Malware Analysis Report

2024-11-13 13:51

Sample ID 240406-kkr8ysfc55
Target https://bing.com
Tags
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

Threat Level: Shows suspicious behavior

The file https://bing.com was found to be: Shows suspicious behavior.

Malicious Activity Summary


Legitimate hosting services abused for malware hosting/C2

Checks processor information in registry

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Uses Task Scheduler COM API

Suspicious behavior: EnumeratesProcesses

Enumerates system info in registry

Modifies registry class

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-06 08:39

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-06 08:39

Reported

2024-04-06 08:58

Platform

win10v2004-20240226-en

Max time kernel

789s

Max time network

789s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://bing.com

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A camo.githubusercontent.com N/A N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133568667020259120" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000ffffffff C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\NodeSlot = "2" C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616193" C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-275798769-4264537674-1142822080-1000\{F8519F0B-683F-46DA-8EFA-857667B88CEB} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Generic" C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = ffffffff C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 = 14002e803accbfb42cdb4c42b0297fe99a87c6410000 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 408 wrote to memory of 1248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 1248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 1620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 1620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 408 wrote to memory of 2336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://bing.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcb5529758,0x7ffcb5529768,0x7ffcb5529778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2196 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2880 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2888 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4672 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4772 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2780 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2260 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2456 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2948 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4840 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4852 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4040 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3420 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5328 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5472 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5652 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5776 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5700 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffca72846f8,0x7ffca7284708,0x7ffca7284718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3796 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3796 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3136 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15179081120882674339,15972065118422575906,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4836.0.1576651357\292077416" -parentBuildID 20221007134813 -prefsHandle 1904 -prefMapHandle 1896 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1c335bd3-b985-47f9-9c19-ffe0ce32adb6} 4836 "\\.\pipe\gecko-crash-server-pipe.4836" 1996 16ea20f1e58 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4836.1.1431387956\1855386455" -parentBuildID 20221007134813 -prefsHandle 2368 -prefMapHandle 2356 -prefsLen 20785 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {20dbe2f3-f106-4100-be1a-2539823879a4} 4836 "\\.\pipe\gecko-crash-server-pipe.4836" 2396 16e95870d58 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4836.2.393616764\1436277049" -childID 1 -isForBrowser -prefsHandle 3164 -prefMapHandle 3160 -prefsLen 20888 -prefMapSize 233444 -jsInitHandle 1412 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5f78092e-0212-41a7-aef6-5c79dea1a122} 4836 "\\.\pipe\gecko-crash-server-pipe.4836" 2916 16ea205a958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4836.3.181530531\945362429" -childID 2 -isForBrowser -prefsHandle 3588 -prefMapHandle 3584 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1412 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4872a7b1-dd41-4827-a152-82a96ceed415} 4836 "\\.\pipe\gecko-crash-server-pipe.4836" 3596 16ea63a9358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4836.4.1713248185\661063168" -childID 3 -isForBrowser -prefsHandle 4324 -prefMapHandle 4280 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1412 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eba120c2-a045-40e4-ad0d-7d2a32b80f42} 4836 "\\.\pipe\gecko-crash-server-pipe.4836" 4352 16ea73d8358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4836.5.950531003\1908282182" -childID 4 -isForBrowser -prefsHandle 5108 -prefMapHandle 4944 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1412 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7d723a65-0d16-487f-81f2-7825aae206d2} 4836 "\\.\pipe\gecko-crash-server-pipe.4836" 5124 16ea4cf6458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4836.6.2094828902\807291599" -childID 5 -isForBrowser -prefsHandle 5244 -prefMapHandle 5248 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1412 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {593855a8-2c0d-406e-9ce1-f919aacde576} 4836 "\\.\pipe\gecko-crash-server-pipe.4836" 5236 16ea8744e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4836.7.2008483187\1681515322" -childID 6 -isForBrowser -prefsHandle 5324 -prefMapHandle 5412 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1412 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {caf0f816-81f6-4761-861d-7bbeb6027946} 4836 "\\.\pipe\gecko-crash-server-pipe.4836" 5516 16ea8746658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4836.8.1317862008\1456496657" -childID 7 -isForBrowser -prefsHandle 5856 -prefMapHandle 5852 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1412 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {11d109d1-92be-440c-94f6-6d546f8bfc97} 4836 "\\.\pipe\gecko-crash-server-pipe.4836" 5864 16eaa715d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4836.9.720479391\1124172182" -childID 8 -isForBrowser -prefsHandle 6016 -prefMapHandle 5464 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1412 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {49ea8a3e-8a51-4bd4-ac83-3ac4f168db2f} 4836 "\\.\pipe\gecko-crash-server-pipe.4836" 6004 16eaa717258 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5916 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6132 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5016 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5628 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5320 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5464 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5796 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6124 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6036 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2260 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5280 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=5308 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5136 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5128 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6276 --field-trial-handle=1844,i,5001659237037440015,10435877451600859945,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4836.10.516391046\838384421" -childID 9 -isForBrowser -prefsHandle 6648 -prefMapHandle 6656 -prefsLen 27425 -prefMapSize 233444 -jsInitHandle 1412 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d7df1631-85f4-4181-9966-0d38a09ceda7} 4836 "\\.\pipe\gecko-crash-server-pipe.4836" 6380 16e9585dc58 tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 bing.com udp
US 13.107.21.200:443 bing.com tcp
US 13.107.21.200:443 bing.com tcp
GB 2.23.92.217:443 www.bing.com tcp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 200.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 202.184.250.142.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 2.23.92.217:443 r.bing.com udp
GB 96.17.178.185:443 aefd.nelreports.net tcp
GB 2.23.92.203:443 r.bing.com tcp
GB 2.23.92.203:443 r.bing.com udp
US 8.8.8.8:53 217.92.23.2.in-addr.arpa udp
US 8.8.8.8:53 209.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 203.92.23.2.in-addr.arpa udp
US 8.8.8.8:53 185.178.17.96.in-addr.arpa udp
GB 96.17.178.185:443 aefd.nelreports.net udp
US 8.8.8.8:53 assets.msn.com udp
GB 23.48.165.25:443 assets.msn.com tcp
US 8.8.8.8:53 25.165.48.23.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 20.190.160.14:443 login.microsoftonline.com tcp
US 8.8.8.8:53 aadcdn.msftauth.net udp
US 152.199.23.37:443 aadcdn.msftauth.net tcp
US 8.8.8.8:53 167.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 14.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 37.23.199.152.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 140.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 239.249.30.184.in-addr.arpa udp
US 8.8.8.8:53 178.223.142.52.in-addr.arpa udp
US 8.8.8.8:53 173.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 22.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 9.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 runtimescanner.org udp
US 104.21.36.221:443 runtimescanner.org tcp
US 104.21.36.221:443 runtimescanner.org tcp
US 104.21.36.221:443 runtimescanner.org udp
US 8.8.8.8:53 221.36.21.104.in-addr.arpa udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.17.3.184:443 challenges.cloudflare.com tcp
US 104.17.3.184:443 challenges.cloudflare.com udp
US 8.8.8.8:53 184.3.17.104.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 104.17.3.184:443 challenges.cloudflare.com udp
US 104.21.36.221:443 runtimescanner.org udp
US 8.8.8.8:53 202.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 227.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 232.184.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.181.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
DE 216.58.212.138:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 138.212.58.216.in-addr.arpa udp
DE 216.58.212.138:443 content-autofill.googleapis.com udp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.17.3.184:443 challenges.cloudflare.com udp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
GB 2.23.92.217:443 www.bing.com tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.17.3.184:443 challenges.cloudflare.com tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.17.3.184:443 challenges.cloudflare.com tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
N/A 127.0.0.1:49965 tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 54.245.32.185:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 185.32.245.54.in-addr.arpa udp
N/A 127.0.0.1:49972 tcp
US 8.8.8.8:53 runtimescanner.org udp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 8.8.8.8:53 runtimescanner.org udp
US 104.21.36.221:80 runtimescanner.org tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 104.17.2.184:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.17.2.184:443 challenges.cloudflare.com udp
US 104.17.2.184:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 184.2.17.104.in-addr.arpa udp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 8.8.8.8:53 github.com udp
DE 140.82.121.4:443 github.com tcp
DE 140.82.121.4:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 4.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
DE 216.58.212.138:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.22:443 collector.github.com tcp
US 140.82.112.22:443 collector.github.com tcp
DE 140.82.121.6:443 api.github.com tcp
DE 140.82.121.6:443 api.github.com tcp
US 8.8.8.8:53 6.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 22.112.82.140.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
DE 172.217.16.196:443 www.google.com tcp
US 8.8.8.8:53 196.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
DE 142.250.186.110:443 apis.google.com tcp
US 8.8.8.8:53 67.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 bing.com udp
US 13.107.21.200:443 bing.com tcp
GB 2.23.92.217:443 www.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 2.23.92.217:443 r.bing.com udp
US 8.8.8.8:53 login.microsoftonline.com udp
US 8.8.8.8:53 110.186.250.142.in-addr.arpa udp
IE 20.190.159.64:443 login.microsoftonline.com tcp
US 104.18.33.89:443 www2.bing.com udp
US 8.8.8.8:53 89.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 www.msn.com udp
US 8.8.8.8:53 assets.msn.com udp
GB 23.48.165.29:443 assets.msn.com tcp
GB 23.48.165.29:443 assets.msn.com tcp
US 8.8.8.8:53 c.msn.com udp
IE 68.219.88.97:443 c.msn.com tcp
US 8.8.8.8:53 th.bing.com udp
GB 2.23.92.203:443 th.bing.com tcp
GB 2.23.92.203:443 th.bing.com tcp
GB 2.23.92.203:443 th.bing.com tcp
GB 2.23.92.203:443 th.bing.com tcp
GB 2.23.92.203:443 th.bing.com tcp
GB 2.23.92.203:443 th.bing.com tcp
US 8.8.8.8:53 browser.events.data.msn.com udp
US 20.189.173.28:443 browser.events.data.msn.com tcp
US 8.8.8.8:53 29.165.48.23.in-addr.arpa udp
US 8.8.8.8:53 97.88.219.68.in-addr.arpa udp
US 20.189.173.28:443 browser.events.data.msn.com tcp
US 8.8.8.8:53 c.bing.com udp
US 204.79.197.237:443 c.bing.com tcp
US 8.8.8.8:53 img-s-msn-com.akamaized.net udp
GB 96.17.178.183:443 img-s-msn-com.akamaized.net tcp
GB 96.17.178.183:443 img-s-msn-com.akamaized.net tcp
GB 96.17.178.183:443 img-s-msn-com.akamaized.net tcp
GB 96.17.178.183:443 img-s-msn-com.akamaized.net tcp
GB 96.17.178.183:443 img-s-msn-com.akamaized.net tcp
GB 96.17.178.183:443 img-s-msn-com.akamaized.net tcp
US 8.8.8.8:53 28.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 183.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 ecn.dev.virtualearth.net udp
US 184.30.156.183:443 ecn.dev.virtualearth.net tcp
US 8.8.8.8:53 183.156.30.184.in-addr.arpa udp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 96.17.178.188:443 aefd.nelreports.net udp
US 8.8.8.8:53 188.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 3pcookiecheck.azureedge.net udp
US 13.107.246.64:443 3pcookiecheck.azureedge.net tcp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 8.8.8.8:53 codeload.github.com udp
DE 140.82.121.10:443 codeload.github.com tcp
US 8.8.8.8:53 10.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 upload.wikimedia.org udp
US 8.8.8.8:53 icons.iconarchive.com udp
US 8.8.8.8:53 images-eds-ssl.xboxlive.com udp
NL 185.15.59.240:443 upload.wikimedia.org tcp
US 8.8.8.8:53 upload.wikimedia.org udp
US 104.21.235.213:443 icons.iconarchive.com tcp
US 104.21.235.213:443 icons.iconarchive.com tcp
US 104.21.235.213:443 icons.iconarchive.com tcp
US 104.21.235.213:443 icons.iconarchive.com tcp
US 104.21.235.213:443 icons.iconarchive.com tcp
US 8.8.8.8:53 icons.iconarchive.com udp
US 184.30.248.9:443 images-eds-ssl.xboxlive.com tcp
US 8.8.8.8:53 e87.dspg.akamaiedge.net udp
US 8.8.8.8:53 upload.wikimedia.org udp
US 8.8.8.8:53 icons.iconarchive.com udp
US 8.8.8.8:53 e87.dspg.akamaiedge.net udp
US 8.8.8.8:53 213.235.21.104.in-addr.arpa udp
US 8.8.8.8:53 240.59.15.185.in-addr.arpa udp
US 8.8.8.8:53 9.248.30.184.in-addr.arpa udp
US 104.21.235.213:443 icons.iconarchive.com udp
US 8.8.8.8:53 runtimescanner.org udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 104.21.36.221:80 runtimescanner.org tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
DE 23.53.40.129:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 129.40.53.23.in-addr.arpa udp
US 8.8.8.8:53 redirector.gvt1.com udp
DE 142.250.186.142:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
DE 142.250.186.142:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-aigl6ney.gvt1.com udp
GB 173.194.183.166:443 r1---sn-aigl6ney.gvt1.com tcp
US 8.8.8.8:53 r1.sn-aigl6ney.gvt1.com udp
US 8.8.8.8:53 r1.sn-aigl6ney.gvt1.com udp
GB 173.194.183.166:443 r1.sn-aigl6ney.gvt1.com udp
US 8.8.8.8:53 142.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 166.183.194.173.in-addr.arpa udp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 104.21.36.221:80 runtimescanner.org tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 runtimescanner.org udp
US 8.8.8.8:53 runtimescanner.org udp
US 8.8.8.8:53 runtimescanner.org udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp

