Analysis

  • max time kernel
    870s
  • max time network
    871s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    13-04-2024 22:42

General

  • Target

    jigsaw.exe

  • Size

    283KB

  • MD5

    2773e3dc59472296cb0024ba7715a64e

  • SHA1

    27d99fbca067f478bb91cdbcb92f13a828b00859

  • SHA256

    3ae96f73d805e1d3995253db4d910300d8442ea603737a1428b613061e7f61e7

  • SHA512

    6ef530b209f8ec459cca66dbf2c31ec96c5f7d609f17fa3b877d276968032fbc6132ea4a45ed1450fb6c5d730a7c9349bf4481e28befaea6b119ec0ded842262

  • SSDEEP

    6144:7fukPLPvucHiQQQ4uuy9ApZbZWxcZt+kTfMLJTOAZiYSXjjeqXus:7fu5cCT7yYlWi8kTfMLJTOAZiYSXjyqX

Malware Config

Signatures

  • Jigsaw Ransomware

    Ransomware family first created in 2016. Named based on wallpaper set after infection in the early versions.

  • Renames multiple (3750) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops startup file 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Drops desktop.ini file(s) 2 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 10 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 6 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Program crash 1 IoCs
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 8 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 18 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 5 IoCs
  • Suspicious behavior: EnumeratesProcesses 21 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 55 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

  • Uses Volume Shadow Copy WMI provider

    The Volume Shadow Copy service is used to manage backups/snapshots.

  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

Processes

  • C:\Users\Admin\AppData\Local\Temp\jigsaw.exe
    "C:\Users\Admin\AppData\Local\Temp\jigsaw.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious use of WriteProcessMemory
    PID:1888
    • C:\Users\Admin\AppData\Local\Drpbx\drpbx.exe
      "C:\Users\Admin\AppData\Local\Drpbx\drpbx.exe" C:\Users\Admin\AppData\Local\Temp\jigsaw.exe
      2⤵
      • Executes dropped EXE
      • Drops desktop.ini file(s)
      • Drops file in Program Files directory
      • Drops file in Windows directory
      • Suspicious use of FindShellTrayWindow
      PID:3788
  • C:\Windows\system32\taskmgr.exe
    "C:\Windows\system32\taskmgr.exe" /7
    1⤵
    • Drops file in Windows directory
    • Checks SCSI registry key(s)
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:1476
  • C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2092
    • C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe"
      2⤵
      • Checks processor information in registry
      • Modifies registry class
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1340
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.0.1525696500\1664453700" -parentBuildID 20221007134813 -prefsHandle 1720 -prefMapHandle 1628 -prefsLen 17985 -prefMapSize 230273 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d394209b-0919-4866-9a27-61467bc8a951} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 1788 29b7b105c58 socket
        3⤵
        • Checks processor information in registry
        PID:4616
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.1.1407521753\779357775" -parentBuildID 20221007134813 -prefsHandle 2252 -prefMapHandle 1804 -prefsLen 19019 -prefMapSize 230273 -appDir "C:\Program Files\Mozilla Firefox\browser" - {050471aa-e4a8-46f8-9097-58d683cdc034} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 2232 29b7bcfc658 gpu
        3⤵
          PID:4448
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.2.1449379277\320149484" -childID 1 -isForBrowser -prefsHandle 3312 -prefMapHandle 3308 -prefsLen 20083 -prefMapSize 230273 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {df2195b5-f4ae-4159-afa4-7bc7efa88f78} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 3328 29b7c9aea58 tab
          3⤵
            PID:3248
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.3.254255801\1393746378" -childID 2 -isForBrowser -prefsHandle 3744 -prefMapHandle 3748 -prefsLen 21275 -prefMapSize 230273 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0407d8a7-5e19-4532-9185-5f409b824c17} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 3640 29b7fba9558 tab
            3⤵
              PID:4172
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.4.1966597665\2012161208" -childID 3 -isForBrowser -prefsHandle 4072 -prefMapHandle 4068 -prefsLen 27043 -prefMapSize 230273 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d1e914c8-3869-4258-817f-3959be454762} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 4020 29b7db65e58 tab
              3⤵
                PID:4176
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.5.1070500208\691365060" -parentBuildID 20221007134813 -prefsHandle 2816 -prefMapHandle 2792 -prefsLen 27782 -prefMapSize 230273 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a0d67fbc-ad7f-458b-a8ac-b0e958c0cf5a} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 2808 29b812d5558 rdd
                3⤵
                  PID:3496
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.6.746748052\671124376" -childID 4 -isForBrowser -prefsHandle 2012 -prefMapHandle 1972 -prefsLen 28328 -prefMapSize 230273 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {26b86d93-beb2-4b2e-874f-263ae2f233b4} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 5076 29b7bcfbd58 tab
                  3⤵
                    PID:800
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.7.720752566\1051427923" -childID 5 -isForBrowser -prefsHandle 5244 -prefMapHandle 5248 -prefsLen 28328 -prefMapSize 230273 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d69cefbf-bb37-4061-9505-6c6da27e9d48} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 5236 29b81a41558 tab
                    3⤵
                      PID:796
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1340.8.308174435\934554381" -childID 6 -isForBrowser -prefsHandle 5436 -prefMapHandle 5440 -prefsLen 28328 -prefMapSize 230273 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {41fb3358-f344-4ac1-8a39-d89bfa048cf8} 1340 "\\.\pipe\gecko-crash-server-pipe.1340" 5428 29b82699058 tab
                      3⤵
                        PID:4908
                  • C:\Windows\system32\mspaint.exe
                    "C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Desktop\RestoreOpen.emf"
                    1⤵
                    • Drops file in Windows directory
                    • Suspicious behavior: EnumeratesProcesses
                    • Suspicious use of SetWindowsHookEx
                    PID:1212
                  • \??\c:\windows\system32\svchost.exe
                    c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
                    1⤵
                      PID:1520
                    • C:\Windows\System32\fontview.exe
                      "C:\Windows\System32\fontview.exe" C:\Users\Admin\Desktop\PopProtect.ttc
                      1⤵
                        PID:2736
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe"
                        1⤵
                        • Enumerates system info in registry
                        • Modifies data under HKEY_USERS
                        • Modifies registry class
                        • Suspicious behavior: EnumeratesProcesses
                        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                        • Suspicious use of AdjustPrivilegeToken
                        • Suspicious use of FindShellTrayWindow
                        • Suspicious use of SendNotifyMessage
                        PID:4920
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff933499758,0x7ff933499768,0x7ff933499778
                          2⤵
                            PID:4876
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:2
                            2⤵
                              PID:308
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1848 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                              2⤵
                                PID:3220
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2136 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                2⤵
                                  PID:1060
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2988 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                  2⤵
                                    PID:1100
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2996 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                    2⤵
                                      PID:3872
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4008 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                      2⤵
                                        PID:840
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4668 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                        2⤵
                                          PID:4808
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4792 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                          2⤵
                                            PID:4320
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4940 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                            2⤵
                                              PID:4432
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4932 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                              2⤵
                                                PID:1984
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4676 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                2⤵
                                                  PID:752
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4636 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                  2⤵
                                                    PID:4676
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5116 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                    2⤵
                                                      PID:2340
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4864 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                      2⤵
                                                        PID:4840
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5264 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                        2⤵
                                                          PID:4748
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2420 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                          2⤵
                                                            PID:4892
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=888 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                            2⤵
                                                              PID:2520
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4120 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                              2⤵
                                                                PID:5112
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4152 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                                2⤵
                                                                  PID:2100
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5592 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                                  2⤵
                                                                    PID:3860
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5552 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:2
                                                                    2⤵
                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                    PID:2228
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3172 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                                    2⤵
                                                                      PID:4632
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3752 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                                      2⤵
                                                                        PID:2968
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5136 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                                        2⤵
                                                                          PID:1868
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5136 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                                          2⤵
                                                                            PID:3056
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=1500 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                                            2⤵
                                                                              PID:1396
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=3096 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                                              2⤵
                                                                                PID:3156
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4116 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                                                2⤵
                                                                                  PID:4408
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5252 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                                                  2⤵
                                                                                    PID:4244
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5420 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                                                    2⤵
                                                                                      PID:4576
                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5136 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                                                      2⤵
                                                                                        PID:3584
                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5776 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                                                        2⤵
                                                                                          PID:4856
                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3812 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                                                          2⤵
                                                                                            PID:2880
                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=4676 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                                                            2⤵
                                                                                              PID:2952
                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4968 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                                                              2⤵
                                                                                                PID:4348
                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=4080 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:812
                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=3276 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:3412
                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6256 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:3408
                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4068 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                                                                      2⤵
                                                                                                        PID:4892
                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3136 --field-trial-handle=1856,i,1945808863767976711,17272257544000980526,131072 /prefetch:8
                                                                                                        2⤵
                                                                                                          PID:2128
                                                                                                      • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                                                        "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                                                        1⤵
                                                                                                          PID:800
                                                                                                        • C:\Windows\System32\rundll32.exe
                                                                                                          C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                                          1⤵
                                                                                                            PID:2640
                                                                                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_Ransomware.Mamba.zip\131.exe
                                                                                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_Ransomware.Mamba.zip\131.exe"
                                                                                                            1⤵
                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                            PID:1616
                                                                                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_Ransomware.Mamba.zip\131.exe
                                                                                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_Ransomware.Mamba.zip\131.exe"
                                                                                                            1⤵
                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                            PID:3592
                                                                                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_Ransomware.Mamba.zip\131.exe
                                                                                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_Ransomware.Mamba.zip\131.exe"
                                                                                                            1⤵
                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                            PID:1512
                                                                                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_Ransomware.Mamba.zip\131.exe
                                                                                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_Ransomware.Mamba.zip\131.exe"
                                                                                                            1⤵
                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                            PID:840
                                                                                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_Ransomware.Mamba.zip\131.exe
                                                                                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_Ransomware.Mamba.zip\131.exe"
                                                                                                            1⤵
                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                            PID:4864
                                                                                                          • C:\Users\Admin\Downloads\Ransomware.Mamba\131.exe
                                                                                                            "C:\Users\Admin\Downloads\Ransomware.Mamba\131.exe"
                                                                                                            1⤵
                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                            PID:2952
                                                                                                          • C:\Windows\system32\OpenWith.exe
                                                                                                            C:\Windows\system32\OpenWith.exe -Embedding
                                                                                                            1⤵
                                                                                                            • Modifies registry class
                                                                                                            • Suspicious behavior: GetForegroundWindowSpam
                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                            PID:828
                                                                                                            • C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                              "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Downloads\Ransomware.RedBoot\1001a8c7f33185217e6e1bdbb8dba9780d475da944684fb4bf1fc04809525887
                                                                                                              2⤵
                                                                                                              • Modifies Internet Explorer Phishing Filter
                                                                                                              • Modifies Internet Explorer settings
                                                                                                              • Modifies registry class
                                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                                              PID:3032
                                                                                                              • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                                                                                                                "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3032 CREDAT:82945 /prefetch:2
                                                                                                                3⤵
                                                                                                                • Modifies Internet Explorer settings
                                                                                                                • Suspicious use of SetWindowsHookEx
                                                                                                                PID:808
                                                                                                          • C:\Windows\system32\OpenWith.exe
                                                                                                            C:\Windows\system32\OpenWith.exe -Embedding
                                                                                                            1⤵
                                                                                                            • Modifies registry class
                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                            PID:5076
                                                                                                          • C:\Users\Admin\Downloads\Ransomware.Petrwrap\svchost.exe
                                                                                                            "C:\Users\Admin\Downloads\Ransomware.Petrwrap\svchost.exe"
                                                                                                            1⤵
                                                                                                            • Drops startup file
                                                                                                            PID:4344
                                                                                                          • C:\Users\Admin\Downloads\Ransomware.Petrwrap\svchost.exe
                                                                                                            "C:\Users\Admin\Downloads\Ransomware.Petrwrap\svchost.exe"
                                                                                                            1⤵
                                                                                                              PID:1712
                                                                                                            • C:\Windows\SysWOW64\mshta.exe
                                                                                                              "C:\Windows\SysWOW64\mshta.exe" "C:\Users\Admin\Downloads\Ransomware.Petrwrap\myguy.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}
                                                                                                              1⤵
                                                                                                                PID:2944
                                                                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                  C:\Windows\SysWOW64\WerFault.exe -u -p 2944 -s 1324
                                                                                                                  2⤵
                                                                                                                  • Program crash
                                                                                                                  PID:1616
                                                                                                              • C:\Users\Admin\Downloads\Ransomware.Petrwrap\svchost.exe
                                                                                                                "C:\Users\Admin\Downloads\Ransomware.Petrwrap\svchost.exe"
                                                                                                                1⤵
                                                                                                                  PID:1380
                                                                                                                • C:\Users\Admin\Downloads\Ransomware.Petrwrap\svchost.exe
                                                                                                                  "C:\Users\Admin\Downloads\Ransomware.Petrwrap\svchost.exe"
                                                                                                                  1⤵
                                                                                                                    PID:4576
                                                                                                                  • C:\Windows\system32\AUDIODG.EXE
                                                                                                                    C:\Windows\system32\AUDIODG.EXE 0x410
                                                                                                                    1⤵
                                                                                                                      PID:808

