622425670904099ccdffe9b808e555fc402e7015697d49f9f22abf9175
SHA512 3ea570e7041a136d250e5e94c215b468991b70a6d6609ed27907aba24123e068e08559bbd96ca39a615a52dceccd524e3aa52702a8ad544f8a7b952fff935577

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\storage\default\https+++www.youtube.com\cache\morgue\213\{c712a349-7b12-43ce-92e6-d166a84c2ed5}.final

MD5 321ea72e49df8692233391c1f36451e6
SHA1 2f016758fc5830a806ed9891e574936db521c034
SHA256 8113ef313d8a5519df57034e29db538c65721112804bf1a1a446b8302ae7e0d0
SHA512 86d5a408e472a62c2cfcf69a5fadc122f7a62dae866a36fdc4a7381de6cc8028af4ba51cec9c827b9815c26f75db82c4813ab25682c728c1f03d3bfc7ff21114

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\4bbcaf51-6951-46d6-bebc-3a860c82554d.tmp

MD5 f10fdf72f48cd9d99ce34145e5b1538f
SHA1 75fa7e7a0af4ca60de24ab9b6acbe2886e636a3b
SHA256 14f1a8cfe54db764d92a29c6a542e6c73925e6d533f94d3e8b9f28a9df4a634a
SHA512 f15f0a88c4a7ac7323c34bf17d0156a10a30882128fc515cf530d121c63a66b3e015ab438c63c22282c0fd556663c7c4e3b249af5863481d3c516a4d854961ee

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 2fb94845d8e941d87fd5b05144143a57
SHA1 3db42ca57606ed0861ddfd9d9bf80b9bf6ebb725
SHA256 9f4c32698ce26e924144eb7914c6ccbe7c305a5cbf599b114d1adfd2330d61a5
SHA512 fc3d394e55508341be8dc83b4274ab9c6f29512dfd9fec2f597cfd4e80c79328837c4fa528a8423d6f13b990cdee6469f083a4e3f243847beb1f426801d65a9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8054b60326f0125d8cdec243d4af3ace
SHA1 3579f83539a20e5b9d9931a9e734b8d821d87569
SHA256 4fdd4d54aa69de0e2505daab3f91def911857e98f2e5276c1330cdf0ad81fbe5
SHA512 b976414aae7041436f4558c79c5bfc0033ae7da1658f6f1c5baa3c13d1173010d50a24b0b44802489baa403ff5196b52dce323ee3f40c28c19f05093c535ff94

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 7ca370789b138b0c1e69c1893d11b06c
SHA1 9b94445da4b76d47b8ea3af6194c92912facc78c
SHA256 995f0d83cc6dc6597777da00b3c026c2ead59fc7a80092f4221565871ffda0a8
SHA512 54ed4b8044240b699463fda1be19e83bbe9d4a4de10b60d9e1581240dd1bfe8092b6863598268267fad10c6fa9a268e0653af051b226a1c732c4a5fa2d1eef41

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 00844bc29378a0d492f70c8742b54b9c
SHA1 63d16261fb3af61bfbd3bdd886f10052aa78b11c
SHA256 cf4a074e5ca1ee0ef131f5f9c5e2621873ba54e7464acc6adc86f36c81607f4d
SHA512 b8f3fd8094ddb8ba8c83e24f47a787d564b994eb5825fe1a0531cc956cad2953b391c7f9e439390da7988205d3249ebfbfe0733362d4012cd2a602e1355abaf4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\prefs.js

MD5 df4dcc2e3fc9de169dae82969f9182a7
SHA1 f309f0f88a932e27b9311c5eb3cb770aa934c46a
SHA256 b270ecdcea9ea494b735899a53af03a3cd5f2bbced18e129a5de368f49b16158
SHA512 7efb13b817256d0ea3c227088f10fa6a882ba3f7936cb93600247aa2adf68cc158bd873e513969128d615e434a1d0c7f78039838e720d76a08f08ff96d53490f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 57f766c48a1c93ade75cef34c17b4f77
SHA1 f80631307aeab66247c970739fb7c022f70937cb
SHA256 ed979df5a2f1f0dd4ad47491cfc12e7aad1e3139d394604b2f92f06302d0f484
SHA512 25bf04acf5bc544fe6f2e500b632ffc0dbfb521c8236e8443fee288cd1588a95fd2c9664c55c89c1ebcc465f1bff13fc6091a9221652e77225fc30d88cc0b191

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a77a64126e4909f40f6c8a19c0640f8f
SHA1 1b7941109cddf6340a22510382c8793d02494273
SHA256 6870f6dcb1f2e058b16e5cfff739357bae8b7b47de632b465f9f09ee2a803184
SHA512 34fb17a5a17861efc31e9c28dbdeaf860f36f546f63993b58b83ea28ab138e4abfe5850ab2827bfc19bebc12a624d9efdccc532d4d2bc9b1abff3663cf8c8d44

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ebb3c6b2f2ea7812269a379cc897e3ac
SHA1 4693d581793504d6d39804bd728bb7c61fc3b3f9
SHA256 a8fe5dfd72110a1d0df5ad68ce3d61d8cf7a17b25b29a2fe17010da64a41a680
SHA512 2ba58258eb0b8e01cffcc4a5d85c85ab9d5add14f62a4f0442094fe174f1e70b31402677a6d8a7115399c721c62cf8339bb04f99b7e8c22ead172f247f781ad3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3d7be487d8868082e7b5402170afe410
SHA1 19bb0cbd81de3ba0bba53ca5abaae486dd78a823
SHA256 bd3d1ba08c4aaef996655f3259555ebadfa7d4dd60b29ef7cc2b5b960dd2a9ea
SHA512 9a265672d95654b7abcb07b8885661a520667cf41d8cf71c67d1e8e68df7a997f50334b4f93bc2d81f1dce2241fd29ff097fa93dd5044b1bd6c7a2c3ded40443

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 449e401b9f4d4e27a442c0964d7edcb4
SHA1 e50153b25aa3abad8a24cd724fcd8d54810aae9a
SHA256 cdd513f7af086e88be992bee93345fb6c242281dd12e39d60bd9de53255de2cc
SHA512 55bb6a23d9524ee656975ba2000bdd30cdfe95c52b0ac099e2b127ec4238dfce2b887b918799254a50118e5e095caa850076939a39a6deee9f31e8040e88eccd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6c42f7a7569236efc51bb7f2009a65a0
SHA1 3d21164bb8750ff1d28e7dce56c7acb33ba37a54
SHA256 9656828a42ba2e36dc9817e3a4b5d9a2008af8b6c52e41b37001d0d9745c40c2
SHA512 2718ef8fbe6bd3e9e588ae7490d884829aa7313144884b55b8412afbc062884b36e3d39e38f9af3c2e26626df2437a6688e1fbc7b57e0ef05f95d2f20a6bcb32

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 91e29f4744e689df6b9395f742ba819a
SHA1 3dc7919a92342f787b20edfaf366947a2d83b7ed
SHA256 661e5aa7fbcc70cf38c01a631c5b8edf7858f8a567660b9becbaa1062e00b43b
SHA512 2e70ad3d4326e7a99f86ab492de2afda90f1c77c9d6cddcff60d7c17ee63c78e859d367ba2655de5d7bfc9c19bf23ea85bbd6b55a05d73bee719c6f6cf592c7d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 9b97b57fa2697db789c6792464281c1f
SHA1 14394196afaaac1023e52291af9f8946c11b1f18
SHA256 f6a873ba17280f78b62c629167bc96d11a52eeb295dd67896149d2558969ee32
SHA512 0496562518fc1bac9570773de02c4bd3f4a89fba820ef4a9ad08f71f1f9a5c9bf225444c2e5d4a1b99b7374d4b71ceb197c507968ed55d96b0575fc1b41525c0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bfadb63070e388a15f2516575a6058d7
SHA1 b9dd56be2db1d12fd6ba124a52a13d3d766dcf69
SHA256 8b7864db713eb21454de68f4b30fec589fa4c5ce27057ee94f5fb9e33985adf1
SHA512 f73c398d1624538feb2947fe3ac92584aadbfc301279298fb26c736a2ccafb4fb42f8dd818ab14fd2a01d2d7f5eb89f863e2621585f4cdac0960026a4aa2ae37

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dbfa69e2c93f48492c45739ffc02fbba
SHA1 696bdc322e825bda08b64a2affb60f3ea1039158
SHA256 b8b9d38f20882d84bcb4d85cb85aa373d289cc6c4c972ce07770b6ea83e9b98e
SHA512 f2b1b9826d94ef1ef8c3b6a9847e3b2339d9ae82c4129777d5ad2bcaf9c3452b45c4befeaddea4d7af5901860bedd2ca305558f8b2f47d55d553c9be457e15cf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 462ffd8f5a944a4f2ec5a78e305caca0
SHA1 eeb126c3c7db0713f1c8300d216d056427679b95
SHA256 2a0a46b848addd729737d4f35c611ba83c136897e423bfcd48a16783af5df36f
SHA512 7198cc3928143ef9b73f87a532496b390ce7c574a4fbadcfde4a778d0f186f67dae8cbe2948ed8d10c35a2526e0ea5191cf4299d26119ddeaae3dc5a74393918

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xm25i6ct.default-release\sessionstore-backups\recovery.jsonlz4

MD5 9f26933d82893d84abdd8e29593c93b7
SHA1 6c44388fd1739324ca71e2c73e6e2c9905180816
SHA256 a7e0cc37c050710adf97b6a65428576df7b41cc4d6e450ba0b16b082e9fa93c4
SHA512 b3eeb817f7b3665e4c5a5ab4917bf8b2f2a24d46b46688973b86956718edc5c15722e6c4a409de88ee3233d89d262566757023dfd55c9e1a6d5b2f6704c0c7a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 de96675364e8637f67eadb06d15d7153
SHA1 fc3356e92ddb2b06b95bcbe7558d1bb7754e5347
SHA256 dc5971110f16d2e5516a218a0d5775d32f81e4abf7b5825cdd234f8687afefad
SHA512 87a575d854d8c480c7537fb57e4bef630af06236269e2b2c362cde416c44021667fa0b5eb66b6238abf2c2b6374c2336f3d9d8ab207e8764a47e5675dae5d283

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 59a30c17a62d09197db8c651059441ab
SHA1 797d1aa9c32e45e719791c65313d271f207107b3
SHA256 44a8a3644c89d9a944848cc8f06cbaa270e6052ec007e5f9cb2df7fdc4352dec
SHA512 1b19406ed189c234184aee24066c2790126d90d386e6d49d39c6f65830ed475d646f82232228e46945c2143adc4a746a3cfb2f896b67674949573aac808ba5ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c84059670661ea578923305e47bd0ed9
SHA1 fd8afde233529aada239c9461e3e525445505ae0
SHA256 aaae0ec71f6378b39650a44093216b271e0947c42e9436d341d63ab162e0cdea
SHA512 9740a6ae3d1b1a2afc23218d1283b2bb88ba6752b692e503204b8aedb72d7cf871b057947a53d5c2b1e6a17f93f6610cfff22af7f851ef834c7b1537293332ac