Files

\??\pipe\crashpad_408_KXZBXCDHAIRSQUZZ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 788161413c21b85311c589d59d73946a
SHA1 09dfd7a4f02ac20dd710fcbf96c12c6667dc8522
SHA256 1e9e18ef2bb0c28bf214bf1a1fb8eb916dc3f6fd7a2cd6f9cd60313abf5d02a8
SHA512 7dba871e8407d4aa44eba4d949dfff428a04dc9473d54359a83e9ec08f4dc1765c2e97be7cb96e736154dcb5f194952a85eccc29c6c4d795769acf129163b39e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dbee4967766698f31ac9b25337c1bc9f
SHA1 16ba2ec1ebf1b46af387429dff139a34312ae99e
SHA256 ba68e962a17c70dc9da74110057e877220f2d75b463f2f6cc88a07061a496d12
SHA512 1df1cb0ae59e66a61cccd043780d8134f303853477299e0824ac1cf3e0db9be021c143a1d774a8a5e4cb7782350d468b9e71b24b5cabeff5a74fccd15394d8b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 99d5d959c709c5b38b0ffb780b3e61c9
SHA1 e1e21b8a741717b44519b4a4b881e9aaa1705845
SHA256 b1a88d6c382174a6773cca97331596327dae646ebad8d8d33832caa8ecd35e22
SHA512 44fc0b020a574c8d36793a1a4d22e9be9f5a371b23ef1279418215a3b0ae8571734d506907892779cd507ea5fa6ef3c8ab3f99926a6c3692c539d8e36e56d645

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c426b452c2343d0c3b125d80296f1806
SHA1 1cba088009c08d9e3e4256efe578680c0794eb95
SHA256 566d5532ac9ece792b196255e69cb6b52f9cfdfdc86591a2e47336d3af85a658
SHA512 7181d3b8c8d004610f6fc65126ff1a15dd5cf453efcfff2e3a692175a1738152efa54da3b20e454f1698ff683ed611bc755bb50e3eda458583c08ac9cdb0f12f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6ba48a5b22aec59236b807b9e91255c6
SHA1 247b5ee73f570a8678dd25970885f4eddbc0549a
SHA256 9c357836f6550d5a714536e2a1b2b9d9c78e76c031f1c5b1beaa29080283e5a4
SHA512 08960018d67ad4260124acce6655f308207ddd734a3432349d37fde693802c91b7e9dbb40dc64e158271d7488bbf0d8ceaab50bc1ec5d1c318b2f19260c23eb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b7f7fa16c43c1e305cd9ecd9ce2dc18b
SHA1 ad85166d8639f467e331839b4213195c0dde60e8
SHA256 26c38a3f2f9b1e820a62972c092e642c613e9ac1d0e6260ef8822dc5f2b94566
SHA512 53a2569ed49fe9ee067dbf448a10be46e96b28b979d39b1b408c2ce743369c9f0f56b6e692df87e7a95285aa53e072c567ad089d6975ec7939368783797b9b41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 d1c47e1480d9e8735b813438800ac417
SHA1 ff6139a4cccb2c3033e406dcd1fa43052219ba09
SHA256 bb85d8280f8a4c88fffd46e81e04bfb780aa82949b1e4690921d014a9b3e0df8
SHA512 17df455edddb8c862bee8f627cdf1f7f1189d7444db434d1fb43641218f2a71dcebe080b38ec73e48258881ac08cb9af3f3b542c783e0558bee9083df40c0731