                                                                                                                    Network

                                                                                                                    MITRE ATT&CK Enterprise v15

                                                                                                                    Replay Monitor

                                                                                                                    Loading Replay Monitor...

                                                                                                                    Downloads

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_remove_18.svg.fun

                                                                                                                      Filesize

                                                                                                                      720B

                                                                                                                      MD5

                                                                                                                      75a585c1b60bd6c75d496d3b042738d5

                                                                                                                      SHA1

                                                                                                                      02c310d7bf79b32a43acd367d031b6a88c7e95ed

                                                                                                                      SHA256

                                                                                                                      5ebbfc6df60e21044486a5df3cb47ccdcd7a4d5f197804555715ffd9bf6c5834

                                                                                                                      SHA512

                                                                                                                      663a302e651b9167f4c4e6ae30028307b4d8da0dda3a0e5fd414104951d50419862fc9396c5b39fe5c4b696efd3efbf0b575688983b1d341f3ef38becf500505

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\icons.png.fun

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      72269cd78515bde3812a44fa4c1c028c

                                                                                                                      SHA1

                                                                                                                      87cada599a01acf0a43692f07a58f62f5d90d22c

                                                                                                                      SHA256

                                                                                                                      7c78b3da50c1135a9e1ecace9aea4ea7ac8622d2a87b952fc917c81010c953f7

                                                                                                                      SHA512

                                                                                                                      3834b7a8866e8656bbdbf711fc400956e9b7a14e192758f26ccf31d8f6ab8e34f7b1983c1845dc84e45ff70555e423d54a475f6a668511d3bcbdd1d460eeb4b0

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\icons_ie8.gif.fun

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      eda4add7a17cc3d53920dd85d5987a5f

                                                                                                                      SHA1

                                                                                                                      863dcc28a16e16f66f607790807299b4578e6319

                                                                                                                      SHA256

                                                                                                                      97f6348eaa48800e603d11fa22c62e10682ad919e7af2b2e59d6bd53937618f2

                                                                                                                      SHA512

                                                                                                                      d59fa9648dc7cb76a5163014f91b6d65d33aaa86fc9d9c73bf147943a3254b4c4f77f06b2e95bb8f94246a982ea466eb33dac9573dd62f40953fd23de1c1b498

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\icons_retina.png.fun

                                                                                                                      Filesize

                                                                                                                      15KB

                                                                                                                      MD5

                                                                                                                      7dbb12df8a1a7faae12a7df93b48a7aa

                                                                                                                      SHA1

                                                                                                                      07800ce598bee0825598ad6f5513e2ba60d56645

                                                                                                                      SHA256

                                                                                                                      aecde4eb94a19095495d76ef3189a9abd45bcfd41acbed7705d22b4c7d00aa77

                                                                                                                      SHA512

                                                                                                                      96e454ebb4c96573e8edc6822290c22d425f4c7f7adbab35e6dc4b3ce04a5916ae9254c2c312c98299835ecbf3c5aa95da2939b8408ac25fbae44ba87a3795dc

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\new_icons.png.fun

                                                                                                                      Filesize

                                                                                                                      8KB

                                                                                                                      MD5

                                                                                                                      82a2e835674d50f1a9388aaf1b935002

                                                                                                                      SHA1

                                                                                                                      e09d0577da42a15ec1b71a887ff3e48cfbfeff1a

                                                                                                                      SHA256

                                                                                                                      904372666ca3c40f92b20317d92ca531678958affbc34591401e338146fe0ecb

                                                                                                                      SHA512

                                                                                                                      b10a8e384d0bd088443a5085f5c22a296f6f4d295a053d4526690ba65846e887daec47d01cf18fdf1160db98061a8b7c4040de56e6e604451a821fadccf32698

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\new_icons_retina.png.fun

                                                                                                                      Filesize

                                                                                                                      17KB

                                                                                                                      MD5

                                                                                                                      150c9a9ed69b12d54ada958fcdbb1d8a

                                                                                                                      SHA1

                                                                                                                      804c540a51a8d14c6019d3886ece68f32f1631d5

                                                                                                                      SHA256

                                                                                                                      2dee41184747742fbdc527b2023d67fecec1ccdfdf258439a06cd75d4fd33f43

                                                                                                                      SHA512

                                                                                                                      70193ee6f0919eb14311f43b5a5da041deacb568db55fc43290ee76e17af902ac468435b37a150630ea3b7871c724073915ae5dcba3c301ac42f2d68dd598e2f

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon.png.fun

                                                                                                                      Filesize

                                                                                                                      448B

                                                                                                                      MD5

                                                                                                                      880833ad1399589728c877f0ebf9dce0

                                                                                                                      SHA1

                                                                                                                      0a98c8a78b48c4b1b4165a2c6b612084d9d26dce

                                                                                                                      SHA256

                                                                                                                      7a27d891097df183fbf0031e3894bdac0ce77aef15d666ddd9f6a04e9836fb27

                                                                                                                      SHA512

                                                                                                                      0ddf247892a72a390437390d535debf6e41d12e51b31eb4f0353b710ec380c5fbc531a48e76935088063a41aca843287d3def9c1cd46be05b8dcb69f5017a464

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_2x.png.fun

                                                                                                                      Filesize

                                                                                                                      624B

                                                                                                                      MD5

                                                                                                                      409a8070b50ad164eda5691adf5a2345

                                                                                                                      SHA1

                                                                                                                      e84e10471f3775d5d706a3b7e361100c9fbfaf74

                                                                                                                      SHA256

                                                                                                                      a91790b778026db625c9dedfe1c6d94b884818b33d7977e86b2f9c2f3c500796

                                                                                                                      SHA512

                                                                                                                      767a75edd37d29b3433040ce21cda849cd11ba549f27581f7edc6416c433ba7047c56908d40956422393ab0f35ede61617d4bd2aad0bde3d1ebd276584c858c7

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover.png.fun

                                                                                                                      Filesize

                                                                                                                      400B

                                                                                                                      MD5

                                                                                                                      2884524604c89632ebbf595e1d905df9

                                                                                                                      SHA1

                                                                                                                      b6053c85110b0364766e18daab579ac048b36545

                                                                                                                      SHA256

                                                                                                                      ae2facd997527426fc4def82e0db68be29b44499bfff86a28c36f7c31b177d4f

                                                                                                                      SHA512

                                                                                                                      0b506397627823a1768796129c6b37d146821471b89338b5f2d0fd3aea707fd46a8e197ee0e298ddfb3b50eef0a0b064946006346b060f733ef19cbd5d24fc90

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover_2x.png.fun

                                                                                                                      Filesize

                                                                                                                      560B

                                                                                                                      MD5

                                                                                                                      e092d14d26938d98728ce4698ee49bc3

                                                                                                                      SHA1

                                                                                                                      9f8ee037664b4871ec02ed6bba11a5317b9e784a

                                                                                                                      SHA256

                                                                                                                      5e8ec278a273be22199884d519a79f748801baa3a45b76e57569fdfffe96e7fb

                                                                                                                      SHA512

                                                                                                                      b2fcb5d46339cdf6b5a954f2a083cf913779e57cb6e8699bc5da1fba1c370c41117b7ddefb50075622067eb7b02a20268bc047171bd883bcda4a497c2ec64ea4

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon.png.fun

                                                                                                                      Filesize

                                                                                                                      400B

                                                                                                                      MD5

                                                                                                                      0c680b0b1e428ebc7bff87da2553d512

                                                                                                                      SHA1

                                                                                                                      f801dedfc3796d7ec52ee8ba85f26f24bbd2627c

                                                                                                                      SHA256

                                                                                                                      9433084e61062d2b709c1390e298ddaf3fb0226656662c04c0b7026a44dee750

                                                                                                                      SHA512

                                                                                                                      2d1399a6bf225b048d2b12656e941ad912636acae2dec387f92f33ac80629a1e504bca63580ba73a8ed073788f697274d5eb76ea1b089f0555fd397a8f5cbbff

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png.fun

                                                                                                                      Filesize

                                                                                                                      560B

                                                                                                                      MD5

                                                                                                                      be26a499465cfbb09a281f34012eada0

                                                                                                                      SHA1

                                                                                                                      b8544b9f569724a863e85209f81cd952acdea561

                                                                                                                      SHA256

                                                                                                                      9095e9b4759e823e96984981af41b7a9915a5ecaa6be769f89c13484cef9e0f5

                                                                                                                      SHA512

                                                                                                                      28196e5de9670e9f63adcf648368bd3ea5926a03e28a13adc2fb69c567fba2f84e4f162637c487acb64eda2e30993f849806f2313820ba693c7e70303542d04f

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png.fun

                                                                                                                      Filesize

                                                                                                                      400B

                                                                                                                      MD5

                                                                                                                      2de4e157bf747db92c978efce8754951

                                                                                                                      SHA1

                                                                                                                      c8d31effbb9621aefac55cf3d4ecf8db5e77f53d

                                                                                                                      SHA256

                                                                                                                      341976b4fe312824d02512d74770a6df9e1c37123781655532bd9cd97ea65fa9

                                                                                                                      SHA512

                                                                                                                      3042a742c38434ae3ee4fe10f7137462cdebad5cae0f9a85fb61063d15a30e1b54ac878b1af65f699c6ca1a9d2c3e58d245e54bdebfadc460cbd060836734e11

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png.fun

                                                                                                                      Filesize

                                                                                                                      560B

                                                                                                                      MD5

                                                                                                                      ad091690b979144c795c59933373ea3f

                                                                                                                      SHA1

                                                                                                                      5d9e481bc96e6f53b6ff148b0da8417f63962ada

                                                                                                                      SHA256

                                                                                                                      7805ac9d0e05d560023e5aabed960d842e4f3ec2aa3db45a9cfb541688e2edb1

                                                                                                                      SHA512

                                                                                                                      23b4c799a7b25f70962e8dd0ec7286ba7150053cab7c88f5fb1efc1095c2987bd6f3572e7fb3ee4b2238958e52a763de2c84a74615df7a6d3a19a034584fd687

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\images\example_icons.png.fun