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-20 05:48

Reported

2024-02-20 05:51

Platform

win10v2004-20231222-en

Max time kernel

149s

Max time network

149s

Command Line

"C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1168293393-3419776239-306423207-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1168293393-3419776239-306423207-1000\{610A2F16-930E-44A5-9DBF-5E90EB9641BA} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1168293393-3419776239-306423207-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1168293393-3419776239-306423207-1000\{2C39DBA0-709D-4796-AC37-15768E639DD9} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2696 wrote to memory of 1964 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 1964 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1964 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1964 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 4064 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 4064 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4064 wrote to memory of 4028 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4064 wrote to memory of 4028 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 1956 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 1956 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1956 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1956 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 4588 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 4588 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4588 wrote to memory of 4784 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4588 wrote to memory of 4784 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 3780 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 3780 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3780 wrote to memory of 2332 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3780 wrote to memory of 2332 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 1260 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 1260 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1260 wrote to memory of 4444 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1260 wrote to memory of 4444 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 644 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 644 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 644 wrote to memory of 4736 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 644 wrote to memory of 4736 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2696 wrote to memory of 4780 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2696 wrote to memory of 4780 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4780 wrote to memory of 4268 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4780 wrote to memory of 4268 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2696 wrote to memory of 4600 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2696 wrote to memory of 4600 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4600 wrote to memory of 4436 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4600 wrote to memory of 4436 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2696 wrote to memory of 768 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2696 wrote to memory of 768 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2696 wrote to memory of 3200 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2696 wrote to memory of 3200 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3200 wrote to memory of 3116 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3200 wrote to memory of 3116 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3200 wrote to memory of 3116 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3200 wrote to memory of 3116 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3200 wrote to memory of 3116 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3200 wrote to memory of 3116 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3200 wrote to memory of 3116 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3200 wrote to memory of 3116 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3200 wrote to memory of 3116 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3200 wrote to memory of 3116 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3200 wrote to memory of 3116 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 768 wrote to memory of 1432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 768 wrote to memory of 1432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2696 wrote to memory of 1660 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2696 wrote to memory of 1660 N/A C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1660 wrote to memory of 380 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1660 wrote to memory of 380 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1660 wrote to memory of 380 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1660 wrote to memory of 380 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1660 wrote to memory of 380 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1660 wrote to memory of 380 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1660 wrote to memory of 380 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1660 wrote to memory of 380 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1660 wrote to memory of 380 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe

"C:\Users\Admin\AppData\Local\Temp\84f96aa12e81431e374823060a227539165deffb52231eb4d58b5c32740d91ed.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0x78,0x108,0x7ff80a2f46f8,0x7ff80a2f4708,0x7ff80a2f4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.linkedin.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff80a2f46f8,0x7ff80a2f4708,0x7ff80a2f4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff80a2f46f8,0x7ff80a2f4708,0x7ff80a2f4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xf8,0x108,0x7ff80a2f46f8,0x7ff80a2f4708,0x7ff80a2f4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff80a2f46f8,0x7ff80a2f4708,0x7ff80a2f4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff80a2f46f8,0x7ff80a2f4708,0x7ff80a2f4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff80a2f46f8,0x7ff80a2f4708,0x7ff80a2f4718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffffc0a9758,0x7ffffc0a9768,0x7ffffc0a9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffffc0a9758,0x7ffffc0a9768,0x7ffffc0a9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffffc0a9758,0x7ffffc0a9768,0x7ffffc0a9778

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2784 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2200 /prefetch:2

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,967904814897090952,1319608537851033650,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3900 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.0.1168205384\626370150" -parentBuildID 20221007134813 -prefsHandle 1852 -prefMapHandle 1844 -prefsLen 20671 -prefMapSize 233414 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ec5cd59c-e3a4-44e5-bec3-5c81465bcf68} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 1952 1f437307e58 gpu

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,1774392264847653601,2207000401895872996,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,8150899005732122930,10046881033566139754,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,2571140464034440978,1890527018397141857,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1440,10779604373327665760,4814540055206071041,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4296 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.1.799669009\1317658582" -parentBuildID 20221007134813 -prefsHandle 2368 -prefMapHandle 2364 -prefsLen 21487 -prefMapSize 233414 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {70b63bb6-f94c-46a2-8871-311d58cceac5} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 2432 1f435ff9258 socket

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,15533409842317852298,9928550255296199892,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.2.290989074\1944389524" -childID 1 -isForBrowser -prefsHandle 3460 -prefMapHandle 3456 -prefsLen 21525 -prefMapSize 233414 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4572c82d-e660-4ecb-b92b-c301f034b856} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 3580 1f439eed658 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6220 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1460 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1872 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=2000,i,9186759803663327027,7279651595896410861,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1672 --field-trial-handle=1980,i,3051733220708309976,9900312335092752911,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1852 --field-trial-handle=1980,i,3051733220708309976,9900312335092752911,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1948 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1920 --field-trial-handle=2000,i,9186759803663327027,7279651595896410861,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2984 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2976 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3852 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3804 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4912 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5048 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.3.732237294\959952039" -childID 2 -isForBrowser -prefsHandle 3760 -prefMapHandle 3568 -prefsLen 21631 -prefMapSize 233414 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eba86e7f-7bfc-441a-a3fb-734f77714770} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 3772 1f429867258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.4.989060260\1260237627" -childID 3 -isForBrowser -prefsHandle 4336 -prefMapHandle 4332 -prefsLen 25988 -prefMapSize 233414 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {09a8fa40-6bbf-4e2f-b0a9-4788acb609a2} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 4276 1f429862b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.5.152470662\1658010346" -childID 4 -isForBrowser -prefsHandle 4484 -prefMapHandle 4488 -prefsLen 25988 -prefMapSize 233414 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a93c6117-9f1e-423c-9625-2af8366dd766} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 4568 1f43b288058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.6.1815172588\1676473506" -childID 5 -isForBrowser -prefsHandle 4920 -prefMapHandle 4904 -prefsLen 26047 -prefMapSize 233414 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ce3cc0ae-af1e-4a07-af0a-7713f211fa1e} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 4976 1f43c0ece58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4396 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5376 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x520 0x4d4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6832 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6820 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.9.1572783054\348830611" -childID 8 -isForBrowser -prefsHandle 5888 -prefMapHandle 5892 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {92c6e4c4-5078-4a4d-ba09-21d1a329ba74} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 5880 1f437307558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.8.448696886\1579973826" -childID 7 -isForBrowser -prefsHandle 3776 -prefMapHandle 2920 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bc9d366b-f28b-44fa-9443-ae38b5b5fe6e} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 3804 1f429871358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.7.1719813695\2040084935" -childID 6 -isForBrowser -prefsHandle 2828 -prefMapHandle 4196 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d335b0bf-c605-40a5-8b87-14e6ca6ab348} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 5728 1f429862e58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3932 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4368 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.10.1185477314\644084380" -parentBuildID 20221007134813 -prefsHandle 5972 -prefMapHandle 6108 -prefsLen 26222 -prefMapSize 233414 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8393fb04-b5ec-42ee-b081-d67f3283ca40} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 5888 1f43ba7e558 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.11.2045534679\2075148003" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6204 -prefMapHandle 6200 -prefsLen 26222 -prefMapSize 233414 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9179765b-ca68-4e3e-a539-4ab2eb514e60} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 6216 1f43c3c2158 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3116.12.1739160620\749774924" -childID 9 -isForBrowser -prefsHandle 6504 -prefMapHandle 6500 -prefsLen 26222 -prefMapSize 233414 -jsInitHandle 1140 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9a3682eb-5f5e-4c54-8ebf-f27e03e6736a} 3116 "\\.\pipe\gecko-crash-server-pipe.3116" 6512 1f43caf7858 tab

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1820,13544813977395741737,11501104091681583583,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5648 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 --field-trial-handle=2212,i,17028746780165004003,6890822403274156322,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 194.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.linkedin.com udp
GB 216.58.204.78:443 www.youtube.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 216.58.204.78:443 www.youtube.com udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 71.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 216.58.204.78:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.204.78:443 www.youtube.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.169.54:443 i.ytimg.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 54.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
GB 216.58.204.78:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
GB 216.58.204.78:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 52.24.144.241:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 241.144.24.52.in-addr.arpa udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.179.234:443 content-autofill.googleapis.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 172.217.169.54:443 i.ytimg.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.23:443 static.xx.fbcdn.net tcp
GB 163.70.147.35:443 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 142.250.200.14:443 play.google.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 i.ytimg.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
GB 172.217.169.54:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 static.licdn.com udp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 88.221.135.104:443 static.licdn.com tcp
GB 163.70.147.23:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 104.135.221.88.in-addr.arpa udp
N/A 127.0.0.1:60324 tcp
GB 142.250.179.234:443 content-autofill.googleapis.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 ponf.linkedin.com udp
US 144.2.9.1:443 ponf.linkedin.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
N/A 127.0.0.1:54627 tcp
US 8.8.8.8:53 1.9.2.144.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr6-1.xx.fbcdn.net udp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net udp
GB 142.250.178.4:443 www.google.com tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
GB 163.70.147.23:443 scontent-lhr6-1.xx.fbcdn.net tcp
US 8.8.8.8:53 platform.linkedin.com udp
GB 88.221.135.104:443 platform.linkedin.com tcp
US 8.8.8.8:53 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
GB 142.250.144.127:19302 stun.l.google.com udp
US 8.8.8.8:53 127.144.250.142.in-addr.arpa udp
US 8.8.8.8:53 scontent-lhr8-2.xx.fbcdn.net udp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net udp
US 8.8.8.8:53 11.214.240.157.in-addr.arpa udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 rr2---sn-q4fzen7l.googlevideo.com udp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
GB 142.250.178.4:443 www.google.com udp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 8.8.8.8:53 7.140.194.173.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com tcp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
US 173.194.140.7:443 rr2---sn-q4fzen7l.googlevideo.com tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 217.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 209.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1---sn-4g5e6nzl.gvt1.com tcp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 r1.sn-4g5e6nzl.gvt1.com udp
DE 74.125.11.102:443 r1.sn-4g5e6nzl.gvt1.com udp
US 8.8.8.8:53 102.11.125.74.in-addr.arpa udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
DE 172.217.16.131:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 131.16.217.172.in-addr.arpa udp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
GB 142.250.187.238:443 youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.204.78:443 www.youtube.com udp
DE 172.217.16.131:443 beacons.gcp.gvt2.com udp
GB 216.58.204.78:443 www.youtube.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 12f5ea17522d20f57cfc7ed287507d1c
SHA1 683a34647d67a7f0db4b48c8e5ab2bd96b1ae58b
SHA256 25fe9a74a26f05364d78e4fef7962b5509f562c825da977bf6ee46a31e2392cb
SHA512 6ba3e8a3b7eb2fbd8edf13571a7a430b334dc86527eb4368ba3b8c2e7bcd24073cca99677ddffa633643046536bf7c7516076a9018f7b3c7c63a9f2a26de67c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 3e71d66ce903fcba6050e4b99b624fa7
SHA1 139d274762405b422eab698da8cc85f405922de5
SHA256 53b34e24e3fbb6a7f473192fc4dec2ae668974494f5636f0359b6ca27d7c65e3
SHA512 17e2f1400000dd6c54c8dc067b31bcb0a3111e44a9d2c5c779f484a51ada92d88f5b6e6847270faae8ff881117b7ceaaf8dfe9df427cbb8d9449ceacd0480388