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5a42c7.TMP

MD5 f3ec5b32d52fd73ce1c98995541c9f6b
SHA1 d4db8a8b480a8433f0a3c84eeffbbf618e2fa10d
SHA256 4d0c50c14479a20fbef6f954e884ff6bb37baf5887d7b411643ec801685faeec
SHA512 61790a5b4244fa4fe2ba8b702e7a576fdf048fc2339b51efff4f500615de1c5a89b3eb94bbaadf055a44ab20c709348959d90a7dbd18e79c1670a14c0fdc82df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 37ba5468929e9096c3616c5a1631f5e1
SHA1 f724a07e75f520a28d1c38eaacb49504b99cecb5
SHA256 0ede1e5ed3091b76f1da63eabfdbf4ab9c592546be355adbbcf75aad5591b275
SHA512 2bec784feb7a9c405adab6102188dea1757744b31275251d5ee72f24ded9946874e974e5e8333aa8f7d2f3b4044bfb9014e7327ed3aa53fb6969d31e1d283116

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b9a84063cfb34c449413a93d512aaf3c
SHA1 3b6487af2eb23194f7f6b61fb45eb5f50c93b0d0
SHA256 b03182c19d6b847d6ea4260d5ba4eade971fa1a2617068aeef007db1b8bb20eb
SHA512 d3ba57796cd784490d8ce3b331ec6bbba3f01720a8dfcb7101a668c6ca6e0491b35c6c8ea86b5f16871103fe72a6d7b6318a2d466a7a7c1ca9e8e5fcdda723fe

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 95479e2155c1516aa33149903d41fedd
SHA1 8255964e5140878aaafc74773051a2ce6beeff1e
SHA256 3e6988943f3939584da2c457c7ed172e67861a1332623cfadaf2913a8d06fffc
SHA512 3edfd425b5d9ccb2ffd147ae03f83ca4b73545d7f564bd35bc0f950ca5efe080281880add70feee092558b815ce707273c14cdb15edf66c5f26a654b0366dcc7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 318c61a2883a69c8a05d21a0ce7b9253
SHA1 6a7f047d4b26507a6b3761fe025516e5aca43189
SHA256 6a0acedf23f3cc096cd62454ee124c2e9392d6efffe34a5b7dd72190bc3c53ba
SHA512 1f68ff7bbf6d0a03902aef56c2431f4b9c259e979682315d4bdad2864195a1f21bfc9bd08c524ce467e910983bda3fdd2c026762dd274005d1cb5611b0afa24c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 882e1f4379f6402ccb8cf95d76918fa8
SHA1 ea0e6ea48e503ad2168b4f399b2b7849ee6abffa
SHA256 83addfe21e4d53cbadbf5374d8cba9052673742181e0183d6e0a7df574132c83
SHA512 9d304a946d4b2f5c9285f01bcfac2005fd05031d2c55d83e60d2909488b71506178f42b635d075ed61d16c492e600c07ffe62a0a2ef352f4c30f3746dc6c4ca9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 baac3651d4be64eda1ad80ce974a5358
SHA1 d9d2b9a75253c682d40ca303409631ec253f6956
SHA256 2223c415a040d78e92c49f5c486edf05794273031787be3addee9eef5f47bbff
SHA512 47bdf6256bfdbe6a39bfe11ac4bd7b0dba06fcc95452ae31b92c467d7531a4787743e88db72b131e2a70b58c5f39b9f8f9eb2f15ea26f11533d014d39c6eb675

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d8658f0520f6c1e381e4e95096a9ae74
SHA1 f4ba137649827fb4372bfb17a593e70a03402c35
SHA256 5997895156e27d63c1e3bb3a1f26959492383d07a31920c372fa0f4b97ada0f9
SHA512 563e0cfbddc8288cc18aa62f5e56a8636186bac2e7fb1220ae5c47d2e3df5e82482225276bfe147ee000c0930983fb4bbf764fc5104a14bfebbbf759c83b9c51

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 1eb86108cb8f5a956fdf48efbd5d06fe
SHA1 7b2b299f753798e4891df2d9cbf30f94b39ef924
SHA256 1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40
SHA512 e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f35bb0615bb9816f562b83304e456294
SHA1 1049e2bd3e1bbb4cea572467d7c4a96648659cb4
SHA256 05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71
SHA512 db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 63ff2d48c5c0b5b3ba4373573dd69e06
SHA1 fc44d0a8a3de0e66cfe62f61b58c22615edacee2
SHA256 0ed147cf17144691eeb2b53f0ef45f154a2d0e2e13a7563d1c3f334142ad1c17
SHA512 ed0e2e97a1c6bf6b2efc32604bd9f4936042160e3c3eed35d4e80c38b77be4d4b157223d90d5b395695f5980856e78888230706ecceee1bdb84b749c4e904674

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 14a2412b4cf6445b0475325ee43dfaae
SHA1 dd39c1492aeeb53b8e2f72f18bd32a88744ec3d3
SHA256 58fda6950e303760509e8fbb807dd08f482512b38fc44217496c04fca9136a75
SHA512 36f5a62526b9b328fe8da5cac61a576c90ecc6a5c45cb859ccc17d4f6f4289d0fdf773e649f47978279e9ec64327a2345ab92494424ad7b4bee84b85ed137272

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a05ba3c381ed2b0b19168334dda59f63
SHA1 123ea49d5370b615f6819a3a497ccefd9c0c1cc7
SHA256 b4f61f7a6669507ffd4299365be41b3204879d7ff2478de4a94fbc0f45cd88b6
SHA512 95765023c6e4b302db8c7c38803c31f23a64fef57bbe1d5cd3a78a50dde50fb6e837731dc2a0832939aa6ca1b06de3135647ab36c0cf44a91026794c74837123

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 590404d092a0c86a6a326a9ad2dd37fc
SHA1 b1995dca8ca9cdaf5c31533aec085ea4f376ca61
SHA256 66552057ff3fb5c7a8fc0d228c127b04366229f6c53a26e9e2bba135684217f5
SHA512 284ebd644823940ff2ec542ab2713c68e93d9c2f55ad6e29a82826e81342b2469c14c2ff8618dc5816f89b35d0bbc54f53c502ce58a639a4ce2f7f9ff1815158

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 eee8614441f2952c5ebdb39587805a39
SHA1 6264b13931292a3e882df174d586a100f4ee4d6f
SHA256 f96a47619e034510e34017ca950e10be40e623deb3e8a2cd146732b115fe7924
SHA512 c01fd343e5cb64e5ec5958312932a099517644f12302f442fd140b390a085f3b30912438aab8730a65088b490459ebae750d510984cf50fde0bcde75b2df5557

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b90f7efabf713027d1354c3a331f2164
SHA1 c984e41594a002339a0008d08abb2a78a4efa0f6
SHA256 863996ba00b1c4c2d4c010b60a89f0718ef4df374492fa6294296379d73f257a
SHA512 daf9739e47be2ed7a1d300030b5bd0b1247561c05b35eea7a90c9df91aa1761e1dc9b469970859e010797460aafb0023c4b3abb387f7d2ad46fd8149f3f0db0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a9bad5b788db28360c530bab89417f72
SHA1 b21993014a25869bdecfe85cced85bdfc216c815
SHA256 c829a890b5ec1feaa2032e2a48c00e24dd6c2703433cee54e04a4d0945e344ce
SHA512 388ff46879b0aa5237e1233328be1d71a2635cede6670f3d9ed3e6fc6e339df51af15c44b6efd480cda0ad72b917eef42f5b33f5e5cc2fed266f0394fb53bf0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 892266c2939cad6fe7831302c65b426e
SHA1 1dc95f0be9a93e85b7138c33055390d1a9afbb5a
SHA256 c81d026a4bbe7c35b58c59e0c9e57e80d3bf21e707fc91d38049ad93cc47722b
SHA512 4cd4007fdc53e08af9d21bdb37433700a791eeea51ccaeffef2da261255d717b22f0394ef925433d5ca669878ad4f4957e886a803ba65c1217732bace4c45f3b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 17cb32bc2fc49808ffa660800078d0ca
SHA1 78554a37ad1fecc63f5739c6fdab2b80d8412c36
SHA256 bb293ec8ce2dd878c5ab7260e4e7c40f791e3682d1f6ee9faff6a9e772cc49f0
SHA512 41ebf1ddced7a46228706249f47d95cf868b81d7e55f7bcc9cd266856751f23c57d7abde6bd6f53228abf94b516f52f2ffb9acd8c608c0532a5a12d9da953c9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 40a796785918bf7f4c4279bfddf03662
SHA1 40b823f31b0904c09b32bdea087d56300b6102f0
SHA256 0592b677159093c4fa3c949471b560c8ab4359df66482fba8126e578a60df5ea
SHA512 69794272cf1e133f96f80973052f158dc6e20cd2987dd9ad8135e48151c9e11d3b5ba6f33119a15d54552eae435fec0a73a906602933e427ea4eacb60ba6513a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\datareporting\glean\db\data.safe.bin