                                                                                                                      Filesize

                                                                                                                      688B

                                                                                                                      MD5

                                                                                                                      65368c6dd915332ad36d061e55d02d6f

                                                                                                                      SHA1

                                                                                                                      fb4bc0862b192ad322fcb8215a33bd06c4077c6b

                                                                                                                      SHA256

                                                                                                                      6f9c7ebec5a707de439e3fd2e278fdfa07a39465d56157b70b24f091509bf76f

                                                                                                                      SHA512

                                                                                                                      8bb9a7690aeb3c0b9e14e1a6ebc5741536d354cf2324fd74ee0c3e4ef511718f7795039a94c8d2df94b6e6d0fb1762191cb649089d1def12abdf34003f0cdd0f

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\images\example_icons2x.png.fun

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      0d35b2591dc256d3575b38c748338021

                                                                                                                      SHA1

                                                                                                                      313f42a267f483e16e9dd223202c6679f243f02d

                                                                                                                      SHA256

                                                                                                                      1ca0cfc2df0354c8d886285ae5e743d9c7cc030e1afd68ac113c0f2ce43ad5fa

                                                                                                                      SHA512

                                                                                                                      f6c58c27bbde7508a866bd0e7fabadb13a4f020378cd8b8cfc0c9fa23f645d811d6cdea04b81afdf30c064c6248152e74b3e6a78ec7a3d1d19037a0db8897d7e

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\themes\dark\bg_pattern_RHP.png.fun

                                                                                                                      Filesize

                                                                                                                      192B

                                                                                                                      MD5

                                                                                                                      b8454390c3402747f7c5e46c69bea782

                                                                                                                      SHA1

                                                                                                                      e922c30891ff05939441d839bfe8e71ad9805ec0

                                                                                                                      SHA256

                                                                                                                      76f8ed1dd50e50c7d62b804a0d6901a93e5534787d7b38467933d4c12ce98a0d

                                                                                                                      SHA512

                                                                                                                      22b26c62473e80d17c1f78df14757ccfb6c7175faa541705edc153c02baa7ab0982b5daabe8dd2c8c9efb92af81f55ccaeeecffe8ed9a0b3c26e89135ca50923

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\themes\dark\bg_patterns_header.png.fun

                                                                                                                      Filesize

                                                                                                                      704B

                                                                                                                      MD5

                                                                                                                      6e333be79ea4454e2ae4a0649edc420d

                                                                                                                      SHA1

                                                                                                                      95a545127e10daea20fd38b29dcc66029bd3b8bc

                                                                                                                      SHA256

                                                                                                                      112f72ef2bc57de697b82b731775fba3f518d1ae072120cd11b732bf4a782e36

                                                                                                                      SHA512

                                                                                                                      bed5906c7373814acc8a54c1631428a17f0aa69282920447a1575d8db826afd5dab262301dc6da610ff8bb81d24ec6babd3d9fb99fd6945f1aca9cb9c76ec2c9

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\themes\dark\illustrations.png.fun

                                                                                                                      Filesize

                                                                                                                      8KB

                                                                                                                      MD5

                                                                                                                      3ae8789eb89621255cfd5708f5658dea

                                                                                                                      SHA1

                                                                                                                      6c3b530412474f62b91fd4393b636012c29217df

                                                                                                                      SHA256

                                                                                                                      7c5b1d8469e232a58359ccbcb89e619c81c20e6d2c7579e4292eb9a19849bc5a

                                                                                                                      SHA512

                                                                                                                      f6998dbae1a2fa56f962045261a11a50b8e03573d9d4cf39083da3be341cc104e0ecf5908076f03961bcdb1356d05a7450d69940ec3aaab73623a6fe180e7051

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\themes\dark\illustrations_retina.png.fun

                                                                                                                      Filesize

                                                                                                                      19KB

                                                                                                                      MD5

                                                                                                                      b7c62677ce78fbd3fb9c047665223fea

                                                                                                                      SHA1

                                                                                                                      3218c7b6fd8be5e0a8b67d3953d37d5dbd0c71d8

                                                                                                                      SHA256

                                                                                                                      aa638be6e1107ed1f14e8430abedd6f6d0a837a31b1b63e6a7741d6d417eddc2

                                                                                                                      SHA512

                                                                                                                      9e0cc29835845f2a0260a6989c1b362bac22a8e0c2825bc18f1dde812ce7868503881d2deaf951429a80b5017b6ce31e785ff524883e08d730aa38b36a2fb074

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\en-gb\ui-strings.js.fun

                                                                                                                      Filesize

                                                                                                                      832B

                                                                                                                      MD5

                                                                                                                      117d6f863b5406cd4f2ac4ceaa4ba2c6

                                                                                                                      SHA1

                                                                                                                      5cac25f217399ea050182d28b08301fd819f2b2e

                                                                                                                      SHA256

                                                                                                                      73acdc730d8a9ec8f340c724b4db96fc222bb1eaf836cec69dfe3fab8d6ac362

                                                                                                                      SHA512

                                                                                                                      e10883029c1e0fbc64bec9aac0a6957a8499af255e1790843717212077926474e02b2870c5dd04b057c956b97ad4bb1747fe73e731ea61b891f4b38dd80494d7

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\ui-strings.js.fun

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      433755fcc2552446eb1345dd28c924eb

                                                                                                                      SHA1

                                                                                                                      23863f5257bdc268015f31ab22434728e5982019

                                                                                                                      SHA256

                                                                                                                      d6c290e942ee665d71e288229423a1f1866842988eac01f886910b0ec383aa9b

                                                                                                                      SHA512

                                                                                                                      de83b580ce27012a7677e1da867c91e2a42dbc6b5872dcf756ace51c2862801814665ecca997171f2e550e8b9a3de19994d2516a4e5d4d57e16c7b4b823236c0

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\ui-strings.js.fun

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      781ed8cdd7186821383d43d770d2e357

                                                                                                                      SHA1

                                                                                                                      99638b49b4cfec881688b025467df9f6f15371e8

                                                                                                                      SHA256

                                                                                                                      a955039cd9e53674395f4b758218e4d59c89e99a0c4d2a909e49f6008b8f5dd4

                                                                                                                      SHA512

                                                                                                                      87cb9c4288586df232200f7bbacee3dee04f31c9444902dd369ad5c392d71e9837ebf8b3bb0fcb4a5db8a879cf757e97ce248939e3316c6bf3a3fe7cbe579534

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\bun.png.fun

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      51da980061401d9a49494b58225b2753

                                                                                                                      SHA1

                                                                                                                      3445ffbf33f012ff638c1435f0834db9858f16d3

                                                                                                                      SHA256

                                                                                                                      3fb25ddd378ab756ec9faa56f16b76691cf6d9c7405bb9a09ce542a6f5b94e44

                                                                                                                      SHA512

                                                                                                                      ecc5eb2a045ce2508d461b999f16caba6cce55aa0c00b34bd73a33e0458795f93a77caff5026212912684164057be016f51dc57ec83821c2a1f2e27417c47b2c

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview.png.fun

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      2863e8df6fbbe35b81b590817dd42a04

                                                                                                                      SHA1

                                                                                                                      562824deb05e2bfe1b57cd0abd3fc7fbec141b7c

                                                                                                                      SHA256

                                                                                                                      7f1238332901b740cde70db622abcfb533fc02f71e93101340073552f4820dad

                                                                                                                      SHA512

                                                                                                                      7b2d95465ea66951ea05c341549535a0a939d26dbde365b212e3983e4047fa6912c37d737cb8054c41bb1a7d92586d968a0154c666572a70ebc59a4776897f38

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview2x.png.fun

                                                                                                                      Filesize

                                                                                                                      4KB

                                                                                                                      MD5

                                                                                                                      79f6f006c95a4eb4141d6cedc7b2ebeb

                                                                                                                      SHA1

                                                                                                                      012ca3de08fb304f022f4ea9565ae465f53ab9e8

                                                                                                                      SHA256

                                                                                                                      e9847d0839d3cf1039bebdc49820ee7813d70941347ce420990592e5e3bd998e

                                                                                                                      SHA512

                                                                                                                      c143a4cf1ccfa98039b73214978722408188535ee4aa3dac08a34760b94bdf6d36ad0ff0de893da5b17fd69c96a6dfb25098ab7fec219fad1a77532113d0353e

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small.png.fun

                                                                                                                      Filesize

                                                                                                                      304B

                                                                                                                      MD5

                                                                                                                      b88e3983f77632fa21f1d11ac7e27a64

                                                                                                                      SHA1

                                                                                                                      03a2b008cc3fe914910b0250ed4d49bd6b021393

                                                                                                                      SHA256

                                                                                                                      8469b8a64e80d662eec71c50513f6d295ef4a3a9992763dbcac9d81253cef9d5

                                                                                                                      SHA512

                                                                                                                      5bf93d4f4250ca96169f3d27d4e648cc5d6e00b7558a3ef32e07edcbae36dadb8008d7ba5f83ac3ed812b72c9d52730e866191b4de7a339df57b5697e00df50d

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small2x.png.fun

                                                                                                                      Filesize

                                                                                                                      400B

                                                                                                                      MD5

                                                                                                                      f77086a1d20bca6ba75b8f2fef2f0247

                                                                                                                      SHA1

                                                                                                                      db7c58faaecd10e4b3473b74c1277603a75d6624

                                                                                                                      SHA256

                                                                                                                      cf10d2a22b638cf0978cf30ecaf39ecb5bb0e3ad78cd920afa433ad60cc1290d

                                                                                                                      SHA512

                                                                                                                      a77a897c0b41f4052cb9546d4cfd6e0856b288b6b8583a86d6c7e79059a05b19cc2593599251581e79107235e9d5cd589c392bf490452be04ff57e944cd19df3

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\nub.png.fun

                                                                                                                      Filesize

                                                                                                                      1008B

                                                                                                                      MD5

                                                                                                                      e03c9cd255f1d8d6c03b52fee7273894

                                                                                                                      SHA1

                                                                                                                      d0e9a9e6efd1746bc9ccb4eb8e7701c1cd707e2e

                                                                                                                      SHA256

                                                                                                                      22a34c8321384fc7682102e40d082e7812232a9109e4d4e8fa2152fda3f260f6

                                                                                                                      SHA512

                                                                                                                      d4bd002197b725316e1f1f2dd0a70ee44a82a53ac0dafa8c6b1166343adc406e147d0c4cca30d65a32aa545f1b327c6b69c0ec1d15330af48a6faa234dc4b5ac

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons.png.fun

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      62b1443d82968878c773a1414de23c82

                                                                                                                      SHA1

                                                                                                                      192bbf788c31bc7e6fe840c0ea113992a8d8621c

                                                                                                                      SHA256

                                                                                                                      4e96529c023168df8dde241a9acdbf4788ea65bc35605e18febff2b2071f1e24

                                                                                                                      SHA512

                                                                                                                      75c8604ea65e0cdd9ea74b4802930444dd16a945da1e7f0af4a9a3762259ee9eb41ea96973555d06f4814ee2f6b73ab662c6b314b97876e9628fa5d4536e771c

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons2x.png.fun

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      bca915870ae4ad0d86fcaba08a10f1fa

                                                                                                                      SHA1

                                                                                                                      7531259f5edae780e684a25635292bf4b2bb1aac

                                                                                                                      SHA256

                                                                                                                      d153ed6c5ea8c2c2f1839f8dadcc730f61bd8cd86ad732bab002a258dea1d037

                                                                                                                      SHA512

                                                                                                                      03f23de6b0ae10e63c41e73308b3844d49379c55d2df75fa1dc00771b26253d832c21081d8289f04260369df996e31273b7c0788cf3b5c78a27ec909f14a283a