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 bb2cdf82802bf69b297c9fae3fa48e85
SHA1 f26dbf7984929197238377b2b3e37f974447448d
SHA256 29998264d3f24068d6705e32cb6306f042797a0025aaebda57b3c581a49be0c7
SHA512 00535865805747cb5fe10f4f67872b52e94fd0ce51937f94a7662254027919b13df4af538557116cd4a8002afbeb295c601a79d5e64c8d2d2de9cf377eba1db7

\??\pipe\LOCAL\crashpad_1964_FAHBOXLAQERHOXJE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 16b7586b9eba5296ea04b791fc3d675e
SHA1 8890767dd7eb4d1beab829324ba8b9599051f0b0
SHA256 474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680
SHA512 58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8ba6b748a1121d0bb0a87951cd60beae
SHA1 228956ad0517b565bb93ecba0513d04b4d8bb64b
SHA256 5bc00cbe7575ab3619b262a51e9599287c53f52d5f699af7d2406bfb8ee9fbe9
SHA512 00480c1c6bb60e236027cc7d3ec21c57217cb1a1f60b977d631f73b974322b0aaa1eec98618158112063e6905a198226d673d6bb4d9e702e3c83c4748fd969d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ffccb52d61699c5461cf6bef88482379
SHA1 bd97f2258899501b470c61413d04fb3d1314bce2
SHA256 b96980a6fa3bc2687bf5053ff1b7185ea7463c0d608e2a8771ef4ad7906cd1d9
SHA512 aa88d3ed224ec86c2c73336c3670f6e5fd10f767c7cab96303afd1341712d05f1c80793aacc5a8e208e48a851fbc49a78190de489fcba4e73ab1bcba06a40b87

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c44c3099d9b6e8115380479e96bfbb89
SHA1 84f2d85230058192e2b6d1536d801e5a7dcf85c5
SHA256 2feb0db8b4f3ae04d369a2e3ce9c9dbf0ff7cb87307d7631206fa26eae6e451e
SHA512 7f15164e5449ad28d66b67cc72d02e201790388c083efe22c6665393fe14704beb1b350f2b79e22ac36472150f6c4bb7a9dcd77fc3d0604369af537655dc82eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 dc073191fba0fa09e2eff2ee3b2778c1
SHA1 7762897097b254ba2e99c94290aead8cc87d3e3e
SHA256 a114f1e055563f2071d91c0d3ca3b4941231f5118fb7f52894c4ce703a8e092f
SHA512 850485561c9cecabd3fa2c2aeb4c9d2f5b1d052d2fb1810b625e67e5cfd2892e7671c6dd18c096e3293663c7acc86ba908cde9a5b1d315e6a8834d44d365bdf9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 59d10d8fa68ff64d004d691623fe6ff0
SHA1 4b2c1aac7d803eb0cf396ae25726c0b8f729cac9
SHA256 b2c1f22e6553c8b1b5b7369291ae8bf0ec3021ca3cadb3c51a5a89b5dbbd0fda
SHA512 590ab071a374d238379e1e77e58f260a4f2cf3981fedd8643aa6f474e2e3ad4b858eff9dbfab01b3a9bb9fd2b5e8fabb01cbb2967727d8c16b0d66af6976f722

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9b960fd177c58e98048e8baf0a5b1bb7
SHA1 f0550aa2f2f3522141749cc42b385ae9ef8a0d79
SHA256 08ccf911dc1fb9ab90d8c0a31fcaaa3e7df3649fa031813a3efea9d1b8880b4c
SHA512 f82aadd97612274e7686f268ad6f4c1a13134b83cd6f9930fa5b754a0fb9fa4e6db8ae9425a04698bec6eabd9a2b53dcc843c431a07feb08c32066b036efe13b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c40d094dcaca3d9b9e52f4476bdb1d6b
SHA1 0f528cca72b95703e30b74b21031e271e1c4cf8a
SHA256 c8bf9051a0f78bb8583a82f03eb7fd5ca98bb3061c890b37a250fd8fd78317d5
SHA512 d53b01c25411b9033f8fdd74ba68bcbba54b8053c8e60c538f585d870c25d1107d9e9748e12334a7b6cdd536b29ced27ad0baef6b0847111b4eed9c3e924a0a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 265db1c9337422f9af69ef2b4e1c7205
SHA1 3e38976bb5cf035c75c9bc185f72a80e70f41c2e
SHA256 7ca5a3ccc077698ca62ac8157676814b3d8e93586364d0318987e37b4f8590bc
SHA512 3cc9b76d8d4b6edb4c41677be3483ac37785f3bbfea4489f3855433ebf84ea25fc48efee9b74cab268dc9cb7fb4789a81c94e75c7bf723721de28aef53d8b529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1a7371075b405e9c1a84a3de4899cc25
SHA1 52e95ace741f94d83219f8b5503402940b649771
SHA256 fd2a22f223be9494af4ff7f8aa3b3f4719bc568fe262ba858d31fce7229269ec
SHA512 ecd2441c457991401bce590de4d169fcde7c45a136e7bc54c9c6bfcce06562a6256f80bfac7412ae42a7b5f23b3efff73c4560323f16a254af1ad1f7a106470e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 eff417fc30f5750b0025af4e218c5f60
SHA1 24c4679f48fc7c67892bc9eeedafb12318718fea
SHA256 2acbb923345c6e1b950abcbe99bb265ac8b91a6536aa832e102d2cddd92e569a
SHA512 8ece1f141452b074ef2bff64e4d0f3b0d00e97395b4bc23e7d4c8c8a4e266bf4c77433fd2b39a101670174078872c5a9abc72f99c1a4a2a3fe4434a7479839ea

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\datareporting\glean\pending_pings\a6d97d6d-9927-4153-9489-35d6edda16d6

MD5 c4538b035ef4c8b886a9834ac834d1ba
SHA1 af806cc240c978a446499b6e813bf71a83102892
SHA256 96208636026470e5b652e7ea378fb3d6d16280a4a4c794fca98423498e360588
SHA512 3e418290ef6213a6d6a68d70d5deb8ae6f4f0b3827880c7d1081f4f14d63dce8a610b1d7d0ee2a65cf59e680f138a3acacacd6b9404d04e48a7fdf231eb1423c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\datareporting\glean\pending_pings\325dbb75-93b0-4401-aa1e-c348152a0276

MD5 dd597113dff980ad7877b2d9b5e69089
SHA1 5a8751b942817c39101a072377b42a21f5b7b6d1
SHA256 7955911ccce93b2264d2a6a6e00f930760d88f0ed1afb9a566732739d12d9990
SHA512 57f47f867ee6cc17b9064982150b95839a92f2e772cce4d0cb6e9defd23daf6088d071f3a9f651866f7cd44882e0925c639a4798d5f2b51e47e16e0f3799907d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\datareporting\glean\db\data.safe.bin

MD5 ce665a100914092424370c2a6a7c0414
SHA1 9feeba7d1528287eaa1e61aec2e61f4630345e6e
SHA256 42b6e97875d2c3439843b27f87ec5a1dbc60a2f867c23f35d26b363b0cd8da73
SHA512 5e4ec21174696fe4a9665d4931d9fd8062213aca1719dc9dbe29da6b8acb00c54522d7779e8220748add899b989fda9e77b0a5c93385830ade1ad7c33145a82c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 12073af823007ae20c7b3a14b70da94e
SHA1 6f38b90eb5ecd0ce2f3ecdbe9f18d7412e5298ce
SHA256 d00f5c773ce637e3514f0c74ef1d1ff11a371cc5be323fbef17acd3835e3c6e6
SHA512 91df4bf86a99a79e9e60f2db6a1107af73fafa273c9910adca1e804f63ee81970f5683b460e85c56fbab8230cd8d44e55c294b2cdd17f5ec61a31e900c3b9c38

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs.js

MD5 d63373427cc0783b48a95bce7c664ff6
SHA1 f6175ad33691db3ddac4db5a46deb11f41beb7b5
SHA256 866e5cb6ff5dee174a15e4a7db083c5659502b2b36412e99af1f5ee81000def1
SHA512 81799644c50de74481676f1df89a68f998f9672bdbd541ef31dc63adb0049f772abc2639548732fe549725fb638bd5d14bbb92858a0e14106e56b1084388e366

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 a5b1d3198c23af55d980b840f5483461
SHA1 79b285ebd866010228686e1db5a40f58950e74c2
SHA256 d8473b67f0983e8915076b9e76d045a198f4fd99f7714b95d763273ec0fa85bd
SHA512 24b6d298f208a6e48eaf41a61b05bcb3bd5c42d9003c7cd46423645a51d945cd647f8f88a34c52b96291e48cb9dbab5839eebbedd5d3bf74b29f478593842006

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs-1.js

MD5 82fecbce206705f2dc8ec39292fb7fdf
SHA1 48ad3e9beb79a38aa1f9fb596b905ae8126178d1
SHA256 e9b91623d39f028b27cac496c9cfd307561e7b27d596accd89eed025805f761e
SHA512 74f9dc31d5fcea49eed115c9cd6058bc12b886137dc0481a4b97effde5aac7c93704462b42e9e4103d6bb03d519df95f8cd77ecfa4c45a8511cb5729f7e9fc82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 d7aa243170256be86fe498513f8f0dd1
SHA1 e7252fd4a3ec7b2bf79fb5463c01d8bd3395aac4
SHA256 b35aa1868bebc2d90e4c837df9227d1f5cbd518b890adb2a6aea8a609a0afcdc
SHA512 6a139b404e5438b3fb2b267439fb145ccbf98bb2fe07acb0703003291817d44a4c95556543940569641ba9c04b791b17e31044908f2c14218f20e77c9750ddb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 57212193eec978d4c68e9055f7b16fa3
SHA1 4327790a0950cd69a72a6445b8908f490fc407b7
SHA256 70ed73231b6f5fcc3ed60301aa1dd519058a76a0e23affc2593b208de9cb68fa
SHA512 b27f280d92c0f3dd545f8e9cf86379de2fc112a7398ebb051c376055057dbfb1bf691d64984d8724737a291447a57bd9b4c269438902353ea08293e4ca7beb64