MD5 7324a8408e75ce80da7a33e198e01ce0
SHA1 6d73f613fea0062ba994a780b8a5f60440a66ffa
SHA256 7a6db9f32b732a6aafefadade1937d36fe385d35f036bb88581f5adf7bde74ea
SHA512 232ce4efe38829644e68c061683beddaba950d9692daa46a9ae6b249fe40c314603f8a9689a73555010a8361ff37cc28f568f7fafe672f42a9c19b32dfc21410

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\datareporting\glean\pending_pings\e32156e1-932a-4bd2-99e8-242fc909a9af

MD5 ebef920dd22305cde0c28df4f87fb6ed
SHA1 05fe4b22ffa2f18806b7f536ce0f6afa5ec2e9d6
SHA256 1dc6bd835dee1c70ec7714ef5106915a4d0ecfd8b98cdc722d0eff54cdacb837
SHA512 6cd96d45c11da018188b26f9fd63f81def05029d72721f7d4bca9a281c91db04493bb1422c1b29ca85b50a91f56d5f020fbefd6b99809c2bef8cd04c00e1365e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\datareporting\glean\pending_pings\87f979f8-98b5-4409-a8e9-1cecda6000b0

MD5 0b2b79d963ef1ab9e1439e6342331a57
SHA1 f1afb517438e117d37399b7539ddaf37c7f61ae6
SHA256 e3a37ecd7dc458bd4eefaa55b60ac5291c33bf185d289574d177f49162b47b1a
SHA512 5aacd3440ef17d8dd3d97c5e55e8a942319645026cf24141ba18f8cf94a8ffa10f61671780044301ca4ce498117eae963166fbc77f0fe5dd8df838ab1dadede4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\prefs.js

MD5 17b9fc7405e5834cd43292e06cb458f7
SHA1 967b31adc612a4161b9b3f331f8638499c5fc17d
SHA256 8fb5d97b0ab153e3565d01bcad17edfd7e530302897ada2bbbdb04779e4acf59
SHA512 720a36114786ccd7c26f3c2dcd35e4ddf2580ed587fd7034a1af7e4f7e8d50f6ff3e60e1ceac2999292524b12ffaeeb7975017bb12bb4592b272c478dcff5e42

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\prefs-1.js

MD5 7dc5227d6de204f59642dafdfe108eda
SHA1 952b71e4f075de619c2d2ed48a03ccfbb5ed1091
SHA256 eb8b83fab718655e8f73dc95007e65ccab46958832e6d93a4ff3f182587b34d8
SHA512 f67d3cc3359edcfd3a09ff62f96f6bb1ee2d9ee96269ce0f0b761de662e0e04adc5bc6959f03f731f904b3c3e45e84575ad35a7f965e1fafb1c5bc6b2bd11a74

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a53a6118544ef53cbc00ee387c949f39
SHA1 28e91c64b4ded5b947cdbe135228756988033418
SHA256 7216a6bff6b4abba4cfe075776ee33efd29d8362f83312b78c94411ae422e08b
SHA512 536bb55522bc6a1ce03d9e2e6e18542491c0041625274baec98e42bab6f4dd66779bae8e09d08b047d46df235471c229b62886dff0920b5452f30b867409f063

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 57fc4202004d3fbe24a8d1d9ddfef28f
SHA1 10b3a1168167868dc6a5756ff23608c95cc5a42b
SHA256 e7410945b5d130e6fa4caae19d46e8dacce085e86c3942f984736ccea0f5b4a8
SHA512 a3c29bfc13e5928bded0b9180310938533c175a346292e2f393a8ec8b223bff2c33135f16070022a768130cc0f56c5729d036a8e8ebbadf05e7ceb0342e7bc94

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\C4E07FBF9542926659E53CF464857A532D91394D

MD5 8e4f1b9f2d788c64565b804d60882bf2
SHA1 26ef05bc3778ecdf2cb740de9337f37cc80f78e3
SHA256 22f821505c1edfb602992902dd1147bda050ee14ce10211955c8163375d75a1f
SHA512 04fdcc47484878c58ea372c6b6b7d8287c8499f507a7788c067ac37acd0f34dc472b9e28c00d2fb8a5d9bfdb47724e452223d5e0e515a872edab54c15d6f5118

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Login Data

MD5 92faa0d533cf53502d35394f2ee7eef7
SHA1 3cfdb2a19c9828c8213d1e05d433b4c2f471808f
SHA256 b46f3d877717adc73759a816638022a7487fc413e5e3f4eb930d3b932f0f4980
SHA512 5f15bc430f070ace060208cf461787e3874d1f181235b1d9a0a8d98a8487529e53a94b220660e3d8a950236ad5c7ca8c865fe81d6582cf598c8dd4706159ac64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 6b987dd712d853dcdee3771f1aee0857
SHA1 ed85e9d3970eab48956bb2346d0aabcb65b78eb8
SHA256 2bea4bc42f9fe72b9d1a56131d49bf95a4ebf86f72803745899c8319b0afb31f
SHA512 fd7fcf949cf9216af8f698306da58be98aed4b890bb35a7fe6302dbdbf91de7564f8fdc7ea74c9b77f91b779f1bbb63585ce220cb12ca312db5ebdc60660911e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

MD5 db9f6cbdcf4d728cdad7f648aee15b9b
SHA1 a5f050cbd1dd2571211237263c25f38dc488863d
SHA256 1124b817c92b65ea0cdc4eae953a5b3619b2814e3c08af168b32fa711ad6ce1d
SHA512 978c2dcfdfb47ffa9b8dc3d9867d12c973ed003adccc4cf6f12f8954fe6badd84b3ebf526a1ed12368050a9ae642d59560f80509269245b92c09055f84d3f05b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

MD5 3dbe2d19538a17d1eb6be89aa6454a4b
SHA1 84ecfc18bd8d8fb55ac53762fcd5c405066e2882
SHA256 d4f32b13600925c15a12eb3efba787f8e6a469f168483b38f30116ea6c0d83a0
SHA512 9e5993ae781974520d4396c746764e1bef0f5a6b72582ca589682cb717505660a1b355562c682fa4133b08b5c2cfadaaf271df4a205a2c8eb62011ba52790ea0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2edaf4c6ef2af6b47be17ae191f1a1b1
SHA1 47123250c42aedd95b88db3c00f240d400fdef83
SHA256 1b313f47797c7c115e6cd6ed26f873a9fa44aa7b9f4472c9760424b4fe51826d
SHA512 04bdd64a5776010612843790233d0f07a53dd51c891b2439e61b79f94635e3f124892ad8ed7ea300ce8f6abea61a2a5704269a5d4e80c6f6a375e6b1bf48f19a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 387def4572be385aa36d65c262cea131
SHA1 616f19c49fc98ea0f7ee786a21dcfdfaca837a2c
SHA256 9740261327d470923b03f0d0ff180e184a7d9396bd04db9fb4e8be49f3951997
SHA512 1bfccf0026b30dc1c9ab5ccdb0cc8c1d2fcc2a47ba3c01b8b9a8049dc810299547c07b0d2800a12789f7cea003c963d58a4aee123cbc31cb43242060007f9c6d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\2E4F0C8E506B148C0BD72B6B77873333D420559C