                                                                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\nl-nl\ui-strings.js.fun

                                                                                                                      Filesize

                                                                                                                      848B

                                                                                                                      MD5

                                                                                                                      14145467d1e7bd96f1ffe21e0ae79199

                                                                                                                      SHA1

                                                                                                                      5db5fbd88779a088fd1c4319ff26beb284ad0ff3

                                                                                                                      SHA256

                                                                                                                      7a75b8ec8809c460301f30e1960b13c518680792e5c743ce7e9a7f691cfafc38

                                                                                                                      SHA512

                                                                                                                      762d499c54c5a25aba4357a50bb4e6b47451babeda84fa62cfbd649f8350bca55204ad002883b9147e78dda3dbabaae8da1dc94b716204226bb53326030772b7

                                                                                                                    • C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt.fun

                                                                                                                      Filesize

                                                                                                                      32KB

                                                                                                                      MD5

                                                                                                                      829165ca0fd145de3c2c8051b321734f

                                                                                                                      SHA1

                                                                                                                      f5cc3af85ab27c3ea2c2f7cbb8295b28a76a459e

                                                                                                                      SHA256

                                                                                                                      a193ee2673e0ba5ebc5ea6e65665b8a28bd7611f06d2b0174ec2076e22d94356

                                                                                                                      SHA512

                                                                                                                      7d380cda12b342a770def9d4e9c078c97874f3a30cd9f531355e3744a8fef2308f79878ffeb12ce26953325cb6a17bc7e54237dfdc2ee72b140ec295676adbcb

                                                                                                                    • C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\invalid32x32.gif.fun

                                                                                                                      Filesize

                                                                                                                      160B

                                                                                                                      MD5

                                                                                                                      580ee0344b7da2786da6a433a1e84893

                                                                                                                      SHA1

                                                                                                                      60f8c4dd5457e9834f5402cb326b1a2d3ca0ba7e

                                                                                                                      SHA256

                                                                                                                      98b6c2ddfefc628d03ceaef9d69688674a6bc32eb707f9ed86bc8c75675c4513

                                                                                                                      SHA512

                                                                                                                      356d2cdea3321e894b5b46ad1ea24c0e3c8be8e3c454b5bd300b7340cbb454e71fc89ca09ea0785b373b483e67c2f6f6bb408e489b0de4ff82d5ed69a75613ba

                                                                                                                    • C:\ProgramData\Microsoft\Provisioning\{33d78dbc-3db7-4398-8533-000d7c02e5d1}\MasterDatastore.xml.fun

                                                                                                                      Filesize

                                                                                                                      272B

                                                                                                                      MD5

                                                                                                                      cbedb0911fdd4d66adc7bef7e898b2e4

                                                                                                                      SHA1

                                                                                                                      563eb113d2b1064f45f594ee6f697c25bc6862d5

                                                                                                                      SHA256

                                                                                                                      d117f7dff2b8d650108c43c9d2d7ffdf0452723f8996d74283a3e9bd29587f68

                                                                                                                      SHA512

                                                                                                                      203b347e01e67f359ae40f42b6f472f036489e9a456f2b4821fc6409fedc0502d2cfe890dd922cd32f80826f9e026f4e1023e781888ba2112287468342e7f529

                                                                                                                    • C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\update-config.json

                                                                                                                      Filesize

                                                                                                                      102B

                                                                                                                      MD5

                                                                                                                      7d1d7e1db5d8d862de24415d9ec9aca4

                                                                                                                      SHA1

                                                                                                                      f4cdc5511c299005e775dc602e611b9c67a97c78

                                                                                                                      SHA256

                                                                                                                      ffad3b0fb11fc38ea243bf3f73e27a6034860709b39bf251ef3eca53d4c3afda

                                                                                                                      SHA512

                                                                                                                      1688c6725a3607c7b80dfcd6a8bea787f31c21e3368b31cb84635b727675f426b969899a378bd960bd3f27866023163b5460e7c681ae1fcb62f7829b03456477

                                                                                                                    • C:\Users\Admin\AppData\Local\Drpbx\drpbx.exe

                                                                                                                      Filesize

                                                                                                                      283KB

                                                                                                                      MD5

                                                                                                                      2773e3dc59472296cb0024ba7715a64e

                                                                                                                      SHA1

                                                                                                                      27d99fbca067f478bb91cdbcb92f13a828b00859

                                                                                                                      SHA256

                                                                                                                      3ae96f73d805e1d3995253db4d910300d8442ea603737a1428b613061e7f61e7

                                                                                                                      SHA512

                                                                                                                      6ef530b209f8ec459cca66dbf2c31ec96c5f7d609f17fa3b877d276968032fbc6132ea4a45ed1450fb6c5d730a7c9349bf4481e28befaea6b119ec0ded842262

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                                                                      Filesize

                                                                                                                      40B

                                                                                                                      MD5

                                                                                                                      a2a5a496e6fc2119942a7db2226b850f

                                                                                                                      SHA1

                                                                                                                      55e0fa7c3dce3c8e501f0a9444c3b33ae9adb696

                                                                                                                      SHA256

                                                                                                                      3c6eeecb944dbd9e94d218ec54476866ea8218c8934aeb60c151912796b12b94

                                                                                                                      SHA512

                                                                                                                      7b2a5c5f3db34c021dc9617a7b7befe52f6b4cf275e0c50bf80c3b560cbb6111c51a3b18ef294cbee34dffb4fdb05d0446a34f06f7b7bf1554571ef937b618b5

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

                                                                                                                      Filesize

                                                                                                                      171KB

                                                                                                                      MD5

                                                                                                                      a7212b17c9b1580c641ae61b1edabb6b

                                                                                                                      SHA1

                                                                                                                      dd4523db2d332de087f60537570704628021ea75

                                                                                                                      SHA256

                                                                                                                      8b1f32eea3a8ba59026e694517be711b797741b61041b4007eee1fca9921c956

                                                                                                                      SHA512

                                                                                                                      f23508f44fd572e6fce8047b316845a6c4bb425ff6931cf8dfe5a61a9640b1b6ec4cab59cfa3f48a7e95c044a65be610668a21de95e41cbfe22b1fb21a9c8bf8

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

                                                                                                                      Filesize

                                                                                                                      26KB

                                                                                                                      MD5

                                                                                                                      4dc641b7875e8bec721b551a631a7179

                                                                                                                      SHA1

                                                                                                                      a81d80d3c4c3f3a6380ebb82c7dd45412e0c37ac

                                                                                                                      SHA256

                                                                                                                      8e04da1a65a4ce18583d41d5b8605c6f2d0e5591193b50365178e941613e1076

                                                                                                                      SHA512

                                                                                                                      8cba1a7455ac7c3a7f753d203ff5773fe0ff8a1a17c0a1a21c002b3278bb08f1eb1216fa7fe60c51f8d62b8e7f6ee2448a1283a540120399384684bd65bc9480

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

                                                                                                                      Filesize

                                                                                                                      36KB

                                                                                                                      MD5

                                                                                                                      c2be1bcd6160b48f42272f8bfb9b8c89

                                                                                                                      SHA1

                                                                                                                      9196077ea8e7207cb70f4d651e5642190953afc7

                                                                                                                      SHA256

                                                                                                                      911afe357caee5bfed91a0547ec9981af95fbe934194fba5a86e53d8b315ebf3

                                                                                                                      SHA512

                                                                                                                      ab6715261655e0e8227ca7cfc609db4aa981431efdbc19a11607b9dcdabb34e0a6b73cd61c7e7da851d4a864313e8e8e8fd54f7d7ce01c5f99c9f2aa996c7a9f

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

                                                                                                                      Filesize

                                                                                                                      20KB

                                                                                                                      MD5

                                                                                                                      52aa9aff1e2f7305cc31091ea630b296

                                                                                                                      SHA1

                                                                                                                      0527727d599cfe9f687a7a038211576a74cfc6cc

                                                                                                                      SHA256

                                                                                                                      ae2d6a4f415e5f0dda5b3616027c920b564100e9497e821eff325bec121cb3df

                                                                                                                      SHA512

                                                                                                                      9a051bddf1e209371a3e9fbf9d4c6c523fc4f4bb3c89fe70567b0544883a6369dfa050b8b120a1864c79b40309e00b87ca7010af04ae1f47ecd4e422c47d2db8

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032

                                                                                                                      Filesize

                                                                                                                      424KB

                                                                                                                      MD5

                                                                                                                      248fc66f35d4513349c31f43fa40bae5

                                                                                                                      SHA1

                                                                                                                      1f93fc42af046ce9ff84b5ec8ed411d5d48b9f15

                                                                                                                      SHA256

                                                                                                                      7c6f488ff6bd16f08eb37c793f99e6bd34e29b1d417046a90b744e069b9757fd

                                                                                                                      SHA512

                                                                                                                      82ad2cc3037c7e678f80f1c5c3bdada9ef51322aa440a4ff87909e0a647751cd27f245999705d201f98d83576f31a4a56ba0c0de0ef43cf9e243db98b4971363

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

                                                                                                                      Filesize

                                                                                                                      399KB

                                                                                                                      MD5

                                                                                                                      2134add7ef67279102df03042f46423f

                                                                                                                      SHA1

                                                                                                                      00f19fd39ee39b928216bd2e0ecc0f1de8609d2f

                                                                                                                      SHA256

                                                                                                                      467359e02e0abe3fb394820067317266124b166917c8d917752d1da1ce7d4e1d

                                                                                                                      SHA512

                                                                                                                      452ca27200b8a441d5d3909ad730ceaee74958655af0d2cee531794779682e4116b434b774432da5405974e61eb251ba45fdf38ea4cfef60380d461457a2e23d

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045

                                                                                                                      Filesize

                                                                                                                      198KB

                                                                                                                      MD5

                                                                                                                      319e0c36436ee0bf24476acbcc83565c

                                                                                                                      SHA1

                                                                                                                      fb2658d5791fe5b37424119557ab8cee30acdc54

                                                                                                                      SHA256

                                                                                                                      f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1

                                                                                                                      SHA512

                                                                                                                      ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      3KB

                                                                                                                      MD5

                                                                                                                      cef5ec489accfdccd61cde836912a518

                                                                                                                      SHA1

                                                                                                                      96b8676f877d0411b492c96c7e6e27ceb4a1bb6c

                                                                                                                      SHA256

                                                                                                                      f572fcdc372489052df6bd1d65e253e153eee7cb4840dad6dcc5e2cc3e284fc2

                                                                                                                      SHA512

                                                                                                                      0d93f6acc733b0147e433efa4e03edacd2c5f57b47b07e1474c6badde52f28d15aca7ae2a88acedbcfccbbe79a74c0a565a672f20d98c4c96f28504067d8bf67

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      3KB

                                                                                                                      MD5

                                                                                                                      f04760fb06b10355c2326b1677345566

                                                                                                                      SHA1

                                                                                                                      d7f6c21702b73f6ecc11eaa443f46c247d69833e

                                                                                                                      SHA256

                                                                                                                      00a33c6299df571b0b54e32362253b239b712e2a3a0e4bfa64254b09448806bc

                                                                                                                      SHA512

                                                                                                                      8244dea6f637d4598aede241bcdd6fd70ace48ea432cd81b596981d807bc9a87d96ea8a6aa935595f646ebe5ad27a62cc7327c3ccb4391768706433efd98adba

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      39ecb83edbd84986c2067750206beb0c

                                                                                                                      SHA1

                                                                                                                      a4a58feb9cd8013262fb152458ad50b54cf112db

                                                                                                                      SHA256

                                                                                                                      05ca86f0269815403870d790d37f2391962f18459c0b6cd8aa02b93d2c518c1d

                                                                                                                      SHA512

                                                                                                                      60b4a9b878f2df47638971d94926bbee24e676918175555cf98b44200894b5f6023b84fecaad2a434317142edf866c37e607ca3dc01e98e010638a71d60c6728