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\59q4zd6z.default-release\cache2\entries\A858259C15269B8488E8006F0D0609FF19960C81

MD5 ca6400d7a26384b16e443e983ed480d3
SHA1 dd181d6c24a6ff372ccc006e4a62bd9944ba411b
SHA256 b87c2860d98c2b33844fd3dec7c9efdb861fff508878082f21616c8a27c53f00
SHA512 28b81159c1b4c3b8dfff500d2bdd1d1dc5a1bb427b7cdb2673e3b06adaa1b4290c25f51542da9b9411be146a84c7b82b33a6432fa83d8ea59ce78e45bdd3919e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 2b9776807df1c30ef66c45ef60237487
SHA1 17e925fab39688d0d907687da86f566e283ee63b
SHA256 58a7c2031d7dbf5bda9614b64123996aa3bfcb5a783f901145baf087066c04a8
SHA512 e67162fb491ca513627e9fcb69a5db19a15129856ea3d01c2f0b5add061811bc5a0d4b6d8e53e4d7fe155b3bdf4a786cff697df5165368616589b411f8fafcf7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 92e01128e7b3e58bfac85e16535af379
SHA1 c8dfb6eccbdd23a69246bb01797daf1dfcfd4bc3
SHA256 3ec7adc222f49d20785e1c189dd2520b5a27a01afd65958740b11b3d4f9280de
SHA512 07447da4da5f811cd3b2cc38e26ca0b10a0bec0085f858a9271453133837171560f58a26985fd3673d2d192216afdde7bc64beb23c7ecd897613bc6dc3c11708

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 080ad45dad86907b30bbd39f700bc871
SHA1 7193d1ff6d4218c33c788b1947436cf8b2f67299
SHA256 258509c5ac72fcafc25ef936956de906e9429181b32a0ee2ec795ad27396dadb
SHA512 491397bbd3ebf75c9748c899a570d8e2996827f6e7310e046bd2ec0493e911fd4628c4ccda474ad5c0874e0011d3bd6762472385c26db81f3190e384c1286d1a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f9c393a6ae5bc63fe78e4481ff8c22a3
SHA1 4de7c098bc226f3e63d61832aed357c05ad2aabf
SHA256 a2d6d0ae5888dedea0e1f3ad07ea62fea2bb9199559b4b09edf94ce66e5a9ca9
SHA512 05702f39b98ad94117cf30c07a1c959667cb29b61bfc25f9487f6d3977915dfc71fc935007f54d57c71f98af3af16c4a5d908d5ab4bad0aa964fa0a508f1f7f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 d5d50f5d5392c3dfb9720e4fa247a98b
SHA1 1ea95bf8b266ae7e75dc7855c1d7458bb8408668
SHA256 e0a386bd2a99507035a24f4053f907e83033f570df8d5e1b4d44dece06ee5cb6
SHA512 aff0a9ddc4a6c2054fcc33c5624f1bc7e70ce6b1a090edc6f1378245851ac235e0c615020891451e93917b04d53cbdb286d29e833748aaf40c5a323c3d0d4881

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 b3b3a2a25257cac2926de3c7ca377d77
SHA1 722c60c46ae895110fb1c8beb92cb2add490758e
SHA256 377c00695a5d2fc56c554f6823521be5d44a0e969c0d5ae2fc854fff7b831654
SHA512 43cfadedf3e2e13fdd0cb608263abb38d0809d0d1548755ab97047b75ae70921e5c47a9ba8618c9282350ddb201c94850e88516ad41bbb56c190fb30d0520eb7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 cefdf1fb62f07b1e61528f7a568d3c3e
SHA1 df6642e18d248f166c1585da97a1b73c6ecbf8de
SHA256 53417559b15f2bb6aec05b745069e30cbdabcf3cdc784b641add6b1f1b5a57aa
SHA512 66c7ff2399a725bd9d3084d0dbee998b85e9d09f16c9fade7bcf8462e7701d849cd61b9574a2b65c0d54a32d4701b407394182870c5a7f58ab5b4332b67cac08

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 1b1b142e24215f033793d1311e24f6e6
SHA1 74e23cffbf03f3f0c430e6f4481e740c55a48587
SHA256 3dca3ec65d1f4109c6b66a1a47b2477afaf8d15306a523f297283da0eccbe8b1
SHA512 a569385710e3a0dc0d6366476c457927a847a2b2298c839e423c485f7dcce2468a58d20133f6dc81913056fb579957e67f63cf1e20b910d61816210447cd1f1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe577b6a.TMP

MD5 b191c9827dd2705bca9f94cb7786832c
SHA1 900198457a074925b05dd9f6eabe3b42ec7a11db
SHA256 d9c0027576a2e010de6f006e7d012db3daa37123c551cadcc23ef4c20628b5ce
SHA512 dba945d06292c52abc4b4f65e76082b3ea9c309f85e18b98b83f712ad4ac3d44e6deb60f8624ca13e650f66e061c1edc9350ba39f57019a85e21c122e68c8e7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 069931310209112f170c551a8d916491
SHA1 7541c0385dae7419e8639cf8494e7c31de8974f9
SHA256 73c119a2cdda72fa5b44254dab40bec80fce5ea54ab817976f0e4fd813b12a2d
SHA512 baad60a34de9d9b36345c38858214854e0e649f045dd6be34a012f3e65114c4ff1f927d024f264f410a32ebfd8afbbe44b5e6099fadfa8b2c74667dd608df233

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 dc3b8c50e8c0eb3efdb4f61a11b07f95
SHA1 d0ff754f54871d9d06fda35d7ed84a396473cbe2
SHA256 fa158e2b238e5515c36f41e294701218c9b1c9908aba7382469b4a82820c9b35
SHA512 50c7bf882fe3e7e42078ca3c2b720ce87d450fcd4263f984e47a126d914cdb314ee6f1920ca22e196e9487df4d8a863a66c4590565b9d7f8ff7aba25e40c1b2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 4730ebe07467dbea64b3d265482ffef5
SHA1 490c311fe24e24d8e59189ea938ece3ea5e95281
SHA256 cf70aabd029d13dbd93f32e012e99d64bc97b9b116f56e44f2b62eefb5baca77
SHA512 3fd8ff9f8ac0e14b60a2a137e3b67bb179f643790f1ca31b557956057061f902af38644bfeb9048381722fe2647177b3dcb6663fce7521e854de33844aeaca60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b8ed9b2228a9ec2d2fe34cf423ade59d
SHA1 079bb24a05dee377f23607715e7e698a8b6e32ff
SHA256 c369f0e8329cf87d1e141f05e64b6ac11ad5f015bbe41d18706b8d8fa3729b23
SHA512 fe51a40efca4b45a89823785260f0bbf60d3fae49d1f6153589807454ecb80653732b8fbfd4cfa6d7ca4e9c29c46135a5d3053c40b414d954085e334208ce920

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 e7509c0974f418f9abc9cfbe6680c85e
SHA1 1b05ca39e4e5007eb16292ac9153dd09e6e8b491
SHA256 5dfeecb28f2faf93c24e4755b3bdd2d1d32bac448f7ec94ea3eab9e934a425f4
SHA512 f16b7a2ef1e574328a918c42a6291ba3bb8fb146104de2f10471228d122ca27cec21e06fe3ed74192f6b72f01895c6c527f2706a9aa6c582b8d270f4a58d7d42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9078da56d91986a328874bfa7938dbcd
SHA1 e2feaeb584be83a268f255e8f7da6f7e40302f91
SHA256 fb61d92b150616d2a81806b59d7a65bbd49b456d56be2eb8d4bc957a5df44bd4
SHA512 0a5720ef633e32200480209112b3d9b461155fc2e2a9a1ecef745157b2594b48ec69529719379d201f5227f389fa6b7ff34ae6897c4eb076c4a289fc6004d26f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 e0b09f1582f65ff1189128b212390f8e
SHA1 15ae324402650c441b28d6325a8e51efed120c2d
SHA256 27a997bbd058a63981f18ee6927b80c20a0eaab7fe08eb0a3a4f27c5f3478548
SHA512 c5b8e4022451f3c1fd19c68a5fa0de31d007f99f249c7a6b735a261b670b2669200f08771dd21b023a7de460bda47fe3b5ca94fb235be66bf28ee87621000f75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 4793273b2e80fdd1f3aaf7f7ed2b5c83
SHA1 b3df14bc039eacc2e822b34fb8c1ce1b9d716c42
SHA256 4d1ef3d88ff4e2cb17e8152b0bbd89ce468a6c62459ae0e2a1ece7a8a3fa2e1a
SHA512 53cd50b0dace350dcae8df6d774f2e153b96bf50ec457f598f833e153807504ce44c83deacfae4a6f98e21ef1e0f4be8ee8d46fd41f73e71178308b3febd16a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 00e4719e921c916759eaaeb965fb9b6e
SHA1 f0e7c979c0a1e85ac78d9dd231502fb425b18cd0
SHA256 5026526565cff03c7fac8772152e339d2161d8b473c2be9f2bd85937a47aa6d8
SHA512 b67fdeaad9acbe718c8713b6c4ce3dc7c4d76726f94febc6539d245e47b8893c744c338d6c2b18c5cad99e9d0141d1ce514e53d67dbc8d1d825e5eb08c5a5781