MD5 3ffe8de323687de68f2e89e8d8934042
SHA1 8e3cf615f4df8d809a9c57d924a4706750f8491c
SHA256 fd9fb0787eca6fa750dacd45861f80033fc28a607b538d5b9c291b4a8d421583
SHA512 6733eaad6fbb9282bee1862b0a4851364852a8f2176751b55737d71bf502ebe19aeb991a2a3fc0fd9d8bfff0c9901064f581dd84978016e2ea0f1782c6165c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 80bb0b331898a6b1cd8a4813cbf78226
SHA1 30f045fe61a732c818a1899da55f7a7afe3d7d93
SHA256 1f6b29866137ddf30844edf039ef30724fdeaf652560a1f3d854171c2ea4eb75
SHA512 24aec39393ecff79d0b1f7f6c6fd7aa3038aeaaecb89a22b8b74034f8c2b77779464661c0645e54c6dda98e7886bacb9932ec72950c1774273f4d0e039c7d62f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 eceefc7344248254c7ad6c7cff082603
SHA1 125daad5d55e93b98c1fe50719cbe6561152ca9b
SHA256 001cd0ca1ec7b3677a5e54e999673a20c26a5971dcc15d912d4e9022f6dcd0ef
SHA512 9a1647e3cc23708fdc18f8e2fb47254e3eeab37285d87e4061b8106b0be32a1e630173acf2a3be7657e57a73191bd4816cc2743be4ef1bb1ae1a10a3e85980d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8e353e4507bd7d950d55c86a1b781a04
SHA1 7d62dac79a273bce2bd215fa49a49cf7190ad382
SHA256 00432cc335a837c107f370569a538e7355a101f71e7d19f915def1b536a1954d
SHA512 c815d7a01cc04bfe25ba51d4dbbe6acec17d23d1fd5dd24738f71a1d2f8a9d3ce185a6d7243d14cf211adb02c7454b353de037c621b4b5bf78ac90ba800e6a45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 1987739150af775caf158b1d88986c28
SHA1 273e654566b6e24c5e21ab9b510ff3ecc4d39b49
SHA256 f90cfaa970a239f2ada0fee95f66f1ffb438608b6229cbcb350301ca12f936b4
SHA512 3c0ab2a91a4a314e4c2e812b328ffb633788ec74dfcaaa7b9247f16c41135a224051f052cfb4987507192165883281e1554d95ab77abfcf3b0af213ed62edcf9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 1da4707e1d0443e246e916794805191c
SHA1 c971a720890941a75fb73bf3b0f47be5229247cc
SHA256 9490dc72a9fa45e864056e59ce1bb404239a36ec3e5ff6c7e26d9eb64a9c9637
SHA512 07269ba9d064ca5ac8fa99805afa81a3f1964250b801c6be42c16c43ef15d3620bb34804eed392913a3f085a0e77d5ebc947d3a85aee90cda0472469a6e3bde1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

MD5 56d57bc655526551f217536f19195495
SHA1 28b430886d1220855a805d78dc5d6414aeee6995
SHA256 f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4
SHA512 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 450b7496a0a082175967d758bcb2058d
SHA1 b5d41fa01ec502b17544eda00523282f55722872
SHA256 a12e25630c0c72bf33ef6c51012a4074d990a50530211e5ebce25039c43c1e01
SHA512 18c6656f30887d074215be19931566a195e3704dfa9b8b67242884c7e9efe6ef3ebd90a42f57d3e21da3bbf7de7b62891dfda7c6b45c6f330a3b51707ad20e9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 74e33b4b54f4d1f3da06ab47c5936a13
SHA1 6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c
SHA256 535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287
SHA512 79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d97277c90c6fa7457d4464c823636169
SHA1 2423ac7f096cc21c662d35094b4c0788e1324bda
SHA256 a0f6f4965cc4f8f70e061b17f69d2d98804e5ef02efb781d05df8e1ed0b3172f
SHA512 e95fafcef4cf9e608753a3e86c3d5ac1e011e0569f8e04ffd30baa15210fa632f3d47e9b1bf6833200618425e4c475cdf2582889cfb42c4e04bb65fb4e01afee

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\thumbnails\495d1b714ad395bdbb5a5a73968b2fed.png

MD5 20e900f33915121a5c04077678410be4
SHA1 d1276a96342694c38f9979d88b89d3b1fb5e324f
SHA256 9434a5f1af08704a95f3f1b13927706baade9d6d7c4a2a66617bff16e7270deb
SHA512 f50fc18a0d1c1ce703397801a2a78c85cd5123413f151c7963296c60260941fef4e5ad727f8a36f768a9f72aa33f1215bbe537de9cba247f9dc714189f7a9a38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 41df010399646655742336887d1d5551
SHA1 c7c669c42fdff5fbd997472dd6540d307ad925fd
SHA256 b6dfbd72197956afbc5d02c7555f846ccbf6255643840def6f4849f996e9e114
SHA512 616d4cdcf6aa4c14990140da5de7eed73ffb5b3172464fc644856cdeaf52d3257a816152d553ffca5c28e463eb9d5e88040455d91f163197680bdc54809490de

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\prefs-1.js

MD5 7baf6a9d46e550f9d0d19f679284b651
SHA1 67d13bae120a3d139777d073bcf3fa6bc25ca785
SHA256 619febc4344c54eb03d2a07027875f3f3910cd99733f61a56adc55bdabb83cc2
SHA512 01da3a36e070c453603ad916de8c0529f79692652db4ffdb5e0691f8c6d76db6f63c5d7c01961184b2591fd85197eabdf8e7817ce296bc4806ffc4ca7507f933

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f52c620e133b4665dfca98cb72defa78
SHA1 cf66c71600ba51924f62a6e34e78c702d4d38eac
SHA256 b516927695ef4fc5801cb18609d4f708af2d45dea918f72686c3a6efc48566df
SHA512 f3f838012848e62dc25635b06c2b41525455099393880027b2af08bfa2253c1737c2c2c4b29f7da32236294b609ea483da90ebc6e08b065a7c99ae6a3efc72c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a7fa2cd288296a35b7e216356ed29298
SHA1 b56a46f10360a80158ed21f6a71da24123776253
SHA256 6fe2d198957383cbb7440b5c3f438778362e0f86e5ac2f2ac79858e6ab2da083
SHA512 9c8cfa43b414e57ace2e6c153bd7fd438917080934b2200d4347e3c7f7fe56d11e792a7f89e4b04f2ddfdd5dac822af46dc7366df4ccf15ed2c01a97d95b2eda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e19100998922bd13113542084fe8d767
SHA1 de9c63c1bb7b88d3c13290084876a5f32c21605a
SHA256 e20c50c17167bf841628c0557a83d414d35791d8836e6d6acfd4a06536584847
SHA512 10c3de6aedd974a79216a430fea67284096d6b78d779330ccc13671aa5c008a796f494142a815d7dda501bdb5184bd80f7fb04363e9aa92d3bcbaf34fdbfe066

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004c

MD5 a127a49f49671771565e01d883a5e4fa
SHA1 09ec098e238b34c09406628c6bee1b81472fc003
SHA256 3f208f049ffaf4a7ed808bf0ff759ce7986c177f476b380d0076fd1f5482fca6
SHA512 61b54222e54e7ab8743a2d6ca3c36768a7b2cf22d5689a3309dee9974b1f804533720ea9de2d3beab44853d565a94f1bc0e60b9382997abcf03945219f98d734

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

MD5 c3c0eb5e044497577bec91b5970f6d30
SHA1 d833f81cf21f68d43ba64a6c28892945adc317a6
SHA256 eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb
SHA512 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004d

MD5 33f16061edcc51b2108450ed8ce2693b
SHA1 c096bc1bbb71f438f873f5625a26d2a6f37f8873
SHA256 d5a5afb6501328d76447419b8e72f11c788bd7cff9cfdeefe78bda6a008ccf0d
SHA512 6ad89c4401d97974e089bd7e64df85552ed993b9cf9a249e544f799639089467633dd66f7b6262d029ac35289c82646dfae60478813116ca235448bbc7df9bb3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004f

MD5 93feab00f76536d681c1b77eca2c7caf
SHA1 c48cbe893b3178a56357c132cae2fa63918d790f
SHA256 5da61564d6ae3fa4506522460d177f8b642b20bae63f81cee14b9ca71fd49226
SHA512 6276f945f1008c70bdc559a8d6a14c609a033af2fae6bd80c129da546e7df6cfb3fcdcc452508df8ee5be7a0a87a6f9930664b8b9726c4e52877802a9ceca5ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 e1f8c1a199ca38a7811716335fb94d43
SHA1 e35ea248cba54eb9830c06268004848400461164
SHA256 78f0f79cdd0e79a9fba9b367697255425b78da4364dc522bc59a3ce65fe95a6c
SHA512 12310f32ee77701c1e3491325a843d938c792f42bfdbbc599fe4b2f6703f5fe6588fbcd58a6a2d519050fc9ef53619e2e35dfadcbda4b218df8a912a59a5381a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 8edf1178fbf41e750ab75fa410368a9c
SHA1 3104a4867ab00cdee8f4e5427b2a691cde97e1a0
SHA256 717088880d26775f3bccaea18ccb54cef604f9b28dfb357efaaa60d44476a9d4
SHA512 dbdab4ff33ee8fc08f9c0fa8ddea2be03e47fff2645d484ff045b420d421915ba91284e5d8f55cbf523f0b041c3d1f813d1e5ddd6dc0c7e073d566f05ea77e76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 e1831f8fadccd3ffa076214089522cea
SHA1 10acd26c218ff1bbbe6ac785eab5485045f61881
SHA256 9b9a4a9191b023df1aa66258eb19fc64ae5356cfc97a9dda258c6cc8ba1059ac
SHA512 372c486ac381358cc301f32cd89b7a05da7380c03fa524147c2ddf3f5e23f9b57c17485aaedc85b413461a879afc42e729547b0c96c26c49bbdb7301cd064298