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

                                                                                                                      Filesize

                                                                                                                      264KB

                                                                                                                      MD5

                                                                                                                      65652a9e2565a6f5ab12cce0486e305f

                                                                                                                      SHA1

                                                                                                                      5d5a818705b58d0aa1d6e1825171a5b590cb58e0

                                                                                                                      SHA256

                                                                                                                      9ab1b9ec5724d748e1012c2326dae04e42881a3a5dcba9f14be9600c54fb6833

                                                                                                                      SHA512

                                                                                                                      31f8a02f60e145e6e2862c5b8a954c3f07372227a0183887d82ec3b402f5e4a2812bef519b926d3d0bfc27b45379cc5ea14a94649d79de9e5f0ee25c065718a6

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_660f7f48bdc9333affc4955f--venerable-swan-7e5eaa.netlify.app_0.indexeddb.leveldb\CURRENT

                                                                                                                      Filesize

                                                                                                                      16B

                                                                                                                      MD5

                                                                                                                      46295cac801e5d4857d09837238a6394

                                                                                                                      SHA1

                                                                                                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                      SHA256

                                                                                                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                      SHA512

                                                                                                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_trs-cdn-akm.playtika.com_0.indexeddb.leveldb\MANIFEST-000001

                                                                                                                      Filesize

                                                                                                                      23B

                                                                                                                      MD5

                                                                                                                      3fd11ff447c1ee23538dc4d9724427a3

                                                                                                                      SHA1

                                                                                                                      1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                                                                                                      SHA256

                                                                                                                      720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                                                                                                      SHA512

                                                                                                                      10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\0c952a8a-bdea-4afc-a109-bc78024a6ee7.tmp

                                                                                                                      Filesize

                                                                                                                      3KB

                                                                                                                      MD5

                                                                                                                      17a9ea0c99716395d95979ec8885fddc

                                                                                                                      SHA1

                                                                                                                      337fe88dbc8d353d7cf63cb2899506fd7294c10c

                                                                                                                      SHA256

                                                                                                                      e04ef38d1a0fdc33a7d6ee46fe497fa477fd1b447f6b82dfd455442212e63171

                                                                                                                      SHA512

                                                                                                                      3e182e72ee28845909b91f263e5265a258871669f2386e12f2b72955232b4549a6f1631e932ebb086273f8b0266ca33f6f787f0c6ed36cdd97323554e3b7e89a

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      3KB

                                                                                                                      MD5

                                                                                                                      44eb23bb755a71f6661f654bbd0eec6f

                                                                                                                      SHA1

                                                                                                                      035e15c5cb698de79df3a05999a5dbe79123f28d

                                                                                                                      SHA256

                                                                                                                      ed8c6b962d4e533005c02e97b1c3f136d3f02049450bb02811a1f28e813a8ca3

                                                                                                                      SHA512

                                                                                                                      24976e8cdc614c133d9524055f44db0274cfde7ead21f7685197d13eb487cf1b2f623d391370c18a1210e34ec9926440d32c691bed5ef55506535eaa3b362a64

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      3KB

                                                                                                                      MD5

                                                                                                                      950a58f1a9e6b4acca23a2537340ea90

                                                                                                                      SHA1

                                                                                                                      7bf695bd9de182fe4f65ea760bc5e7335a9b2669

                                                                                                                      SHA256

                                                                                                                      cab4c419db2e29856a1e83c2e0405e22a0bec5358b420fe7dbd6a72ba99cb138

                                                                                                                      SHA512

                                                                                                                      bbd2a11ed74b83fea97e56e92d2bed7a80b72f0a295401b22a0be36a3ceacd25543234bf9e6e47b43419fc98b7990b577a3e142feee1c090b842b173e476fdf4

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      3d438f7fa8fe3f6bd6f665626e16369a

                                                                                                                      SHA1

                                                                                                                      6fa7b5363356cd861e111c8d058b8317f3adee88

                                                                                                                      SHA256

                                                                                                                      8eff9157abaf6648f564268d3e04c5d79c506fce596e0adba893f3c4f2f3b90b

                                                                                                                      SHA512

                                                                                                                      cc94a09fc69e00d9eb0a7797a6588677e41125ab0a08021aa984fa55816bdf6d0286b1565cff7e84ee1d6f6111fb7f69dcc9d15fb2e0acbd6dbfb243b69f9456

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      65ce86cfb8074652c490d3874fa2a7fb

                                                                                                                      SHA1

                                                                                                                      89d8de1173da1e3a62f7c9b90b8418eb6d01018a

                                                                                                                      SHA256

                                                                                                                      d131309fa8a0c1ea68fdd3979b6793e88643781374b3df79bac856e231c33c9d

                                                                                                                      SHA512

                                                                                                                      0ce0ad8cbf3e57ec528c9bd01b920320a7c24ae97f62546cbba5f232ddd4c40cc6786044e5b6d2f1f13270b3f0af27bb0b560e9dfea6906ae0bcff0e3a4d41e7

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      3KB

                                                                                                                      MD5

                                                                                                                      84a22a4841b94fc9655b0cb2f7ab3816

                                                                                                                      SHA1

                                                                                                                      9c0afbb4cba8012671c827fe5d46f8a158971e0c

                                                                                                                      SHA256

                                                                                                                      f4b9f59dd5bf8c0ccd0b8162dcf84863b30b88a453c705d13f2233a080a8a225

                                                                                                                      SHA512

                                                                                                                      e509f03095741590b581b792a3ad721378afb60cdd71bbc6ade7b138e126275a59930008dade2cb9b712ea913167f4735605df777e10cbf7b145314c24532f7e

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      535B

                                                                                                                      MD5

                                                                                                                      c2bb62078380b6eef6617cc3f0959558

                                                                                                                      SHA1

                                                                                                                      af859ed942245af67fc415413f7786f3a0093d20

                                                                                                                      SHA256

                                                                                                                      89eca63cf949461db3aa1a445c59ac44e87d464399d8af5218abd34787134324

                                                                                                                      SHA512

                                                                                                                      92ce95eee3a94270c94990c06441960272cae8633b63ac32b0cdf56bdc44a5342a994af447ea318dce76322b43c586cae1b4573d2258345409b3df6372e39031

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      866B

                                                                                                                      MD5

                                                                                                                      2515304bbeb0f701bd7c59b538032309

                                                                                                                      SHA1

                                                                                                                      90120c767fca8115cffdf81627b2c6a88cd19af0

                                                                                                                      SHA256

                                                                                                                      9670258df75f3f996ce1f31e4a17354116f23ce0e10d9ad69934eb69220d837f

                                                                                                                      SHA512

                                                                                                                      09c27b8f33c0f16ebaa4e59ab4608ec652e58114412357d9a5ae1528b4c1ea1364adf51560089abef7eb0c5a43053d57c09f09840e3bfae339d5f17ba60b85df

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      43ac5b1cb5c88ee8316f30473e5d6087

                                                                                                                      SHA1

                                                                                                                      c8b8e054b8d26ae932c8b8674909778fd6d54fa3

                                                                                                                      SHA256

                                                                                                                      cdb2e565f83694efe1e9b1ec15994032720eb5611554e9536b7be692a39575e6

                                                                                                                      SHA512

                                                                                                                      a0deef30fc26c665ae602c6f85a8e478182d759204e7ab512d360254fbce9bc6a2cff0925c12c6ecf64d94a21961edba54fd5af4f420002e472f3e5ad0cdcf96

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      f63d922df4159d9810fb193728902237

                                                                                                                      SHA1

                                                                                                                      0abee066023b12ee5e06f3cefc0d2750749a7ec6

                                                                                                                      SHA256

                                                                                                                      ed1c39a531767e91f5295d9f94a4181f3cdc8bccb6804f58ee45ca17d94cb89d

                                                                                                                      SHA512

                                                                                                                      e8c88397b612c78fa469a95d7874091cac3a70a64f8c3333388ff975d73b09faf5f69571760a6fe3d09733c81218dac0bc07856646103205006711f6aa96e362

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      ca0fa72310a136965a8052c2800bc031

                                                                                                                      SHA1

                                                                                                                      cf0e927bc93a5c1f5b60e169d2c7d1624035fb7c

                                                                                                                      SHA256

                                                                                                                      056ec1f1feef37a50cc164f9f9740ea735dee3d648da8efbe48bbf4ed99277a7

                                                                                                                      SHA512

                                                                                                                      d68f1ee7d9f9e3b5ebde791147b2a062d42e643b76cf86387518dd1c096d2c98b1b769619908cabc494ada8c4ac04a3b8ef1d2bdf09665f9eb7a8c14edb61d4c

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      608fb0d95820445e10337587e1097666

                                                                                                                      SHA1

                                                                                                                      934c4f2cfa9d1f93e536be7597d93aba40a9bb9d

                                                                                                                      SHA256

                                                                                                                      9a98eb35e437ca01f46083b403d975f4371d1e756c7d0b52d3a5b26e0973de05

                                                                                                                      SHA512

                                                                                                                      ba77b72885ed6b62a1feac69931ffaaa3b248eb145c5f81f2ec7d7e2d1ad4e2f116446178c7b727ea84e86273926d4b59bddccbe0aeb26f405c46da9895e17a2

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      63356e1476b39c91a9a7922fd97450cd

                                                                                                                      SHA1

                                                                                                                      1ec1255f3047449d9f3d1765300650494df0781d

                                                                                                                      SHA256

                                                                                                                      857a93a3d5a96a4c9fdf76760d67b0da0e6889a1d6c83e018cb7a08abdd0e8ac

                                                                                                                      SHA512

                                                                                                                      a4ade50a54722426066d9aeb79caf6dc30e421d785348a3473c22c7e8e69cc0c20c8788834c0a9c9af4d567d679da185ab82421f4666b84cd64b8d8aa6c88aba

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      259b65ccd179e993c4fddd4737d526ce

                                                                                                                      SHA1

                                                                                                                      31784359366829f7a7230b1e296c10baaf6fa538

                                                                                                                      SHA256

                                                                                                                      cbb4845cca6d7644406c3367bdd3ef62af26d4dbf4b53f3fb3663539e529c1e9

                                                                                                                      SHA512

                                                                                                                      6abaaf96b077bb3cf1682091ec2912e9334b2332986471fb221b6c94022096fb5017db71404cfff3b6195338544ce0660267f0192378fbcc1487686d2e8f0a78

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      b38520d88e9e7359f49fb5537178774c

                                                                                                                      SHA1

                                                                                                                      71d708f5951a808b8b3c032a3ec082b8380a13c4

                                                                                                                      SHA256

                                                                                                                      548ac4f9153036f4621361d12acfaecea396902b7f05ff20edbc032c1ca2554e

                                                                                                                      SHA512

                                                                                                                      31149ee265de51117f8ae79b41d84747140a611c2c380fc9ac6375659aa7650b634450fa23a426f49c7741ca011334588921286a4bebcc7bb188eebbf70e51d1

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      bc516043020363a315a3ee9be8d85f62

                                                                                                                      SHA1

                                                                                                                      4822969a62867f2d9f95465f74a1283a63299950

                                                                                                                      SHA256

                                                                                                                      0230d567d0f306c4ba238f74fd2b9334fcf0b9493e00cce5ff10f88db2c03ac7

                                                                                                                      SHA512

                                                                                                                      174a58ac01ad7b8211a5d85e4408dd5ca512ec834f67223b4194b05ec4b3bfcc9418c42064acfc56de90a26ed3d6c55983dd6533ec966f57078b8a8499c0112c