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 769287d0597f2baa517207a337bf038f
SHA1 3db7e68e2009f19907d2287caebf99eec0b8287b
SHA256 5e930a1c171d4599bb6daaf71ac52b2b50eb0f15e1ac08c0ba651fb27dd06b0d
SHA512 f504f98bc5550d19e1fb186fe35c0c9d67411259ea37e87404d503af6c04b3a6724959499f2be17ef753fed53bf892f0c27f6dc11ded18a7d22eb6e3c28d7d3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 468f56c49e928f7324bb12c425b1028f
SHA1 e62a69dce5978ebc31f113e66c8a298cd812192e
SHA256 281f7992219e8282dcc55a27a46c7b7391381f3b17e23bfd859804051ba46228
SHA512 ae9a65b88d3c9868245d161547f4759b58c16935a50c3e0b4c17d966b302ef7253c66539b14c6897f2eaf53da75848ded6c7c4086cb48f2a2d6b9eddab45209b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 410be8753da88391ce362a9b37bc898c
SHA1 76c76cdea232c0b3079d0b560c07b5f142462ad3
SHA256 05a653856ce1138a3e34cd3acc08322d24fbfcbb2521bb17df1bea11e2f87ea3
SHA512 85d3561a26abb140c7660258a6863b0610ec1a82448913e9f8526e61d3ba81ed44f6e2acec41575d09d1452cb48403781beebacf39d1b2d6692d2eb7a3f7437e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 01bd3600a7d8d85ec2c77dad7213827d
SHA1 ef0a110ee5b3de3328f08cbdb2da2ff0b76562cf
SHA256 ba53c3b7724dbc5dace0169208112cfa86e0dc005755042a76565cd51e92064c
SHA512 b798d116c7815e4728bfc91c1de7e5bfee3b67290a0bd69885a2b80a81245151694483d4721d0800a58b0ac9558af105c6ef6a9649ac1035ffc58d2a5c0c6f53

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 426d8e217829ed1343ae4a592b79f6c5
SHA1 e444f83ed8524ce6862cb85e6a587215a2a8415e
SHA256 0ad7610390db0e850386726817f3755424106fa3eeb3a4a9addf7b0ae101d98e
SHA512 d9b5820223b2386a3deb57d46d7087591a39d14c8c179bc7f402c65b2f54254e006d4184172412823efa0ebd20e64a81515aefff39d65db307698cbbab8b2d93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 4c9ce58c6e78077a982c856e804b2a69
SHA1 0b6276138d8b46da13fb4ce1bef9be08ba53ead0
SHA256 eb7bfaa6aa6eac961b616e59d00a6861de8984c791f2de6ffbc75940fef8261a
SHA512 ddd14ceaefda93679e821f12b89d32338bf3627a7335bc8a52abeb69861c3bc2959a2167db861506a3dffe0a94d9c152635d45e6dd4ac5838bd1eb2baa213967

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 843bfbebfbe8c71b3d7be3c192139568
SHA1 372b6f66dd112bb685a037d25938399e3fbe9c20
SHA256 7d52135f0fa1930631e1be9bc8637c7cf9222f61b7fc140392806662c8556b9f
SHA512 7ced3005fcf7c3ddb6efa85572f97dba530a523962eee7e6d8ad3d2ebe38c50ad8d1b612e37686a0ff77cde3d932e40c6e6370b984d7cf0d47732d6fa885b5af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 f86c4e5144b32acfdd0bde90b797fd6d
SHA1 7bd9d7e278ec81f55b17dc263e9fdc19507b4752
SHA256 e01941109edaab29b03c3596f49984a1ccfa53cae34b22153fa608f7fca88b10
SHA512 04018c0ede3de630e2e14bc0d780612cd4820ea7e36f54a9a5fcb12bdc983e615711c37b1bdce58c4d918d2717ca36fda4a5cb5dbb60f9cbc967d0348a4ddd8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 51d54dcb62e6e9487528d9c7610d14be
SHA1 d0ad303b6414a2228e3bb2a8048168eb74f419b0
SHA256 6753b05c9d870f53966bc582c824934d087f74cfd73318581d056547e0dce8d8
SHA512 1883d4d7135107d89bd414fd8a0a796d88748e5a1936cda1216570867c43d026ed84005eae1577dd37713deb240d77bda160e89012ba49dea7c772139eacb71a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 593ab71e2c05de4ec509aa02809cc3c7
SHA1 597738aa1145bffc1d586e3827063ecc09ca7946
SHA256 78c0701b881992b9242d8171892dae896087dd789627c3f21460c151c59f631b
SHA512 3618957e49525461af1a3fbd2d5f855b7743dbf4e5f632d7ee6d61abf58975e5583eb02bcf0b6d9d2263b7e3c0ec43945346bd9a6417e028be4ec53b2ba81368

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 d7abe4c5197cac40a4bfe5c9910595cb
SHA1 7d60055c5f57c570ff1fca995f16eebad77ee0ce
SHA256 542b2a954c80da314e377b10bb1b8e23068ba6502da694879211793068443a47
SHA512 2bebcfc7a551e59869f087c509ca9157add3a085d1ebe74654460837c5d72ce84b2da0276d2a961c69d6cf9620575353156125f03e6fbd274ed7c50fae477515

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 1bf4a498496024847ae131bd1360b6d3
SHA1 b150821ac58eb006e1bdc4b67e7f1a78629ed8a0
SHA256 9e846f1b2e3f534358636961e12310b66b1a208525ebad25dad0a92396a94ebd
SHA512 2056e87073e85cf43caaccefa817731d6650076ddbec66b945a8c78749b2013fa3d12e43025bd9c276ba2e866e5aac0eba6d40e4b2e535493b56990fd6bd2765

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 1ccfec0095eafbfadaed6121bba85a50
SHA1 42138a9ad0f9100933ae9771a0570b388886130f
SHA256 233c7744c658121611b9a44ee51a360c515567f912caa14a0c23d330ca1156d4
SHA512 e707689cf462b6f89cb6d91acdf69ad1de4e15698688cc2697affb9a2ba1b1f45d12835d9fd76203f4d17265b10b4e3ee490e9f86514ce648978115a035afc27

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 dfecc5e80ae228a871ccf009d02f6e40
SHA1 907d3f59404f259f0ca1cb9f0d5709ceccd4afad
SHA256 10b8cdb405ebc93954fd528e5d1aa8e6fd5acc27ece1374e58caaa065a78a327
SHA512 a21257778c779774480a943a056ce3d445fad40dc1c6a248612a275e5e2d06a6466bdc46beec8cdf68c8b9d3bfcdf1ba1c61aba3b072e5fca418d0697256b2d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 a4decd55932478547b2315abdd2c5450
SHA1 17b19a24eda0f1d5bafceceb1f008a106c2aaf45
SHA256 c805c0468318e86a77e90e65ced9dd15e84c006b2a74d7385ec4c79a885ec245
SHA512 e8a7f96b66a991dc08eb679b1043dbb16dfbcdf806e7756d64b6c0c8907b42745838d2713fb64d2bd5ef6c0283262ea28524f84edecf991241b0b9d6035f0c6f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 82a015977f4030104fec5eb5bff78232
SHA1 683265ffdf266a157ae57dc4ca6757678ac47cbd
SHA256 bb5a759f2307443699ef4604a0d18de4ab517cd71b99640d787b7545dabc49ae
SHA512 717e787d8db6f9491d94acfb9e15c986b6e8bc2190253c89424635cf9d64f717080329a2e81f49ff89337b89b96d9e21a4709d3f248aae1605f3cc159eda7d03

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 40565ae77bdd56c5065c3040f299cbd3
SHA1 326505677956a0caa2d8c422b300e510a0c44099
SHA256 a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7
SHA512 630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 8894eb779b63dc4163f702f271973896
SHA1 747a1932a57c3866dcc3bdf4db6f528b1895a82e
SHA256 ced416a11230cae73d5102ac459f6564cace28cb0f7c529fe33ce65e2ca76cc6
SHA512 2ac9c419e60913e46d6ca75ebdae4cf3f6756a9a7034be00b6382fc0a296fd0d21a88ab99c04821525e4ed2dd24088cd87e1b65e3dfba937001a688ad8f02dde

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 3669e98b2ae9734d101d572190d0c90d
SHA1 5e36898bebc6b11d8e985173fd8b401dc1820852
SHA256 7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a
SHA512 0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 c1164ab65ff7e42adb16975e59216b06
SHA1 ac7204effb50d0b350b1e362778460515f113ecc
SHA256 d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb
SHA512 1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 b63bcace3731e74f6c45002db72b2683
SHA1 99898168473775a18170adad4d313082da090976
SHA256 ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085
SHA512 d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 9978db669e49523b7adb3af80d561b1b
SHA1 7eb15d01e2afd057188741fad9ea1719bccc01ea
SHA256 4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c
SHA512 04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6ff4fb4e68b63102b341bdd36247fa2c
SHA1 ea6366e0594a7dc9feef1374e33fdbbabf026679
SHA256 6ddcdd1611dcaedc593e1dac3cb39b7f864f7df48fd0bbce2bb114cf61d08305
SHA512 25c20f4d9df8d1c2c218e742126ea7d9dca4555dbdc923a0889c4250287f9c2cef0e4348fc111dd02c7b56f0b40f9fcd9e052b7879407a793cc429872ade9c41

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a568.TMP

MD5 3b2fdbef3b7d722bb1033ca5b496b306
SHA1 f510b6938b2d16ae18bf9483ff40ee09cc985cf2
SHA256 bc92be7ca5f6a4c65b4c4ecfb855426e8b3d6d63c4f958c4cd38a9fa82610f29
SHA512 92f87c1ac0cabbb3619ab0dff0dd194aa20ebfbb4c46d03567dba554e48a6d5e06f4761541af0df4dac7e980a94318d2b517fd6b24691d59ff616bb97dfe1a07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 34d30e8b1024b6ac5511faa41e85cd24
SHA1 74a5895ffc63c72e9267120dcae8d4575fa974e9
SHA256 6726ce704400a4fc4f973b8de760663ff16566aebba6e135d722f990db8e0361
SHA512 c8a4ce4b22a7897ecc13ce108bf527a672d3e164c90db9a88ad10e80928f7368a34fb079916669556ea9e18677d7d9c69b3781130486cbb339d5b0068559b041

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c1fe2e0b4405c355e8d9e801c62fb9e2
SHA1 a491a8f876193d5ff5c49299f246fe569bfb7430
SHA256 abc47a007c734517cbc6e298946cb596ce694d141f6a86773a6cad9f1e0c2b59
SHA512 3359dcd604282aab57eefdff2c6138fc81d838f2e3dc512deab0584b88caff9e23d11f398cbc40d12d6c65dd81710dd767fb4a0ebed45289e729f2d55b36a331

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 47878b8431204900163a067bb8fa2ae4
SHA1 0932059017ee54073d6452383b8a77c68c6cb7e4
SHA256 89f9ed45dc732e3d9d597357460407973bda16bc0db3b67963141327c2001f49
SHA512 723db431581a53fd82c1c6e776368a40cf84330120f0ebd998689fa29623cf8863bd7f57a77540bbcd4a65896b7ffbb5c848fa58fd141e333846a5b7f62ae63a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e7222a7a8a5dec750491d6934df54d0f
SHA1 618fb6c04606ced356a6d15458bd75b1cb5885ea
SHA256 78c68da85c38d1b8d3f58180cb783771b130b20da455d3aff7348031fd951ce5
SHA512 b8f93b2e4120d094743cbbc1a4784630c30107707a7b5f684582da26ddc1aad3af8871e68340a896fa3adcd74eb832483b50def38d6bc85d050f54add14e918d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 397831e22a5b43b1f0e18068a9e99bac
SHA1 be04fcc92140df54751507e360ebf467cadbbde0
SHA256 8ad9652cec21cd78681e613a7615f3267ee447df2c458f95ebc2bad6a83779c3
SHA512 4174f7f6a09df8c42705f4557d51363b962de56aa8cdbc95121ddca9d62ca9628107a222990e4208e90f47858d26a24ede9d5cf60382bf820696b4e5762f1142