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 f650e6b6cae5279e4c89126960b6b090
SHA1 9f79318b36cc53712c3e7e0cf6e9ef91f62811e9
SHA256 86781350321e19d398b5a3760fd4c0af43764862c8c37e319b8b743f15c559c0
SHA512 eff8025498be7773e063c43137946382c408cb886272ac4c9f8cdc6b2447b8e4d4c559351bcec842b7436b3d7be96c51da967637c8e99ed48822876ded0cb2df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a2705e3e7917093c1f1312b999f0bb00
SHA1 240b6a5e0fda2b8be3ea74ad5cc8d838daf64a66
SHA256 8976e6ad9adff9857a8b8f949efce2c37df485c18459c59e28175232c20b62a0
SHA512 1843b9b72e1473819f87db84a19d1d43f20af3a7737e55fab652e50ab8c9b97d673b24defde1e43972f24f6132480ad5b6daf62d9f07a1d3e9645a3966186a31

C:\Users\Admin\Downloads\WannaCry-main.zip.crdownload

MD5 3c7861d067e5409eae5c08fd28a5bea2
SHA1 44e4b61278544a6a7b8094a0615d3339a8e75259
SHA256 07ecdced8cf2436c0bc886ee1e49ee4b8880a228aa173220103f35c535305635
SHA512 c2968e30212707acf8a146b25bb29c9f5d779792df88582b03431a0034dc82599f58d61fc9494324cc06873e5943f8c29bffd0272ca682d13c0bb10482d79fc5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\454ECCE1F07539A24113DA4C99024F6E0DDB5D82

MD5 961a6ea2e7e91fdb0006698112f858b8
SHA1 2cef5a6eaf9b1579131a5f27a0ec20619fe98d8e
SHA256 2252c6100ebd09ec7d76dc9bfbeaeb790ba9c29d5782f4f91bca9ac5be8cf46a
SHA512 fd2e99e8d05063b224ec81da1d64d490dbe0176244c0d9bf828376a17b1c52e162bfcd21e65c4f2c0c9cb44d95ea098f13d0c4aca0b4465fb02a9146effb6158

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\7CF7B51FBEFFC7BC13E5DA0FDD4D7E75DA40B509

MD5 4c384050bca4efee68fade8285018919
SHA1 31c93fed8a2d043a97236146dd40c93ba3fc52b0
SHA256 860cacc6da28ef0de605b42852bb61a1220c7eaf2b998f63b7e60754602a8080
SHA512 e116384f3e303bdf4c2cab3f14802bd900fb082207d7dac79d25b06c402b4a323706347c56ae4f554592911dedf36a5d550d07cb4f74360aff2423357b9ba453

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 23fc006db8e9d329bdb18909b57b2d1d
SHA1 de4dada0306fc00786520334ccf0701e72343db4
SHA256 412080d329878b31b9c60a986d995b738e6ea193e9f944c69f7713c3b4b06e6a
SHA512 d8825c98da1e4a57123b9ef7ca41fc16b4b3ee09610e6d18001e7169cefba9148a78bc49346a506987774dfaea6def93cff7a6108688902d0c76c55a11e3e135

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3e43eeb30343018941f1a01bcefbdbda
SHA1 d26fd38b7563d3fe1c4889786d8703ab6f87f8fe
SHA256 a0a3f6a84ce8f4bc4bdeccf653659e43c1296a49a4b42eeb3ee53d12c0cf711b
SHA512 ddc2099e76e1116b225e56304524e7a860627973c132a787ee71a56b4bb972287d228eeb1905412433d3069429685a27d39fd91c85f412f351e700bd47483483

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 22073045c3d641a1e46091d6b16363b8
SHA1 aeec13e6b4bdf0e6a77257fef62f97084bee37b6
SHA256 7a3a6d9fc3895ed6c9a154e6390e3cf0e80c82e4a182bf2b70f11dd1dc515be9
SHA512 f3b68346d457926790d63719837e16840a4be377c85dd390614e5ca82047d9f815bb5d38e6ce93d9a7d8853b065ceaa6799f145136aac0911efdf97185d284e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0863237b5e3573f40035a9b1d47d2fdc
SHA1 55256c19eba9226427e139701c9d63382a2fb23c
SHA256 419f758ac6866843c35c1942ef37dec084859cddaf24e8e9b067c450974e9141
SHA512 44e33e185b113ee95efab1efb592cb252be1ee1456b34734050859dfa592e4ce3201af48e6c8c545c45315fff0e3b5593b691dd53939a20b5826cd7ac4a4afd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 2456aae4cb552aabe1de34533739689f
SHA1 04b714c2d4acc07571bc81819f287025863bddfd
SHA256 091767e5802c642b3af79b670bf44286793b35488b37ad57fce79d5436c18f00
SHA512 cbad3a08f5c96327fc9cd257475b8e110dc822336767942f5537da32b635dc37e5dacacfcc3fce21dca7cd5ec7823c42a059b4ee5a2b447a90871a8263420a44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4c2c79a985a8034aebd72e303200ae5d
SHA1 1ab9c8889b50e82a8881797b8d64e0776efc3b2d
SHA256 e457fde923dc7ac4e91c9f3c11d29423f190006c63769f44b6d19893c32dd13d
SHA512 d86d8e9289633c65b1cadbc53f7bb3b93ee1469cf9e0d7143351bb1525c46343d95b490651eff1321f0864a859c0c98806912e49e214863af58bca24a3bc1a79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 334c6ee8453e113d1266454cf7d43911
SHA1 273e6becb233288e855e872d3173f6c75cb86351
SHA256 4c2ece46cca8e263b3eb543dcd85f376afd9821831cb86f37ebaa78e1149ea68
SHA512 33fd80fd5a9726066fe7c11c325df079020fc79895065813c2d6add3d239ebb8a3105076bcd371f2680df8e8f9136696948ce196a1dd3b0f6104de02d853f5d7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 fdc8891020dd5885d0590fc7494440a4
SHA1 8a7587916ae3b23bb38e49878b1052afe6459a50
SHA256 e8a9d3518e6aa4baa2cc3bdb955c2eaf89a8f1516d814b9da73099f30d271bc1
SHA512 7d055678fd113820a5dd0b86d491d4e94183ee55e383be03e5d706c5437953f8cfe103e5fda053b32a7eda5294d26cca7f5335525ad659acd907bb06c6febd4a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\9DF701A451468135E3C2FDE58AF3412249D36539

MD5 3c5632ad6860fd3f797c5a8ff36eaa3d
SHA1 d0ec2c0430c0cd1bccb9b3bf9834f8abfae36898
SHA256 017985810170a24527870162b6d4b33c46ec0084e3b469d7556fd5bfe98f1bec
SHA512 67ad4019146e07a3e8510926d5e90ae9c6094f5c70fb1c17277fd3c710f665d4c441eaff89fed4c616d01980603fb6c34f08aaa6c238c225c48d6ce533b05207

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d20eb9eb2a997cb5a32690796dc3a323
SHA1 fbb0f505e2bc6313e81d20e42e733609e147c474
SHA256 f465c2d6b7eecd9c529affb7036147ce2779111576aea265c2d29b7cd785492c
SHA512 99ef88df678437e52ed1b288b84215e488368a26e84e68927f43617606dcd4b337bae74a6d69ae21e19a1af953335b0b2ae07bf06e0c745968169a6b6b5fde8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6256c169c81f4d7033779764f5e6c8d7
SHA1 ba5319a410dc5409838dec2fc2ed99dfb8528dd8
SHA256 1244ba811e4404c483e5a810ef107e4ce9cc0c6cbb4da86c2243a05e19e706a6
SHA512 7855cc76c454b6a3cf64ebd4fb2be17b77a1e41cd964650d435a66204a76e62ed2d63976bbcbef3c94c8375cb1085d5ec3e2282ce5badf40f92805762b70ff45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6a83a0a69c481f4944b45b006130712b
SHA1 a893a4ce3a976d431360689f72062d39847d446f
SHA256 7ae5f6e56df74681428f975432be52f949278063bc41d9b94e85aa03df43b89c
SHA512 9eaec5761f5953ceb7e69ceb9508f17ba415ad587012d62c1ee427aee3864fbeb8ff6c69c9d87740031b9e6cdbd9540dae07e8d97d5e4074239a2c1cb090c923