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      958c1e8d0457c2979b6d8a9cc580f910

                                                                                                                      SHA1

                                                                                                                      facc8f2ab82369f12e3b0e519b184980e42e37e4

                                                                                                                      SHA256

                                                                                                                      4881ebdfc43114a82bb51775d71d44397389b387fb9f53dbff141881c1ce5f20

                                                                                                                      SHA512

                                                                                                                      7a3c21df80afa155a8cdac120f971c096d5c4b69389c56c482f5cd8b4de0ce3a89a2d84b901313910b60880c28c1a153309ad67356b74c8b3fecf4d46a6d8f72

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      68ac88c308af9a2f5923eb5779e80e9b

                                                                                                                      SHA1

                                                                                                                      ab2d1ba9f1ff489b55f9514946e3805566d6f79b

                                                                                                                      SHA256

                                                                                                                      d61acfe6f09283dcfb8c671baa41641cd26934589d34f561457a928fc07685fd

                                                                                                                      SHA512

                                                                                                                      a41fb28b8b4e6bf0cb7e4b4e241a5f6406f33edab1d15f59849a312ab0e61a547b770f20b6c2b92afea1889a68c3ba4b2894e2b465d691f88f9d5d16527da7b6

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      a601c5a235bd7ddc87008ce541bb8709

                                                                                                                      SHA1

                                                                                                                      2548403f0f6d68257d31b5f16360c033aa05ea89

                                                                                                                      SHA256

                                                                                                                      e1cee5258a7c19343df175bba6086f9dccfb4d31e0991dd19aa261bea7306571

                                                                                                                      SHA512

                                                                                                                      7348d64026045c68e8926c5a032ca0031a53b74ac87efe10ffe29a7dfdb04f2f963d48b6e9155fbbb78ecc25f9e74bdbef21ad37d8cf939cc3c67525aaf2cccd

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      83dfe4aed4fb8c05ea52cd763c4dbffd

                                                                                                                      SHA1

                                                                                                                      7d4775ad49bcff65231f77c8757cc3dde24b400a

                                                                                                                      SHA256

                                                                                                                      1aa1b719413d189636234e0111508a7f8c12e8ebf50c13e074b2f659d85d8fe1

                                                                                                                      SHA512

                                                                                                                      a6ca3fd8d86ce46e5a4490558f347568b0dfc90f4f5f048f431e233b344c58228abcf1641fdd0501aaada0b61f432672539cf1e05952e9567683aba96997eb8d

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      65b6047a6deb00623da7c8990d7bddc8

                                                                                                                      SHA1

                                                                                                                      c07610d33024e76ca4cab2971bfbc631b017df7d

                                                                                                                      SHA256

                                                                                                                      3f886e87ec6922cb55e7431e2f1b3ebcaf5cfbf69068b33075b6d04141edd1ff

                                                                                                                      SHA512

                                                                                                                      86b6cf24efaf4321d46ae193776a9bf2ebf36a8977fc2f85ad9cc3f793b6d3ec051515e77952398531c592269e79b410b5beabd05453de920e82228c95505f0d

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      5KB

                                                                                                                      MD5

                                                                                                                      75a3c8293a48a3d372f9fc90cf68b8d1

                                                                                                                      SHA1

                                                                                                                      18fbf5e3bfb13419379ff5f7acbf75351681c136

                                                                                                                      SHA256

                                                                                                                      b3fe0c62afbc159f8bb1cf4052ffbcaf3f3605aa6dc79c3ac5f14c1944c05343

                                                                                                                      SHA512

                                                                                                                      d3d6e330bb26006887d0aaf3f10a4b27f3cd625b3c5c9e73d8d99265323e5653d4b3a9ea86607b4f02a3ea8e227a47b559dd327be51f572960a162d0cf54c387

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      4dfc22a8531a8b7b02f5da51ddd1cedb

                                                                                                                      SHA1

                                                                                                                      92241040fab8a22d80f09c6d25a6d9ce0128d0c6

                                                                                                                      SHA256

                                                                                                                      833b5d164501c0ba58a96b38fdec1681b0e22d61871762ff57268af72eae24b0

                                                                                                                      SHA512

                                                                                                                      6847c0a9c45bbf5cfd387e9cc4af0cf87452c962670360d07915de4b3d5182bd4bd536887e46fdaa3f41010bc9bfca4f10d93968290ceaf62720b1c7a1429a34

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      b790cdb55c7f5d0fc2aeda9351e6a16c

                                                                                                                      SHA1

                                                                                                                      ffb70000b8e6ec2f491a34cb1fef886204f7d8b3

                                                                                                                      SHA256

                                                                                                                      63ae0ab190e451bb9e12115303c42ed9d0901535e520d1df2d520e9a3d37d71f

                                                                                                                      SHA512

                                                                                                                      9c16768ae597999a6f7200a7bd591c26ac34cdadacd94b57846beff99e66662bcc17666a27e00705fe375f1c73c1b5b11ec21341776cea5e4dda6b5a56d59e08

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      9892196b1b28d279e698fc699848152c

                                                                                                                      SHA1

                                                                                                                      0f3cbc626500574fde8490b05bcdd27262691c05

                                                                                                                      SHA256

                                                                                                                      845cc593830242d0d03763ea293ca140cd65272feb72d4194c86d2a069e95d36

                                                                                                                      SHA512

                                                                                                                      a880c952860b551111179e5979358280dd8d57a2b59bb6fd1b53da8968a6bd3384b11f6fe635e63a23c3206a26d84e6b818f8ba0f80ded5dba9ea4473c809712

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      e0c7f0cbfa3c4b5573a41584369949cd

                                                                                                                      SHA1

                                                                                                                      3f9a3421ae59be3b96d47aea9009f84a54b5c61b

                                                                                                                      SHA256

                                                                                                                      b6d23207f50da7818bcb3387edcfc3ae71a8c5cc1126c298c37dec6627f5a8ec

                                                                                                                      SHA512

                                                                                                                      b3a3bdeb998dbf3e33c0497abd987724e5a86a8198646e9a6f5509a8865734568f2d284518cc4f7dfcb48dc8f159ce1169bc380164e656bcdb4171f926efb855

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      9af890fbf7a41397e50d40262b9f786d

                                                                                                                      SHA1

                                                                                                                      39f00308337f430ebbd41cccadb9bb82f3287a1a

                                                                                                                      SHA256

                                                                                                                      0ee59b5a58d0da506b7f9e84bd8176859be4ddaa74f72866b4b6667f48907474

                                                                                                                      SHA512

                                                                                                                      d8ad4110d92e973f496799c2c1e512e6b325499721daaa05bcedb5630ed0e96a56815f6400936bb40d427e126f810c02080cbb137112dd678ac3d457d9995657

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      45fbc4619f04dd828cdf791762c0200e

                                                                                                                      SHA1

                                                                                                                      ec94f30db110ed572c198d726737304328825416

                                                                                                                      SHA256

                                                                                                                      2ec6aa03c14427ca6095f29688a660dc563ce43091cad63d85fd63d23f97bc7b

                                                                                                                      SHA512

                                                                                                                      ddc47e20d2943e0adcfeb4cdaa291c465ebf1fe2f986c629bf2bf5016d775de35027a63b37e8251390bdd0eeb279045ebc177ea44843086292d7322f0ed6af82

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      86497ad154e7943c07170ed85fbf05b3

                                                                                                                      SHA1

                                                                                                                      35f36f7daee0cf9e467246008c0b4f8109d3d636

                                                                                                                      SHA256

                                                                                                                      a233e87f766cc425b7a92bbcebd7ba85dd305f3f6f1669ffbaa023da84dc621e

                                                                                                                      SHA512

                                                                                                                      26cce1fa919593286d00085ce990d6230df65df875b98a058f47ec619a377dca3b52c80d2b4a281a62692f3060e774210a23db38ba7f6fcfa06534558ac6e6e7

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      b524aab2ef4b7d8b59647fb650210c49

                                                                                                                      SHA1

                                                                                                                      484f0a61dc2c74a906a118fce6c9a781669f860c

                                                                                                                      SHA256

                                                                                                                      633de2f9d3d06672a68788d3d104d03146e156339e006aed46b34301727460e7

                                                                                                                      SHA512

                                                                                                                      42d9b297b1149750d1501a4249b0989095167e2c7768f2a5b712ee951f035cb8654b6b5f80f421fc78f64b0af7fb6eba99db9ad2fb200f075053d32914578f76

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      1ffb5944a38363ffd84a0ae8c2db18db

                                                                                                                      SHA1

                                                                                                                      b8055b8bbb69ba9e1cad3293baf656b4ed625a49

                                                                                                                      SHA256

                                                                                                                      8d37aa9132205af786d50074dfbe00980199a04d3a1717b1752ad5eb1e3631db

                                                                                                                      SHA512

                                                                                                                      92bb2c371b49e4e222ba4c3d402fc8f07c0628765760a0e6cc13fa1e6b0473f4cae8df884f73910084fd8d34c2a02ad9e0b44a630289600e932c6203e0e430f5

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      8bb983e83b88f9c2707ea16691634624

                                                                                                                      SHA1

                                                                                                                      e69905c12220fe5c0ccb375ab252d03293ed6090

                                                                                                                      SHA256

                                                                                                                      65a7a72fa68997983c6bcd805e069e0146f4cd514cd0137507764bfae69df94c

                                                                                                                      SHA512

                                                                                                                      2a319e7bd116344d0fa3e65f558bb4d42d8681d4a5e2d098b340db0be3ab3842bce1b6495cc2635a0272c53147adabd35ee0c39d944c8f83b4af8d6e4fe1f1ab

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                                                                                                      Filesize

                                                                                                                      12KB

                                                                                                                      MD5

                                                                                                                      66b18a3dec1fad2d4074d7aa29db8085

                                                                                                                      SHA1

                                                                                                                      c78ed7667f72d98ef532aae453be9a6b6102013b

                                                                                                                      SHA256

                                                                                                                      5cce1934a4c14935cc17316534f371137c63d2ca4ebfe65fa05def4854c3f73e

                                                                                                                      SHA512

                                                                                                                      9dd83d5faa6f874b387095be8654e1dec10093cd6052e9d16df59ae53ed2f7141581f5c8f0ce9bf27232b17f2d9c1d838cbebfe7a75f2abb5a09fb363157d105

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      270KB

                                                                                                                      MD5

                                                                                                                      7ea6142b5585d9054de1b5b56d9b05a8

                                                                                                                      SHA1

                                                                                                                      b7902fe7faf9b2fa0d466b1d6e0a0353129ea050

                                                                                                                      SHA256

                                                                                                                      b137a91ea1aecdb02103a8c578cb1d3a576bd3256d43f21dfdb52226db37076a

                                                                                                                      SHA512

                                                                                                                      2ed29d6166c7b2772110a13d95912c831883694535200e7e63274cb8110815614c55c8d8e19a22884db672269432ba3420379bc57d564dbb1817353a8e149fe6

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      270KB

                                                                                                                      MD5

                                                                                                                      fdfd42ce7828b96ab6ea6f00332bd4f8

                                                                                                                      SHA1

                                                                                                                      2555dc6c6f6bafbe7ada2484e3141ef33e19f521

                                                                                                                      SHA256

                                                                                                                      05a2038a9e7f56863d71b82b10868c03e0c4e8cf743e67dd7423ae1f0486ccf6

                                                                                                                      SHA512

                                                                                                                      91672b03e52a7c578faa13fbd47d18eb667df7496f1379e094e6594d78162f4b8a0ed83b157f4d988b3bcebc30c38e249a178279e8d4a0aed1883773fb335791