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\0914bb09-970b-4f55-94c6-06da5428bfb5\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3aa5c6c743c182066066d3f19d88e7c3
SHA1 6862a9b7c4ace2d5f31e7252b8c36fbc2429c3b4
SHA256 8a72435378370df52d4dcc64cef7e86432024fd668df16c4ae3091f58ce119e7
SHA512 8daaa898377a3d4bf02e24c5a07f402c9f8ccd91749461b6f5623419001f37cef67d5de4888932b48a85dfcaae3dfe83b5e30bf7b35504e8161c0120c262174f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 20ff403484e067931256449cbd2dd7d2
SHA1 b511da0e1d023d0277ad54698a52ea329d6719d0
SHA256 d7a615d20864d16ea10105053159ce0adbe2f102d8988e9c68c2c71c51be7adf
SHA512 b853d5a55dd5b02dd72c496c667dc7c517a316f16027fae454cc222e8815d60c311534601763d394774aa1ddf01918137af60c48e8a5e5094bd9dd09f8682e67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe57b8ff.TMP

MD5 9192b372430cfaa5e56667e27e8f3c36
SHA1 4da2a8040409b65a5242861d0c96546164a777fa
SHA256 44a60ce29bf4463360840db281e23c1848c114dc04b8b86939fc5e109d18abd8
SHA512 2b1e9f0b28bd0791e69f727871f3623164b45c696372debd8f5e008c9b1cda863b6a055d96c084c7e04dbd415e2b65cd6d5931da6f13b54bad0a95d9c8f3ace9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\250\{e37af444-953d-46e2-84e2-fa5627664efa}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\idb\1491580413yCt7-%iCt7-%r4e5s8p0o.sqlite

MD5 721acdfe961b6c4b8587d219515e0795
SHA1 d77536d0ce5cbcd9b1b2a513d027fe9ab7453646
SHA256 cc0759276e5176a998412daf4a3b56a4d97532e6834a3b23b02ddf0774a6c330
SHA512 a8f2acf0120fcfd66c2958d3c14dfa53f04fac1ce10cf954dcecf409f356fe6be0d0870746ece8ee68af9dd539ef60e65d0be7330a632507099a5c1097a681ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 81ac05c6d01d84d913a56c11909cdc7d
SHA1 55f6bd5429c5a35ed53caae2cd50d856edcb7883
SHA256 b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5
SHA512 0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c8b354113b02dae8a27975b926d0943e
SHA1 bc8f0be9c2a3febe76e263369ff21b34c7ee3bf9
SHA256 8e4db3401b25cbfbd9e15e157cb0b516eb5f84d26574b84b9082c8cfa70550be
SHA512 4fc1b3bc674599b1a968e3746f8bf32732a807c1ae7f485108db48abe7455eb98353aba82c857cfa31979e8db2823ceaa9bbc988ba17be706289418f9621db87

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 accd6e081d1bfebc1f6acc22b6853ae1
SHA1 535b71946730f84a87cc65fd1ddccfc50db8c950
SHA256 fcd30e1a7dc4a50f7e6080873e9e8db310f40688c989eefeed4b3981a9bdd774
SHA512 a1fc13b162d976f52e45e254572125455c490f2ad711f4d798f47deb8ad02db7abf60faa2a6fd40f688008cc0c4440a401bc617b570fece90e874861d596189e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d641558ae41ea885886e5882990ea445
SHA1 8b2d2245e0d5e87bc9c090a2ebeec4a98f08ed84
SHA256 d37213106471c4fcfb7fe5bb260b236908f273962ea22ef936283b4e84859cde
SHA512 61f62fd118f86424289ccf92895df91b620f358bbaaedef2282b62699153a8bb5e5a0851f2570e57213f13ae9ced09b745d196d510faad7d14009a0964b874b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57d188.TMP

MD5 46228f469d90e88426077a205f6468a8
SHA1 d0869d3d7489168ce2760f52ca9f8c80fdd68a23
SHA256 7f198d40b52771cfba36b501afd46138aafa3e2458db87a752777d0b39a237ce
SHA512 1637de2d5c5414faed6e6cb1d8f256affce33c7c84ece589fa5a1396c85726dd018c4f7a851974c7410c4213f35abed3f9977efbb08cc740e4462c503ac75448

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 709f7544bd3e74c424113e6853948595
SHA1 a8c1d9e6c8493091727f0e303e45ab92b773343a
SHA256 0f2a35c8b824d54b483d0b2ea10964bb7af8eb6b1c86d40efbac4c55e1123a2f
SHA512 c2ed4cbb5e48d04eeb63c94d7d88acec5af101c2da003a34379023d8454d810ae357d0b4265da7027af38889fe307ca597f815111295ed62520f39aabeb2020a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 7378f426d93d2f806b536db7d5d1ef37
SHA1 3b7a025816a583f4d77e2d446666cec3d280143e
SHA256 d40eeb6f1bcee392df7288d7ebb484b3e8fc769fa52d13a41804d59573799087
SHA512 44fbb6d3b806dc28ad340c33163649a12fbae9bd70823ad39da45a36e3325efaea3e4d060702d0aa08f417592b7a512b967610e361b08101e7f981bb9cedea5d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs-1.js

MD5 3e35dfb41d70e2aab96262ef41ded60a
SHA1 3bf710a284bbb833313278c93198b501d9a8a561
SHA256 9659068092f67b26100681f1b35e70f5b73a50af1ac58fcc6ac390b6bc8c27b9
SHA512 a254a15853b04cedb9bd4c19f5be00099a26fc9ab9f5b87ef57e7c41de1024affd77ed3103e7e871a47413edcfd2195d1c56dd25a8fcd81b0fb84cfc8aeea50c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b0d0a0f69e60d684818c9af746d756d6
SHA1 06ca0a435c1adedca4944009db1e735c2b5a3230
SHA256 3d0943cc02d8500c7832eb73d7ae60f2a56dd1123a854b3b1556dbcef9794c6f
SHA512 a713123bf7e1adcdf7d02e41fbbb67e93b8b1fd2b3d6b8d0f4e29114c39d3baef17722b572b3e5aa9f1c7c0cccbe482eb4ddce839544542f1024611ed5a12c5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 4b967463cfff1b4c94cd9bab98b37961
SHA1 1bf66a9839bd6e740a5c4b974d0ad20fd45f7088
SHA256 141dc161bcd251696238787f49626e07e46606ddd10577634aff3d09f63123d8
SHA512 3bcb6c39abe3dc445a1e5bd841d427515ece6849a23d3b629b398e1daa8d1a9de09f28ca04c0791bff2bce65eba16bfcaeb5a1522e555cb2ae4427cf91d79f6c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\117\{dfb13849-7f09-443f-963a-d40c71915375}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\108\{a90bf569-2b00-46f7-a96e-0eca8275356c}.final

MD5 5b0f165bbdb71faa1bb5b26c4f022e96
SHA1 704bbe81e0d8370e675246e1cbb347bf8599aa45
SHA256 b95a445bd9d295276e8423f1ad3fc50c740512a634f2115364217544bc87d44f
SHA512 6c521b2c55135ec98f79193bf9c62b73cfb1801cdeed03a9871878f677aacea46cae165a4290682768ca1c1192dff2e87b63c39228164d72d2c7abbe732f8d20

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\223\{dc7ffd7b-031f-4095-9186-f508e18c74df}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e0d2f452c14f4af8bf3a0d473b4711d4
SHA1 d5cc9ddf16306fb0ecb556f4f7a7ec66373ec06f
SHA256 986e2dfff26d29b0f35497b7afe618bf49a9a346fe934fec742b46bbd53f7cfe
SHA512 0542765100707480daba8946c9e4b162fb430b016b47d056f743a66dbc6cb6a903e4d74162a9594632cf9a62adcd8ea7dd3590049a554f3cf9bf0cd9cd8c7c55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 86eac13ae042c5838d20274274d5d82d
SHA1 a1edc2336435162d57edd8e9a4a2b7ce2d693fdf
SHA256 2c700f68f9355697fcfb8a1be428158cc2937d2e0d01c0afbaed92cb2cb0c125
SHA512 313452f845e01faa3b45d9b37dd7db8bd1f2596684762d9affd50c1479c73592f06160f459c1fb11e4f7f38d185208b9c86c373f1abf34349daa3314382e337f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 4c44a4c4705e1e7ff214516345726b38
SHA1 c50da19ec6fbd99ee4c4f305e9ece188e0d19233
SHA256 7202e097880e3d2f06bd216cc9277332b95ff8b7d3a676d3ce89b869eebed990
SHA512 58c1de9c2d940b1d6195d96320c3b15030439ab71b1bf6a0d9e67c88213a3d1d29602a3079fbe4ce9cde6e6879020c05c237e1a7517c942b6c26f9da681da979

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\15408918-3db6-4774-bd53-2ff493f3b47a\index-dir\the-real-index

MD5 3178896853f4d1f92c9285aedd94b440
SHA1 4f1c97495a537afa24f83673c3765e9898d93d6b
SHA256 d9ee634904aeda369a772264c5f3887ff3348a37c1808dbf4376c9cd45d129e9
SHA512 1bfc1512e21c39e832c25f20993d65343981dcf698488314c91afcc78cca28dd53084bacea44fc0aed64ed8157cc08cefc349596e64bb3421c8fe1f799ae5d4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\15408918-3db6-4774-bd53-2ff493f3b47a\index-dir\the-real-index~RFe57f1e2.TMP