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 54992da2e6a17c700609eb4ea5881966
SHA1 27fa53b9b5d069dc2afd6920649979780ede6019
SHA256 959a8a0091e756ec3cd0d0bf3a7e7068589ab4f53d56281580304160ad2ead11
SHA512 06e00be4a75cf53d830e56422b23b7cea4fe7e09c3d50373b5d08c6943fffcebbdd610bec30f5f85a2b5391956aa57481375165cfaabdfc650b9002251c94809

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\6361286EE523E4F3D0F0EC48A620E7F96B722CE0

MD5 8a395497723a4feb1d20e2b7be6a18c4
SHA1 bf090896c194e3d084800b823cb0ef68963b169e
SHA256 1d7e2263912d145e64a76a84624ac7f77b405e62efc4428ac205bfb5a0358327
SHA512 a1cd865b2d386730575f54aadd953e7be51c014dd374ae323b92c483aaeae1c2797ab6f97fbf59bf308b35057c17a5e5ceb447ec630f392117bd2ab772cdd388

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 e5ecb0e6ef7ba29079f29e92dad2335a
SHA1 2e465cc1f46dc1b49910e08ab178a10f69a97e7e
SHA256 7db5800786709e62ae9d4e23b1da13e62e14f507a460b4eb013ab929a16c6d9d
SHA512 dbd0e09d999870a839a9a703fa7e6934e92fe6fbfbbad3a529511803a1f04c52c6183505c895423f4545ce5fa3f893c010ed1e340a0a65f8180d3a9347d67567

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\jumpListCache\FD37JFBunI52uxOAZjaf0g==.ico

MD5 add0dd9e2dbb49b8e1892d7819d7362e
SHA1 ccfea6a2e584010b19b1c5e6c4862d28409c15d8
SHA256 53a4dc10f4c4b73474110140d870f38c694bcd8545503b35fdaf3b7918b62535
SHA512 136b6ca21c74f84f0dfeffd5b696ba4ffbf2b8c2e5c19ef378800f876a16bab80d5af42bdbb77f3fe48ca3d79265ce093c9f4201b6d1368c5413be508e5115a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 60338c4578e535b806c69df033769176
SHA1 1fab3fffe253f918b8cba30d608f44cd90b53961
SHA256 3490ac44637653fca5da8f175bf7bc11074b9ef869092fcdc4c76a86e2682c1c
SHA512 a04e8f8b62da89d302b5037262d4e9cbcdac1135770272c525b23d403c7483f1798b7d28e4b7f0ca43b28345b5aa42acf4342d833b67048d1cae7be4ef77d078

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\B684EA5499CC2892E74677F9265D23D98991600C

MD5 fcf746fe17217b254fb2fc1e4cfc10db
SHA1 6268b290e58d11979456c227d41ae4984834c83d
SHA256 48f24b4474b4f319e2b5f81069288310142b57e91dea190f75d5ea948761ff31
SHA512 f9813f467fffed8eea2998eaa6cc0a6c4c5f22e9fc98f38eb9ff765c0ea1b7b5100ab1f013f1f5ba38ce72ae9e47b61077545426c4d5e45844b0f3bded9fad5c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\78AAA9E5472D257C817FB95908EF0CCE9E14660C

MD5 443fea9cf9d0f47c0745245206df390b
SHA1 fcd72a48f12bd99aae97eda83b5914c34e89ceb1
SHA256 ebdd0d148a3ad34b63744892f98e0750b35914b3197e69941f838a5e033844ce
SHA512 19fbb039009697a2689388ed1b415585d81b65ac1171b39d3232ada7810e3d7f049e9b947d9ceb0981a5cb624588efb9ff2cfd64743350539050afc00960cd0d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\prefs-1.js

MD5 e5ea0516e332fd9eaf1ae4bb1a03e1e4
SHA1 68be7e3714200197f96c4a18d414ed6339a254ff
SHA256 825e0cba6f882da54efe9b22b7ff65adcb877b465ca40cf234e82ca5ce45a446
SHA512 324330a22539835e8fc411e38920e6235816c4814aece7af863d5089ee1b94d3e54f335a1c9f3eb322e303b7c838d61f18b3f0436d10d3f34e86cebdf1060694

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 cf598dd34dfa9ef83975a15898e08107
SHA1 b4d7b3326a602337e19cadb00ef6611a335c8fd6
SHA256 837091d538b2e44ab0ae2c3176368ab4e4a24df88f1a88c8bd6faf46a1e0e90a
SHA512 ce24b1d43c3f3b867ce45aadc6d80531a44eadba4a75334d2458156627f548607fa473610e9a8c621b05bf8f97ada2fee1ae243d96e28cd9272a647b2a581cfa

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 4d4db8e141965be9f8baab9d1aec5358
SHA1 375fcfca8849291be3751053d94a3dac2b59e4b1
SHA256 56bd21c5b6bfdb98bbfeb890fb85d96782fb2fd75b4786c9788ae0f7d9884fc6
SHA512 cca32f28fde089c8c0493a8a90ccc6e053c2ae63b9acd1753056c69be28caeb4bf0a3ed53a56e3217913c6bfd22078b895a2cf247bbadae78860ffac6e8bce65

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 88fa7ef448215d145e8f212b0d0d269d
SHA1 f1f3afd87ae2f553a2584f13f7fe6b53b4a23c01
SHA256 9f60cef97084ec1624446bd822a29160811e3d7a349f32f70874196cebbb599a
SHA512 d67e6e0acc5590a8a3d6a4fa66ee9b66f6ed5b1cd3ff4d55be280d62eec037bbe128aebb3bf3d2a72e3d1f99cbf0fd25817d0bfc6832793cdf636f17b9651f16

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 48b4f11414053a0804f75eea9343578d
SHA1 72921cc346d80f31a6df58a618849e4df2b08c8b
SHA256 3f4cf8f29b560756c6bd0dc9391f3abc79ffc851a36f3cb087aa341945b38cf0
SHA512 06d3d5d349cff376b5d7f1b19e33f948985fe8c1367dc7418b7ad603322041e82fa5a7879782e2b51762d640d1a6a943b19a811243be00e6f75d58a81d7783c6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\B0559DC8FC7E7E6F27BA10A6DA8162E330C5DDD4

MD5 cb762935cc7055770abd5241cf633fc6
SHA1 5177a5e15df07b4fac3b939e53a7f159f33c6546
SHA256 22603d467c3135a80705e1f533f47e65a4f6fd61e17fabd35f6dcbc1c0f3ffec
SHA512 3eaa72bb4fd40e6fbf39b8101b4c4b15cd9593436f5d68740c752facbcee43c9c36fd74dc053007cd1976adf3fe20f965706e317c93342b065ddf2d7f537bcd2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\A089F77B9A1E55C23519FFB460F7B2F16099B7B0

MD5 b79680f1dc168824811b2e4329119f88
SHA1 7b7ff5cc38a5aa1968e1896d9f540b6c7db88c5a
SHA256 a2898cd944c41ddc172f828a963df8365d02de337267e1e804d03ddcd0c7174f
SHA512 d79f0ea72517128881c62436005cf2d637ace15346a3c2ceda8f4f476340d2759239b66c65f57e5e2b97db1308ed51df64423bef3b41125bf32cb0c814187fb2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\E85C61AF6F20F855391D9108B589E083498987C3

MD5 5a54c11990c6d5c1b1490a7bcb0b591f
SHA1 ff449cb105830000ae9ea95459ed8bed1485d8c7
SHA256 746b8e083ecc354fb550b57e747db58610a548e63100a93fd9d64e4a2df36aae
SHA512 86f620f200e2b3d3c52243748f9d2c20bcb09803c14da7ae199ce30eed816d71e77b2eaf77a90e9a39ff643c4773a98e3e42ec09f6443f60d8797ca11125b284

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 374b50fa2191b7d015c80dc8821a312a
SHA1 8377e341c5c7c2e194f5636df61d833943273122
SHA256 3e1eb2d51a1e6c2d293ffa8a8b0157e9b7a41b66385db24d1e9113c8477b2560
SHA512 da4b871fe8e11979ab3582a34cc6aa9ed465b4b2f02999ca2d4b784461ba87a3ca5b381da7eee74d514c9bef6aece759a8f45ab8ce14dff8d727617f690bbb14

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\doomed\3467

MD5 3c6ad2449c225ebb34416c662784a4fd
SHA1 5b7a070beff45ec7063f8e803105073cb3399593
SHA256 91df2c4ab25095ac009ac64c758527273f1e3f7ca12c602fe7da2e3365374da4
SHA512 41982f1c49acc77da4d293412abed447037f13a35c5d7e7859cdda8ce0d17a1cb020a73894549f52353238ef3a1f4c8ce4f1cfd801838900177d4dc8b8c9c2e4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\75E538799C895A326B1748F01DC62C685C292CB7