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                                                                      Filesize

                                                                                                                      103KB

                                                                                                                      MD5

                                                                                                                      269bbab95bfca8d140a9ddc0c7c47d9b

                                                                                                                      SHA1

                                                                                                                      e080c660c2c9c8f4e05b4983d4cf700840bbd9f9

                                                                                                                      SHA256

                                                                                                                      31fa62672617cafd3a8dec089b49dca44e17b7e0c4a4db244156b2cf1badc1e3

                                                                                                                      SHA512

                                                                                                                      d8d0f88e7342cf5e54fa526beca59f251b6d480390c351857ae0d442a79c506a0736d0bed40ad0b9438df38b803633de4e83335c89f8a540fd00ffa0c2ae132f

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                                                                      Filesize

                                                                                                                      93KB

                                                                                                                      MD5

                                                                                                                      d19f31ea602df88d3105067f3b097cd2

                                                                                                                      SHA1

                                                                                                                      6dfab990246b2c7a1ab50a037eb65da02f3132a0

                                                                                                                      SHA256

                                                                                                                      34d08151f755d5dee6ecc18fe703d9650c126653d6aa42b618b1be7136a227ad

                                                                                                                      SHA512

                                                                                                                      6b18238ddaf60e1ebd50c61c8057746d59c6d35062d147540dd63e03158d82897d4ba8c02c1dec246b000f330e8b88940c83aa0caf219b0d7fac1d13b59f22cd

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                                                                      Filesize

                                                                                                                      108KB

                                                                                                                      MD5

                                                                                                                      fa6c55c7bb6d2b257bccc16156876617

                                                                                                                      SHA1

                                                                                                                      9673c7f9109c7412b706bc388c7a24943b55dc86

                                                                                                                      SHA256

                                                                                                                      43a433bb34444587ea1f7a103203ab76b1be4ee90f21342be0f5a15998c8f1f2

                                                                                                                      SHA512

                                                                                                                      07a62129deda87841bf39045baea2f955495af68c9a159e56ae9f383d7570b5e3fc1d09d67ce5e5c9557e52da1c4781d16146bdfc194915f16198c7dcd89635b

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                                                                      Filesize

                                                                                                                      108KB

                                                                                                                      MD5

                                                                                                                      5f8f4905a025f88acbade33e8a157f45

                                                                                                                      SHA1

                                                                                                                      e5be961623c10f19659820dc4c68f2debf4c2927

                                                                                                                      SHA256

                                                                                                                      6dfcbccde2b9fb32193620d416c1fd5e121f013d85385f6563e41ea595da0984

                                                                                                                      SHA512

                                                                                                                      36213b46bc34bf3a82ef03294dc9729e79ee19c3bfa670c44056d95fc1b391b374c7a6c13a8a2afb823c348b3bb6a651a7aab3854ad08bb2c3e9f3c851f9f28f

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5bfa4b.TMP

                                                                                                                      Filesize

                                                                                                                      92KB

                                                                                                                      MD5

                                                                                                                      21f9c4c5ee2293ece65aae393d8487d9

                                                                                                                      SHA1

                                                                                                                      869b0eb1288fb4a80c8526a1188fedf9aac02e15

                                                                                                                      SHA256

                                                                                                                      4e45c99f768218c9714a734142045f073f7ac4954084093108d090f0981dc47f

                                                                                                                      SHA512

                                                                                                                      c0b17552b0d2c2b0c9e3b7f01986fbb35117a740915ad900f5f16c421971bdb7b1f8f32ee5b020c66c570513bc4457dcdd1c86d8afe7cdd82058974e8010e5f6

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

                                                                                                                      Filesize

                                                                                                                      2B

                                                                                                                      MD5

                                                                                                                      99914b932bd37a50b983c5e7c90ae93b

                                                                                                                      SHA1

                                                                                                                      bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                                                                      SHA256

                                                                                                                      44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                                                                      SHA512

                                                                                                                      27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\svchost.exe.log

                                                                                                                      Filesize

                                                                                                                      404B

                                                                                                                      MD5

                                                                                                                      d8d0680264ccc60ca92dab023af1eec4

                                                                                                                      SHA1

                                                                                                                      e0d88ce791e725a3d67470ca9a12f357cb9c2b94

                                                                                                                      SHA256

                                                                                                                      3227676cd677b92683ea764a323710a2f4cd3361315714031faecd71ea5acebe

                                                                                                                      SHA512

                                                                                                                      2b31966bc91bf0e299fd1492700b11ea072e860f672212a2b6bc6d8dfe19783499d4347127507636fb8fb8acfdfcc8beafd926ea943178bcc0cffd8fb34c9693

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\container.dat.fun

                                                                                                                      Filesize

                                                                                                                      16B

                                                                                                                      MD5

                                                                                                                      8ebcc5ca5ac09a09376801ecdd6f3792

                                                                                                                      SHA1

                                                                                                                      81187142b138e0245d5d0bc511f7c46c30df3e14

                                                                                                                      SHA256

                                                                                                                      619e246fc0ac11320ff9e322a979948d949494b0c18217f4d794e1b398818880

                                                                                                                      SHA512

                                                                                                                      cec50bfc6ad2f57f16da99459f40f2d424c6d5691685fa1053284f46c8c8c8a975d7bcb1f3521c4f3fbdc310cf4714e29404aa23be6021e2e267c97b090dc650

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Windows\Caches\{03BA58C4-B905-4D30-88C9-B63C603DA134}.3.ver0x0000000000000001.db.fun

                                                                                                                      Filesize

                                                                                                                      403KB

                                                                                                                      MD5

                                                                                                                      9f80011985a18a1a4df829c5d259feaa

                                                                                                                      SHA1

                                                                                                                      6f63f43c341af7741d4172ea7a96ef8cdc741867

                                                                                                                      SHA256

                                                                                                                      a4d756b10f1de4be8d6f7469dadaf26846490de85b6d63aa3473b2488be7a5af

                                                                                                                      SHA512

                                                                                                                      8b0a378658fe4642e4f569dd12734876c1b258b4ff7c1bc16221ce3199b9921084a7df261e4b05f157956b29c95c97fef422fe8d0d0f9558e33031ae1de84a67

                                                                                                                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\activity-stream.discovery_stream.json.tmp

                                                                                                                      Filesize

                                                                                                                      24KB

                                                                                                                      MD5

                                                                                                                      858e682aad76d3a0e82ca870c4a865ad

                                                                                                                      SHA1

                                                                                                                      8fcde91b70b5645d3aab64536f22bee1341df882

                                                                                                                      SHA256

                                                                                                                      082d3b5d89c2b82755851b39ff18ba60be9847f9ffde1ff1dedaf385e962dba7

                                                                                                                      SHA512

                                                                                                                      9aaf2e90cd47ceabaf76990da10d794a5d4b270c290ad48e8a60fab136c995ec27cf30f451c2d0a5097ad4b4d63cca19da8d330273417a029066266b4f4b1bba

                                                                                                                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

                                                                                                                      Filesize

                                                                                                                      13KB

                                                                                                                      MD5

                                                                                                                      4d6c2100049135e22fe4d98c4679edc9

                                                                                                                      SHA1

                                                                                                                      0dbc4c0be25e16f9a8594dfc0e0680dccbc24376

                                                                                                                      SHA256

                                                                                                                      dcee78dd4dbcfdc8226e980c7685b94179d82da5d3c8bee1dfc8b83f8a053f18

                                                                                                                      SHA512

                                                                                                                      23004dee380c4db47c6102bd4ffd11f615a2e4e4011513bcab37951b2339f815578a3e8f05fb3295d0202b1f133ca8b7c064793e8c9be72dc5c27294d7123144

                                                                                                                    • C:\Users\Admin\AppData\Local\Packages\DesktopView_cw5n1h2txyewy\Settings\settings.dat.fun

                                                                                                                      Filesize

                                                                                                                      8KB

                                                                                                                      MD5

                                                                                                                      f22599af9343cac74a6c5412104d748c

                                                                                                                      SHA1

                                                                                                                      e2ac4c57fa38f9d99f3d38c2f6582b4334331df5

                                                                                                                      SHA256

                                                                                                                      36537e56d60910ab6aa548e64ca4adafdcabde9d60739013993e12ba061dfd65

                                                                                                                      SHA512

                                                                                                                      5c8afc025e1d8342d93b7842dc7ef22eca61085857a80a08ba9b3f156ee3b814606bb32bc244bd525a7913e7915bdf3a86771d39577f4a1176ade04dc381c6d4

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\datareporting\glean\db\data.safe.bin

                                                                                                                      Filesize

                                                                                                                      491B

                                                                                                                      MD5

                                                                                                                      508ccfd83776ac936b18e13d5a577532

                                                                                                                      SHA1

                                                                                                                      4d3aba9f80bc28f774e6a6442371102e57c5d054

                                                                                                                      SHA256

                                                                                                                      d03ca6c9d0f6443181a038405296be0b8996efe3fe38351a97114f7b1b77063e

                                                                                                                      SHA512

                                                                                                                      7ca2274495ba6919405b58c5598a903a735633fcf039d53d3f9b2e12b49f42fb81898e33cdf1ad9b4db378fdccb7dd6df56ba50e1875f5fc324db9d58a7355ff

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\datareporting\glean\deletion_request\022f20ae-4d93-46ca-987b-0c0737713860

                                                                                                                      Filesize

                                                                                                                      515B

                                                                                                                      MD5

                                                                                                                      4694e9286f033575b33cee5afcc0f746

                                                                                                                      SHA1

                                                                                                                      e5579cdd715dd0776778dcb08eb1cbf6ed3594aa

                                                                                                                      SHA256

                                                                                                                      cf3fe83755c2ac2c56b00b05a74c139b42027f14cf1e1c711a09393994d529ee

                                                                                                                      SHA512

                                                                                                                      169f49bec1b923f6f45b0d8ea132653d8d354f994d3fb0bdbdb36a09857d50e3bc080d4e0e08628b38c75bf7327ff61b768cacb512959534974e58f91a87c3be

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\extensions.json.tmp

                                                                                                                      Filesize

                                                                                                                      42KB

                                                                                                                      MD5

                                                                                                                      aedbda35be5e6decffbeafd0fa7e6233

                                                                                                                      SHA1

                                                                                                                      af2dbb1a406727210a82ace24d9ddbb58964bcf5

                                                                                                                      SHA256

                                                                                                                      2e836858743c453660e586d92d6372eff10d46720935ff63a6c74e1134e44d6b

                                                                                                                      SHA512

                                                                                                                      35074a1151b85c62009a0f90c8c408b2f9d9e4406238b0cba75c1ac1aefd46542cbb1d326e36ab0e1c8540faae333d717cb41bab0a66ce01ad93c7c934bc2bd8

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\prefs-1.js

                                                                                                                      Filesize

                                                                                                                      5KB

                                                                                                                      MD5

                                                                                                                      8ac1129fa5800dff471b300b6d6dac93

                                                                                                                      SHA1

                                                                                                                      482f2047d876379318b0d33c670c985bb85c1d5d

                                                                                                                      SHA256

                                                                                                                      e985e3c29374732e798636d720778f4f2df094a89197b3901192680ced1996f3

                                                                                                                      SHA512

                                                                                                                      e844671c8945baa535baea534bb6a5780c96247d6dad4a0a2e031e55bef0d862d819ce05d45b93b0fbd7ab64512696d63a8f6d7393741a79a9963426e6e7a348

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\prefs-1.js

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      af357adbf24acae02c8e5a0d788519e6