MD5 f44a4b8532a741256b867080e7fe980d
SHA1 11f9f8dd82a316c889085c7e3580468791c4d062
SHA256 35734fffb8115bf6ea0d1335f762f172e24cbe13e49d29827ce6d6a472e455a0
SHA512 8dd09cffd2b29e74b4f50132fe85c25895f47709cc0bdf04892562e2f4119eb5400ff2fa932c773863a548b8f2a6dac97b1b5e842a55bf7e59b9ae355775818b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 19e0d0c5431c640bf0712373ad81ae4d
SHA1 c309d43e034be41b89df7b443038fe815923e1bb
SHA256 35ea7da65b8fce62aa543bd19bbe866f282ef3fedf8f21169bd6833be574f5a8
SHA512 7ad99711bfe6786b254324c919a53ecb8701e2f192deded9390a6613fada3845a6cd0a7b42395456cf64681acf5a2a940b18d9fabf2dfab1d32d52f3abe98cb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 8693f12f75ed3806ba7a35404b39f2dc
SHA1 898f90ad69cd6b69edff9bce3ea6eba960919b35
SHA256 fad6314718d4dee16135e3d75b95bb52c12d1ba8de856a3aa3ad0b8bc01eec3e
SHA512 c79a55187200b772623ae9ba4e12bbabfad044fd7efa369751e0d583d9da4cd55dd3bd8d06e6ec36ae596812d4f627ffbda9a348e04a6461c2f450a8f6f1516e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f470c2239e605fdf6ea80a57c52db810
SHA1 da50e38ac740141b73f7205faec74b72d39123ac
SHA256 664a77cafe3cb48b5f6c9b79b5f857b935ea45bce99ec3423e663a351aad76d6
SHA512 0c480ab71c0f083b6a7a9cbda0fa28e35cf870292fba4e7182dd04f71048be8e0b27ce3f561a5472eaeab5a041cd10e86f894c33633182e1935baba60d1a8b84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 ac1cb4960a6c93bac9540e29b0eb273b
SHA1 dc515981ddff9b56a3bce9daa9f7eaa1ba589444
SHA256 fbbfdeadbe11a9bc854fdfaf1efe4f77671f889ad3abea19c35711248198fe8e
SHA512 b24083387313e2c316b1f9ca0f194c08e1a96fa20cc01daa8ff00c26791b3d0865f80a8d53cfc35ee5174be6c32e1be286b4b5045035450a1fe6e435ece0ebff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe580b94.TMP

MD5 a0504530928219e5bcacdabe8e4576a2
SHA1 17af6be87254433e46b05c4e59c41096c1bcb943
SHA256 0bd4b97653a67e4d892a8f1beaee15446972805dee5965217ba1337f10c25325
SHA512 ef4e69ea6002c37175d56adddaa4d8dc66b140007fc8d257712159487ad693ba5928de6dc4adf73c040667e7030d54df97125413f33341adb1cf45e5c45b8139

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\sessionstore-backups\recovery.jsonlz4

MD5 808cbc95e3c92ffbd171bd2cfa86eafd
SHA1 fcda98d803b3a0af7bb4616b58e7a37a328b5b04
SHA256 e1f61c8bb7bc8da55466d115b4d59fe48ae39099545bf86adab0fceb8c01f479
SHA512 188c88de9d1bde00be3c23631c0db26268dc37af4cd76d8670f2c8583caa991fb1e53d8650cd2e6b119446bb8c1843274d6f51415b7cfe7ff6287aa7a74569f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 cf54d6cc3f9495fc25d43d4ed4c3a6ac
SHA1 69d80ee827d541a06ca22e30164b90062e166020
SHA256 528ac84be2759163871a9043215023b65c2cf1ad209cb61cf03072628d5b15e7
SHA512 8f18f655ae89b111e25d606bced1ce002e626be2d99bc7564f704e0fd7639677b67f1f0c560b1d6722d3e79e8364779f6b08bba874385d647c540c389fe0dc4c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\17\{455454b4-90cc-4f17-b787-876c65a67011}.final

MD5 7981f433590b9d8b8a3ddcbd9d4a83ed
SHA1 58944a6101a8cd3e37574d26f2d03638c0fe2b2b
SHA256 097ca92e3fe122231764cb6d23deca18894c83cbd4128b39e925c88c061096b1
SHA512 67e541767b07de4f4a1b88b13c5ae2f0b0df41c09b22648d8681cd7e7cb2cc7d0c15f685f8d6165317fa5956687f46731867892d3e811b78a9b6df2eb3565d4f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\storage\default\https+++www.youtube.com\cache\morgue\210\{36cf7fa0-6311-4e96-ad5f-812dc05a97d2}.final

MD5 d0d1672cc7d147f9f802ebefdb01e914
SHA1 22ed7eb147f695ec1df8ae6f43cb7787dd0ea652
SHA256 62efa98b135e5ef8779b99489ab8200b60026a5b1000ff3c997f3be230febe2f
SHA512 7f8ef8af3f57a6aab90ccda6ab1079e43630de11d14a780786a1b0f1ab057d7cfd5ab512b53ecd8ddd1bcc669fa56a0c260b2df421db64e3855dee7d63251a68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 038ba737589e4ddd734130cd71cea2df
SHA1 8c5b35ce019d07a88b010509d44ab1450e914a40
SHA256 89019da625eb8dcc29577c4fcca07e05db122dc6354d284722a0024a491e8b7d
SHA512 a99419fc7d82a5c33794d45ab50a2d60f71e8470ec5f1c2c6cb1926c1262aede1371241354d6e69e8671ea84fc161e74233d49931fab8da87a6e97a54b66024a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d0abe2b6eba957a3f111c3f11ff5aa80
SHA1 8cb7bd982a9ea0ea0a3d245ece34afe0903c58b8
SHA256 ec3ff4f1c7a431cdea9195ebf4b1cb190d9e927186f0065d225269066f245a27
SHA512 ad6b26e3daabc63cab6ba27a3e25c7345a451e44477727e0fa11b19922b9119f06470f6ce28df54e0bc65e34b3c65a3077393e68a0617e239ae7484f878bffc2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b3f84f20472011890013c4fa227614ad
SHA1 d5720b81ad4d0109960a699f41da2bdd8a3ef428
SHA256 3ecb5f4e4699727cb1552a00eda6a7335bf8f1c9991c3e490f5d1dffe7d80e07
SHA512 5481509bdccf7cfdaed0038a1b99edfdee33d0f1b5b567fe0d3a000c3bc13fcd23e04d603e8b704342bfaefb3efebfb9e3e2a3d98e24698deeb981ec985f0436

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4cfbcb98c4e669e6313ab016112f4718
SHA1 1b5e0ed184d7a62983cb1f5613a9af37a8f84b66
SHA256 2175c8b23e72d27b93e7a9154149e18f4cafa870bffe4e7819f60bfd58ace6e4
SHA512 0c086c5cb37af44bf2a310ddb8ec765016374d14234c526d69cfb836aacc9eafa9a4a93ef1d63f4185c428e9e1f60a1b448452a9a72b22d9e260a20405a4b2c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 8c698a1b4e66539b5a2e10ee754b47b6
SHA1 7245f3fde8f28b117233170fb127d8c6b1af56a3
SHA256 52f4438d4a874feb6f9d993e1d534d04aa15f208f9e63388b80be86a709b71c0
SHA512 41c5171d23eab833b04f4ceeb30b95eb5d26469ba358fcfb7f275469d3fd94bce9d7dad46472338d2ec4b36057bf7e912c7b849342ae2df24d52bcdf4dc7a93c

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\prefs-1.js

MD5 f71d80451f8c9ba17934141fe2cbe71e
SHA1 00ad1922fe6704fdd0f655bc0c03d7c40440b477
SHA256 37303f3543b6f0e0e92125ff2539caebe0cadea1cf51f535393913225f937caa
SHA512 8592de8e515fba41192cf41bdcabe7a723ad423ef7733901aa1387482adbb716bb4ceb1c8ede9050939c3245c1c9eeb31ef7003fd644ef0471a5381232ae4964

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\59q4zd6z.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 80c431e5d607d87c000e5416301a442f
SHA1 5ff0d237824927a97105a78e463b46111074d642
SHA256 a15a06828fea2e0a6835635b87baf771b16d58a2c57209ba5e469cd4243bf590
SHA512 571f41e723820e2ac2fe65a82ee7a1c449cff4aaec7812acfb0f0d8c636af05599ff82cd902d14aa09c78ee9f916bf783d16222ecce5462282af21720e11abe3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4fdbe54f76f4021b98212d36a4230ecb
SHA1 d8212b793e5040cd05732b3d5bfb7446ac8c24c9
SHA256 eeedd031ca48a76b8c8caa5bacce6a7d54f501f8643284b05869e33de930aa16
SHA512 976290c597be7e0c61b7a18183247b8a91bae28c99b192678e2f65c0341735461004fef7c9dd460084396dafaccb2a7198d1e1f093394c7390946e92a5d1bb50

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d2939875c7dc9875b0013b0162d93c30
SHA1 1c005fc8812f56cde545061e0cf5ab4660f525f0
SHA256 004907f179d19c42dddf03d5309fe0098bacba380c45ab23e4f35e66e615982f
SHA512 553136c32cc247f8a99299a5b2d1dc8c631c958b7c24889f0e2971bbbce109722397de5e4f72901f7177c0306afba1c38f21e8f20a79dadd6b36b847afa5b0ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 bb5e782c707f5a6a17422e2d6fd2fd6f
SHA1 5a5f8dc2aaf0745d15063fda68dac41674305fc6
SHA256 cf166b93a85c72397419b339c024586033ac555fca1d461d5b5dbec33f38569b
SHA512 c746ed780e74b0a19bc573d1fd8a4cb2aee478c5c210f0b744b53782f21f009989e94331776f72b7ee1db193b0d4cb296603cf9af48eae21462d9af6a77991b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7d706ee00ef7ed00ec0979006202ed6c
SHA1 b3f1624e3e89d94f1e293490b577f390d0180e47
SHA256 84c5c743116e1f507cf31240f5ab611f204dcb4c62131f4f643cb27f48453e18
SHA512 b0dacbb66724e666dd00e6cc3805f81d5d61fd7e7d98da5fda04d0c7cc0e79e4a6d19444c72c8c39be9be07b74bd6ad2c1ae20b589e385fe0462e8102ea8a48b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 73d5dcf2f721bc94746c466eb5861a94
SHA1 1563af6c89336529c4a2b522ef4eede53e3cdef2
SHA256 fd7eb445db09d1b08f204a8dd3c372c89c64eaceca7ea85c2a6775a1c585fba9
SHA512 c7e4bb90866c41a25670412e627e3fa06ca91cee5d28b98f8a945bc3c61d4d8e0249f735b6bdc3b8a99502701291416babd4711146fea0ad5c127816ef59df1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7b49e642494f8f0c5817e144987e37ad
SHA1 26a35149f78a1d4acf71b5d0b201db3d60fbf39b
SHA256 e3be9adc8821cd4a619ea539b2be6e97ec4cc510fd1ef0a90ec984ac9380047f
SHA512 c8f27b045ae5ad5bd7dfc8ffd478489674be820b4390e8d0861a2d43f022f9e5b5703b8be1b859f8616afefa59241ed045c09caaf89772f2165260b66ce2387f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 23656daa2a61a9646c90c4640311190b
SHA1 cea49c84596a845433f954e1933a8145bcec7066
SHA256 08f20a5a30b9693ae144228270f324f8c6023daf5e4a3c8a01e7230e3e1c781e
SHA512 7bca0e0bab2bfd9b6b780c71f2d156db34b5dc4bd488bc99be8db8d24825307f256f929b3a1705d7a8f13b39a064f68a1e28d7bb09d6c15060cc49144e4e7bcf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 c9102d283eb2fa7d1b1ade37e9ea97e5
SHA1 f1ea43fca8c4d7c35d014e9ee40983ff256a3332
SHA256 d43a344b4c0cdb160f887c8f208ec8741c200c9fec5c37e12e30e149ca2cfa16
SHA512 09b26178be6bcbd6a310dc6babc34109702496b3e652cafd7f73bc694681edb3335d8c43a21a12339caef53068df772a0d50f92f4ffadfdc6819d53031227e36