MD5 3c207b8aff994bcb81af70b094129205
SHA1 edd72ef597e15971dc77e631dda0ba23c04eaff5
SHA256 5e0150b40d45466344fc78d16a2ea9c715e577021ba69283fd1f125c72cbb5f9
SHA512 c5780a717f03eb56dcb9b177628ebc4207f25c7bd74903281f03d8096e9e83fe9082165a3e12b392250cc02e00af6a6891939a214aae33b4b2cf19ea02e3700b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 2e7a3912cbe605c6d323a90b9945fd72
SHA1 a53fd4b33d2ffea291f3cdec558272025a1a1f6a
SHA256 621e5278a5811f0aafce66feba77ffcb5f9d1a26cdf270ce5a77c4a83cd66b78
SHA512 614b0e46155046617273a8faa2bcf546445a8ddd8d4ce60dd6218097a290fcd8c39e84a5bd4e2974fba376d52e410ebc1376f9186279da69870afac10ed809a2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\doomed\9443

MD5 8c9e2cafa001dab150f39f7655b60778
SHA1 e55036a4f222700d625a7c1c0b47dd66acafc50a
SHA256 4930de3d633bf3dff897e6ad80dcc0a0470520010fa43f311ef5f5c6b2eef657
SHA512 cec9b77395bec27458c5f13e7d7153850234a0bbca417cef3be3624f0913790b2b8a919030e3537b49d64ee18468d36328cbf45fbc693a84b0a60ffb71532664

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\75F7F28DE4DA14280A596091EDBD41A92A44336B

MD5 c40ccdf4542d2773c28e3a271930e1ef
SHA1 af9b29bf503b9ea16a7e4d3ef009ab2d2d800bef
SHA256 b5cc7811d3d0fe83eda5baf984a782f5c6f85358ff0491c49dc3eddd61745f7c
SHA512 a11f97b7578dc9c3cdbcd026cc6c08bf8adbba249a6a95b8b10c297123e4081da84a8e8a7c5a01f5a2133eb975d901fb8ad93234b39974f6a4a7f0db62531652

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 9951a24c11c2eea14c496a05dbb8c0fd
SHA1 99f0880038d3c8654a4a52ad34f2fea894f3b364
SHA256 aea8ba7e9c4fc66a1959f7939f9424b48735e9812b78b6e482619aa80e99bdec
SHA512 35e613f179819d2e3809b2407f07309be3827527b46a6372850ec2c82d2845279bb674bc1bcc658ca847d52853c6cbb559c73d42e0c3d722d3e9a3e3822adfcc

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 a6322a4c25ffb6da0705550045b67ea7
SHA1 a873d9163405f2fda60a9f6d75aa78017167ac8e
SHA256 cff9c3d2c7832e738920058834033c292eb00abb1e8322cd9bd200e48be85425
SHA512 c88ec439c62c1ad0999ac033ea11875e223f12401e6e93df0fd4e7b6c4585c05dd1eb2176c3c7c2ce9703374c794ce62ca5ea7401ad4fa936c30e26779f473b0

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 5f60a1b2fd02694d9b690a185acbcbba
SHA1 195a5890c0c8c3e9a67229bb3a7ccf5bf0970558
SHA256 9207aed216ecd52c89fcbf434bffa5f857d78dbc403d91808ddb5a0fe5a11093
SHA512 c3e45f4a84a1ea3d760ee15b47f58d3570cad0162d6034afa1950184210fa611e871d8ad1a54826d52074df3e47d840e2a3be270b0223d3e1a72417858494043

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 7fd867a1ea55dc8131f267a9a1b42c00
SHA1 6b0f436deb39f5039d9aa2e2f393e1807fe6ba3b
SHA256 5851c318f1e9e93a666a1a12d0c342943c1dc2d574fa2ab64cc3d0b321cc28ff
SHA512 cb6a0db1ee0c19daaefa2c4032b40c34582f8224c4a687d72cc30e2badbb1c2398094bf7bc36cd3ffe1f80c5dc5792d2b34749478866517b7d35dedad3888a81

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f512237b357fd60474f0b31ecc7b4ee2
SHA1 f43c9164fdd404d367254e19ac89796b5172aab6
SHA256 0d5883998c5a04585baca19ee5a49adaa9d005c4041f74985fb449b503d95640
SHA512 024ad5ebf5a9169f250f6f67b378bfa3cac4d98151e9534565b39792c68ecc0dd042c88d9cdc9aa98751ce789289d10d954be582461517b223b6f3ded23063d4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\doomed\989

MD5 d1df8e94f5081865e3c0a942c76b36bf
SHA1 707385208b138b5540298cb808060a1640afa1b0
SHA256 e184e6221d7ef2ecdd87b0f0a17a397c45a0ef8d63411832ebd5792d45419a35
SHA512 d321c67652ea620ed65c0103e9c83a7f22d1db4df7c4cc8e0439cd476fa32fb3637cbc3243842045665de14ea34aaa41897c52b84ad8d93a22f8b9a6ef43a449

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\prefs.js

MD5 3a22e0f9c79ce4ea3a9887e4edc8e15b
SHA1 0f53641d4b5eccb212ca6e4b5320bd79cf7671f4
SHA256 0fc636e03ed7199cfe10252839215480eb46573339c97f038bb6a43b9ace18bf
SHA512 96ef128829aa2d59b65f46abd4d97ad4673f05225bfdc74489aa750138871ca1e7eecd668f61361286e1b6fe621982ac26cd0d7a923c3b0df9cfe23160bf31a9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 73a685bda2a4eb6a7ddcfad16ac69c30
SHA1 1946de66838fb26b72a79dc2010b2ffeccb54a70
SHA256 1ea1b5e2d331975ed7baa021c71dbc0fe7237abda7e07182767367263fe20db6
SHA512 0aead6da82162c80e753fdda9f2eebb43acdb7ce952e285f67156d9123ae3b97edf1282fedbc54320b259e719ff0468d359cdff2a95a9282394297c8cd75ff0b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 269b747f23b9742f745e9676281c8584
SHA1 ead4231764124bd83e6f65d6986767df6afbc974
SHA256 3b0f8d9817be6f00df727a9e54cb8840c74c0b98df56560769b17039d7604623
SHA512 ffd34c222170896a72a167be7799d9f6fd0051bd0ebabb901cd64150116c4d6f9bfb10e9edd307651e1d7004929c4b557a278bcb9ef409b6956ad8173f3fdede

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\doomed\20246

MD5 27760fe78e15a7636ff59acd551bf43f
SHA1 3f1d58babdc5ae51a11a91dd2ab78205e4267a59
SHA256 12d133e18d81df1f669d36614ac68fa07391b71185345293cccd976687cf0d0d
SHA512 b8f5fa1545f9f485d827476ae051f87df0aa1ec7bab0bd33e789be36bf946bc38e4522b9ec8dad5f2264974612de0abfda0e08f8bbb01facdab6e8e77790b6ed

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 21c59ff145c54f43dca4e33f72681435
SHA1 693ac3ac15d8dc56c1a8f27c7a5bd1647548234b
SHA256 6fd835873b8dae22463cc0cd9f9717a67c106b429585d14e9078175a7c15155f
SHA512 09fb57add86ae00febb0aa08cad574d366ada70f655aa6e35183720144cc57a6210e56e56e7bb8708700bbf9f6d6bfbb8399f929eb8520d4e66925fe027e1d61

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\on1px6pk.default-release\cache2\entries\271438C6CB5CF2854284CE1CE725C4C0AD526B83

MD5 b8ee2360512ddfde09521bede6008a13
SHA1 f846d36d30571d2ab189f729f0acc0ecde251bec
SHA256 89991b45a517bb40db34e5ee1ab0bb4f7536bc9b3713dc8cec7339dbbacf6f53
SHA512 4d20b7be9a0981b2503a2532fa104f4f17dbb83435dea2394fde00d3c1f972fb98f695c82a63139ba1e7cc0dfe51c342d1b9b6adbf4adc54d7cc8d85a94df80c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\on1px6pk.default-release\sessionstore-backups\recovery.jsonlz4

MD5 5e54c251ca37a67acc8d8419f6ab9c2f
SHA1 5fa4a7be3b5a6e2f8a0406e4e5f0891c380e8751
SHA256 c6488dc46dbaa421951084a9aa059f33aaf3bb10d2c92b47ad3780f298ac9862
SHA512 5eb33d3c0b37cb2a2b146848ac8f240cf50d3449a55b033b22338b2e1c5b1b71f2a6e5aa61171d2c9369e23746060901108479fbff431254d77c4930f94ba1b2