                                                                                                                      SHA1

                                                                                                                      d02d63e68b2e831b28d2e29ceec203e23f58f6c0

                                                                                                                      SHA256

                                                                                                                      fc23cf75a13936c415598964f8fd1f1a828d47d79fed3d983b375acf177d6429

                                                                                                                      SHA512

                                                                                                                      fb16139b9f145c15204f5e3fa5126858514f912b68f8411a88d902345cf77d58c13a2894d82252564c5919ba8f4fd5051a363a8f593a295d92f96366406d2d98

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\prefs.js

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      e75b0bda06a4b9158f81b20548348360

                                                                                                                      SHA1

                                                                                                                      9aa1869779d4f0fb73c3cdbf44e231b8e04fe3ea

                                                                                                                      SHA256

                                                                                                                      66cc6f7667cd7a970b69d7433c38188832666b3d8254723f5e2c245453fb76b1

                                                                                                                      SHA512

                                                                                                                      78cb2f278e433f5dcd9d52e36b0b888902fb8320d3842585f630faef4234888e2c57a4751f91d75ec94c5ebf727b4937166da08129ae69266b2064be755e0b0f

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\prefs.js

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      ffc952bd7d7ed826e967811d460b6607

                                                                                                                      SHA1

                                                                                                                      d7b3a1c8f9e78784b1ee0e57ed918d975f77f34b

                                                                                                                      SHA256

                                                                                                                      7e08e3fd1aad287e8962a2af4d092e5d1e39cbd24a9a31bb18309528fd9d2e46

                                                                                                                      SHA512

                                                                                                                      44f9da476fb3c7d9dba96932235e57ae0d30888d0eac5b434cb2292d11d603115a69f3694f20a8e4dbae0630fc3e76cf85f6b96ab9b538d8d0996480e96c8cfe

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\search.json.mozlz4

                                                                                                                      Filesize

                                                                                                                      280B

                                                                                                                      MD5

                                                                                                                      41d220d4783f67d2b57beec20c135229

                                                                                                                      SHA1

                                                                                                                      6e97765e77920b6010fac2cb4abf1e3cea106541

                                                                                                                      SHA256

                                                                                                                      5d1881e74d76b95bad59439bb5c7676258a4ae6b6d853074e93b5247cf1715dc

                                                                                                                      SHA512

                                                                                                                      dc30ddc4c8cfe598de5e24bc88cebbe4256fbb21a0b1db6c2ec15311053e7d8be6a93a0bcfcfd8a02543f8b9cf9b15a5840154b272a2df71d59d7dfd80984ac0

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionCheckpoints.json

                                                                                                                      Filesize

                                                                                                                      259B

                                                                                                                      MD5

                                                                                                                      700fe59d2eb10b8cd28525fcc46bc0cc

                                                                                                                      SHA1

                                                                                                                      339badf0e1eba5332bff317d7cf8a41d5860390d

                                                                                                                      SHA256

                                                                                                                      4f5d849bdf4a5eeeb5da8836589e064e31c8e94129d4e55b1c69a6f98fb9f9ea

                                                                                                                      SHA512

                                                                                                                      3fa1b3fd4277d5900140e013b1035cb4c72065afcc6b6a8595b43101cfe7d09e75554a877e4a01bb80b0d7a58cdcfe553c4a9ef308c5695c5e77cb0ea99bada4

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore.jsonlz4

                                                                                                                      Filesize

                                                                                                                      926B

                                                                                                                      MD5

                                                                                                                      7cba8fffe9bdb8b860103dd7e8408ae2

                                                                                                                      SHA1

                                                                                                                      9884b3434a1ee6343622599683f55c1c914aceca

                                                                                                                      SHA256

                                                                                                                      df5f88bf739f95d61d9b8a055f4f8e7e420222cd31132ee10343e6d3e46ac9d9

                                                                                                                      SHA512

                                                                                                                      3926d6de2b626c4d8b83c637c6a5cad98bac37c1737baa129aa4735a010c05ebdf87df3c256ef365fa9ea7303cbda67358b20e4bc7e1c4dad0a426cc3ec687f2

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

                                                                                                                      Filesize

                                                                                                                      248KB

                                                                                                                      MD5

                                                                                                                      2e9b07daf7d45c48f7de8426efe358ab

                                                                                                                      SHA1

                                                                                                                      058027228aedc8935d011ee797f513b2bd7ecc66

                                                                                                                      SHA256

                                                                                                                      bfcbff84d0be038b36a8fc32d1339f4a47e2ec202ca1006ec019e42794813ff4

                                                                                                                      SHA512

                                                                                                                      23e21d961c3fbe3aa0635b88498ea7d1b8145274aa4cc2068d2e63549659fdf8010645aa62c560b8dd1ded4fd166f10f51dc251e1c45abf069bb4c41a4349120

                                                                                                                    • C:\Users\Admin\Downloads\Ransomware.Mamba.zip

                                                                                                                      Filesize

                                                                                                                      1.0MB

                                                                                                                      MD5

                                                                                                                      f94d1f4e2ce6c7cc81961361aab8a144

                                                                                                                      SHA1

                                                                                                                      88189db0691667653fe1522c6b5673bf75aa44aa

                                                                                                                      SHA256

                                                                                                                      610a52c340ebaff31093c5ef0d76032ac2acdc81a3431e68b244bf42905fd70a

                                                                                                                      SHA512

                                                                                                                      7b7cf9a782549e75f87b8c62d091369b47c1b22c9a10dcf4a5d9f2db9a879ed3969316292d3944f95aeb67f34ae6dc6bbe2ae5ca497be3a25741a2aa204e66ad

                                                                                                                    • C:\Users\Admin\Downloads\Ransomware.Petrwrap.zip

                                                                                                                      Filesize

                                                                                                                      1.1MB

                                                                                                                      MD5

                                                                                                                      6884a35803f2e795fa4b121f636332b4

                                                                                                                      SHA1

                                                                                                                      527bfbf4436f9cce804152200c4808365e6ba8f9

                                                                                                                      SHA256

                                                                                                                      cf01329c0463865422caa595de325e5fe3f7fba44aabebaae11a6adfeb78b91c

                                                                                                                      SHA512

                                                                                                                      262732a9203e2f3593d45a9b26a1a03cc185a20cf28fad3505e257b960664983d2e4f2b19b9ff743015310bf593810bd049eb03d0fd8912a6d54de739742de60

                                                                                                                    • C:\Users\Admin\Downloads\Ransomware.RedBoot.zip

                                                                                                                      Filesize

                                                                                                                      1.2MB

                                                                                                                      MD5

                                                                                                                      51250dabf7df7832640e4a680676cb46

                                                                                                                      SHA1

                                                                                                                      74ba41bb17af6e5638171f7a6d9d49e978d8d3b3

                                                                                                                      SHA256

                                                                                                                      7fa2bf61405ac573a21334e34bf713dcb5d1fc0c72674e6cebc48d33a4a14d44

                                                                                                                      SHA512

                                                                                                                      43f898d7e5752312a79138dcce94c117a20fb6efd9e522fc1ed3cc2d407d13cacf5b6f810c7c1966c4c03217aeb51fce641feb31b26620ff239756132b17f57a

                                                                                                                    • memory/1380-4996-0x0000000002800000-0x0000000002900000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      1024KB

                                                                                                                    • memory/1380-4998-0x00007FF91B490000-0x00007FF91BE30000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/1380-4997-0x00007FF91B490000-0x00007FF91BE30000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/1380-4995-0x00007FF91B490000-0x00007FF91BE30000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/1712-4987-0x0000000002A00000-0x0000000002B00000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      1024KB

                                                                                                                    • memory/1712-4986-0x00007FF91B490000-0x00007FF91BE30000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/1712-4990-0x00007FF91B490000-0x00007FF91BE30000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/1712-4989-0x00007FF91B490000-0x00007FF91BE30000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/1888-13-0x00007FF91EC40000-0x00007FF91F5E0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/1888-5-0x000000001B320000-0x000000001B3BC000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      624KB

                                                                                                                    • memory/1888-3-0x000000001B920000-0x000000001BDEE000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      4.8MB

                                                                                                                    • memory/1888-4-0x00007FF91EC40000-0x00007FF91F5E0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/1888-0-0x00007FF91EC40000-0x00007FF91F5E0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/1888-2-0x0000000002650000-0x0000000002660000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      64KB

                                                                                                                    • memory/1888-1-0x0000000000C70000-0x0000000000CA8000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      224KB

                                                                                                                    • memory/3788-17-0x0000000002F50000-0x0000000002F58000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      32KB

                                                                                                                    • memory/3788-247-0x00007FF91EC40000-0x00007FF91F5E0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/3788-15-0x0000000002FA0000-0x0000000002FB0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      64KB

                                                                                                                    • memory/3788-14-0x00007FF91EC40000-0x00007FF91F5E0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/3788-16-0x00007FF91EC40000-0x00007FF91F5E0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/3788-245-0x00007FF91EC40000-0x00007FF91F5E0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/3788-246-0x0000000002FA0000-0x0000000002FB0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      64KB

                                                                                                                    • memory/3788-3783-0x0000000002FA0000-0x0000000002FB0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      64KB

                                                                                                                    • memory/3788-3793-0x00007FF91EC40000-0x00007FF91F5E0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/3788-3782-0x0000000002FA0000-0x0000000002FB0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      64KB

                                                                                                                    • memory/3788-3779-0x0000000002FA0000-0x0000000002FB0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      64KB

                                                                                                                    • memory/3788-3784-0x0000000002FA0000-0x0000000002FB0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      64KB

                                                                                                                    • memory/3788-3778-0x0000000002FA0000-0x0000000002FB0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      64KB

                                                                                                                    • memory/3788-3785-0x0000000001550000-0x00000000015C2000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      456KB

                                                                                                                    • memory/3788-3777-0x0000000002FA0000-0x0000000002FB0000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      64KB

                                                                                                                    • memory/4344-4981-0x0000000002F40000-0x0000000003F40000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      16.0MB

                                                                                                                    • memory/4344-4970-0x0000000002B00000-0x0000000002C00000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      1024KB

                                                                                                                    • memory/4344-4993-0x0000000002B00000-0x0000000002C00000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      1024KB

                                                                                                                    • memory/4344-4984-0x0000000002B00000-0x0000000002C00000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      1024KB

                                                                                                                    • memory/4344-4972-0x000000001B720000-0x000000001B782000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      392KB

                                                                                                                    • memory/4344-4969-0x00007FF91B490000-0x00007FF91BE30000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/4344-4991-0x0000000002B00000-0x0000000002C00000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      1024KB

                                                                                                                    • memory/4344-4992-0x0000000002F40000-0x0000000003F40000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      16.0MB

                                                                                                                    • memory/4344-4971-0x00007FF91B490000-0x00007FF91BE30000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/4344-4973-0x00000000028B0000-0x0000000002902000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      328KB

                                                                                                                    • memory/4344-4982-0x0000000002B00000-0x0000000002C00000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      1024KB

                                                                                                                    • memory/4344-4983-0x00007FF91B490000-0x00007FF91BE30000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/4344-4985-0x0000000002B00000-0x0000000002C00000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      1024KB

                                                                                                                    • memory/4344-4979-0x0000000002B00000-0x0000000002C00000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      1024KB

                                                                                                                    • memory/4344-4974-0x0000000002B00000-0x0000000002C00000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      1024KB

                                                                                                                    • memory/4576-5002-0x00007FF91B490000-0x00007FF91BE30000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/4576-5001-0x00007FF91B490000-0x00007FF91BE30000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/4576-4999-0x00007FF91B490000-0x00007FF91BE30000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      9.6MB

                                                                                                                    • memory/4576-5000-0x0000000002C00000-0x0000000002D00000-memory.dmp

                                                                                                                      Filesize

                                                                                                                      1024KB