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 9f8d570d84076bf511fca9d45fe49738
SHA1 cccf99c787ae52afac268fd1333b9253402a82de
SHA256 80e6c2c4c01d95d128fce76644287b5b5b7025e68fe8851c82db33b2f5161953
SHA512 5ec9a869fc43c9832f419f284ff787c3c986587f8177e42a999d7b65b7ecac363ec6a2f09840ae52564d4837f1aa479d6bc8833ec1994bb709fe5da6623475ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 1c616980122941f7e12b8d5bf93392ea
SHA1 1a394784813d646241e8cfdf32fc0b54c3d2cd7d
SHA256 a7d92cd215675a476f582e10f63c78433cfed038cc4d891c36b71d64bbb41773
SHA512 942711bad11af4289c94f47bec858909d6695d81096b19e4cae51780e73bdb78127c874a986fa9d80ccd286f63a0d31d202cdf2d6e757630c5838b1bbe0d8fec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5891055b725b0442bda16646659175fe
SHA1 a2e44c4da73d4ea36103d343103db167d19a1a5e
SHA256 ac7064959173b76c74f89a3158017443f752e642c6bce82f18301b94bbecd80f
SHA512 fdcfd8b3d7d7727eab24c4a0ac4b00884ec12948630882707155012b5d5b385d88648e2239223d841379df238a8d1e9c2c33afd4694f47c4461b590aa787c456

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 5d55ae7e60d564695f78bfc2b1117c2f
SHA1 7da5ac1ee3665eda66d80b51d22a8b726f50fb69
SHA256 7a8ba7f2f7270ae5f73ff6a27b492efc4e6b287479c157bb9fe6bf6a3344d119
SHA512 4f7a1ca749b7a0574ff02c4733680a651fa6e163aa1d752099574c6153377e7a3960be6b5321c33a826c551c53226f338c626de9900313d83241c345f4a0509d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 9bcc82146eb6c40438280669b2a2bd1e
SHA1 3cdf9db4b3a3b28d1e33dd9f877c7adade3f2c63
SHA256 b0e32cb7209851ce09859b54d3f135c155118567580514c3c0b5ce1bd44e9429
SHA512 470dfa8497ce87c56c412350488a778e8fcfb5c05829fa9a092d79669190df22f912141cec0b96c3b7cb61c420b6b20b3a3a87f05ce959a37ebaf55dd94cc9fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 9a7aeb9c4bf49c0962d0ffea1f53e9cf
SHA1 61786aa19fc4cda259cd9fcc823597da8f3212a6
SHA256 a7cc2305f74561ff790e76a6b6b5e19b8e394ad6bafc84df4fb28d4f83bf8910
SHA512 99f74710ac33ad794f9079291cd02fe42d6b140a5db854ec08665bc1e9721debe60dd254ed040080b2aa7873688c8f2148acd42fe649b79ee9d411a4c71330c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 daaf1639f2c77df143bacd5c09496585
SHA1 a57c6105561bbe16b66c0f5bc011d3fb01298657
SHA256 c1f3863bfd53b661eded1084d9583f6ac5a35aeedea7bc8f16e962034ef95bc6
SHA512 db8e6e70a82b02ef95a608602e93e661fda26da5d66d5cf3f0a3c00b1302ff6da375198777b6ea90f9af0008281226330a06b9a2949db96137418cfef174d96d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 213a47feb7605156d6d5fc52c2f00b2d
SHA1 63e9762b6e6cd50e21357fde595160ffe32b6b0c
SHA256 e79edd91fdfb0a7bc10509a54be37401989fc7f093670b926efd7aec5cb665e8
SHA512 2212a6c26e2e1f560934b243c236b70e64adc8e875b74f93ab5205f30c75170833fba44357e624dacc84742d9e34eb019eb1d6a3a358587ee7914892e9cd51e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 ca8044998f68aa45b417c2e27d462828
SHA1 dd6d2a5e301d5833b94700b02652a6772bf651d6
SHA256 bcdeca917ed229af6cd6aaecb2b7379cd2f5f3ab7b3830336c6fd20e38deed77
SHA512 fe0a72ca306c8ef3195238e70e9db40f783d8176874e521d6eeeb0abb23cc0fe6e37c0df430f8ad09f298535e854d37ddb19f6107b50440483575722388d6eaa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 414ab924784ad08a0de4b7f2ac7e3dba
SHA1 0bfc2b03cb024848b4bf75562cfb037759a236fa
SHA256 380973bc7e3239b0b4f1c4536f83e6e6d8fae9d68bf384a93813a2950ec49c15
SHA512 48035e42c2336eda55b552223dfc37898b1bcdf973a850d9d95a1d0f80a1b0e055c59d87d2e1955ab5c6cb4cfef5f2e7550b90fcde1165bbb9c3eb41ac56ab00

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 f3c1377679396fcc4e3f8495aacb8fa2
SHA1 a96aae4c58f7ab96b2144ec55a2af116bb424a7a
SHA256 64668ef23aef96526ed4ef1c309413b5fc215dc88d27dd656eced72621731693
SHA512 44915c54bb7b8d4ac53f94b66385f2ed50818b2fd721e2f89b9c6692f4c3531efcd99601f9f039fc4fa19f57c39e260236dd33dfc6d23c903efb666a66882fcd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 902c2ba4188f602d708a0714dfcd924d
SHA1 ec01a70cfba207b3e471934d4c512b502d230b1e
SHA256 73289747e2c190d759441c5918a4e13a9e4714b05dffa2732d3562e00b8ecf52
SHA512 b3b2b300ecdf4c2c7694e6f6a78baee40ec3c448f732aa893c2c4de686d6721173889fba1c13b752ed08d21dccf8fd8ace9bf249f0245f50b9c33ae751cc152f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 934bc79a02353efdb0a21c5ad77beeb1
SHA1 9a02dc012dd41766446055c9ede542086634b96a
SHA256 f485e2bc996441254bd29c52dac69297f24b1cdd33d25deb062467f1096cfb09
SHA512 893c0591de9127d07d6086b7c51d1fdac05f590eff5d09e4f7708aa6857ae5b06870d94e3792697a42c6d8de205955a394c6b63fc330557175fa0c6be7dd0a9c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 28c177a586f69cb1d220cc4294d7a0af
SHA1 a3c4042df357e9a25b2d292a4864eb7b8a400668
SHA256 d65308ef407f6e9d940c98b49de43db2b73fff04cec63d244ce9d275da6c65ac
SHA512 df9d5b4e1902b1875598d314eedff58d91c75a34cb79dc100da11af42d8226060a9b7542b28f3ddc38247160413deb6ab0a184de43c18ebdbc01362be1856209

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c2e5f26c4e794f930f556aa8b522c246
SHA1 5181465e5103415c2defe073d9289765e40af79e
SHA256 cbade13a79cff11f996be42227df2f3ded7c1e2cb6419bd7fdd6dfe6063a0042
SHA512 1e6c3a7798dc11271d23181d0df6eaf7a4b87e829546e9b3801c13c94f60555170d1efe18458b918c0f0658222b9600b09b9b316e84e5616fd01f5e15471449c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 b7b1039a038e9a2bffe7fc14b5200536
SHA1 8a4fc7cd0b457f238bf83aa05b30d5ba34b343bc
SHA256 8a9a03ca430d37d881b1f75fe6813bc0b7df947fe4f69e12d601b6c915584473
SHA512 aabfd8ebbac841252574e33447ce934c0edb3240738e2b38613f4462ac293292655a0d1a4244ffe003801173313c374a1d2350069a903a5709a4df1204490633

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f094f7bdbe4230d602902cd3c4513359
SHA1 9542eaef72ab798eb1cc5df306dd4ea5b4d98a7c
SHA256 001a916785a5cab4d16e62bece16d6b959361281d93372c94a403b2317bd9c40
SHA512 a7cb207ff243798d7cacae58ffb6ba7b76960f7376c4f6f54c6c881bf8aec3a997502c0b1a9dd9725d9b9d44c5e5e1103d168068bcba946ef069e831d5f77449

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 64c891987d43154e61a8253a68775e50
SHA1 583a4ba0aed67636828b24a24d2f7d7fcc26bca7
SHA256 e37e5a70894c5a1aa3942f91cd5fa9f022d919e2e3c9cb6c867372c4c008f428
SHA512 120636c2b295cf70ec9ae9f269709033c08f9ac05fdc8d658c9de057052c14f9dd7ef6dd6b8e292f02c5b131302bf27ee7e71fddefd5af032cded5642b44cc39

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 af6af861e4b38bddf0711ab3ad14f108
SHA1 c8968d717419a6a19979301ddf471085fc8cb0b1
SHA256 ed1fea165c0cc1bb6bea1620ee8e4b6574234a0e428c0d7181dd0c30475fba55
SHA512 cdc27fed76eaeb097331488c85f37d0262f4100ee99f0df045a6d6ac53dea3dae4de7b529204732356cbf4c45bef6570993efef26a1176647fcbef430c4dcdf7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1091970371253449983c85d6bfa3b10a
SHA1 1baf5b4093c4c2ef4ab65dfbd9014f132e35aa7a
SHA256 30a83fb65355ec29051b5a11a750155e38b6babc89856ffc7c213a1342d16b0b
SHA512 05de17e52868198a0afa6728d0f73e954b430538fd96ecdfe025507cbea3861f01b4ced3d689a748999a5074a7ac18c83b5bafb3426d8f7c48fce9e10e20dd7f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 7b2a37b8ab4989376b4f2027b444a035
SHA1 4b23954b544e353dfb3da2251de8ad2e65d555e7
SHA256 19433584ee28d472915b01b9804a00c47eab9fe373942487bc2a626aeb2b8311
SHA512 9ea47726cada40ab0a0f75188b957e55ae9be5efb28c2aef1d122e19b0e5c8c83b465fd0a521ca9310a684d68fd2bc8dca5f5164b222f65f6f151b9fae2a8f08