Analysis Overview
Threat Level: Shows suspicious behavior
The file http://mailbird was found to be: Shows suspicious behavior.
Malicious Activity Summary
Checks computer location settings
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
Adds Run key to start application
Checks whether UAC is enabled
Enumerates connected drives
Drops file in System32 directory
Detected potential entity reuse from brand microsoft.
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
Uses Volume Shadow Copy service COM API
Modifies data under HKEY_USERS
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SendNotifyMessage
Modifies registry class
Checks SCSI registry key(s)
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-03 19:50
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-03 19:50
Reported
2024-05-03 19:58
Platform
win10v2004-20240419-en
Max time kernel
509s
Max time network
510s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MailbirdSetup.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Control Panel\International\Geo\Nation | C:\Windows\Installer\MSI75DE.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Control Panel\International\Geo\Nation | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Control Panel\International\Geo\Nation | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Control Panel\International\Geo\Nation | C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Control Panel\International\Geo\Nation | C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Control Panel\International\Geo\Nation | C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\MailbirdSetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MailbirdSetup.exe | N/A |
| N/A | N/A | C:\Windows\Installer\MSI75DE.tmp | N/A |
| N/A | N/A | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| N/A | N/A | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| N/A | N/A | C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe | N/A |
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000300000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000400000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000500000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000600000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000700000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000900000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda010040e0fd3b374f01000000000000000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000800000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000a00000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000100000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000200000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mailbird = "\"C:\\Program Files\\Mailbird\\Mailbird.exe\" startup" | C:\Program Files\Mailbird\Mailbird.exe | N/A |
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files\Mailbird\Mailbird.exe | N/A |
Enumerates connected drives
Detected potential entity reuse from brand microsoft.
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Mailbird\Helpers\Chromium\Html\blank.html | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\SharpVectors.Core.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\fr-ca\Mailbird.Localization.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\ru.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Helpers\Chromium\Javascript\Print.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\chrome_100_percent.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\pt-PT.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\MouseKeyboardActivityMonitor.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Google.Apis.Core.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\et.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Limilabs.Proxy.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Mailbird.ReadReceipts.Client.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\nl\Mailbird.Localization.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Google.GData.Client.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\SharpVectors.Runtime.Wpf.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\da\Mailbird.Localization.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\System.Data.SQLite.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\x64\libcef.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Mailbird.Apps.API.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\ro\Mailbird.Localization.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Mailbird.exe.config | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Mailbird.ReadReceipts.Common.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\ja\Mailbird.Localization.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\System.Threading.Tasks.Extensions.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\fr.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\sv\Mailbird.Localization.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Google.Apis.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\x64\Mailbird.IncrediMailConverter.lib | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\fa.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\pl.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\tr\Mailbird.Localization.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\ko.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Mailbird.Data.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Images\Icons\Mailbird_text.png | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\LogicNP.CryptoLicensing.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Mailbird.Apps.dll.config | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\x64\vk_swiftshader.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\SharpVectors.Rendering.Wpf.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\es.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\System.Reactive.Linq.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Migrator.Framework.dll.config | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\x64\Mailbird.IncrediMailConverter.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\th.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\x64\SQLite.Interop.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\x64\CefSharp.Core.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\SharpVectors.Model.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Oracle.DataAccess.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\x64\Mailbird.IncrediMailConverter.exp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\System.Numerics.Vectors.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\ta.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\NLog.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\System.IdentityModel.Tokens.Jwt.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\x64\chrome_elf.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\System.ValueTuple.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\sv.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\SupportedAppLanguages.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\el\Mailbird.Localization.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\bn.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\lt.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Google.Apis.Auth.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\en-GB.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\Mailbird.exe.manifest | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\sl.pak | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Mailbird\locales\zh-CN.pak | C:\Windows\system32\msiexec.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\MSI3ACD.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI68B5.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI6AEC.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI6DBC.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI7521.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI75DE.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3992.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3AED.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI6D7D.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a378e.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a378c.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI38B5.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI38F4.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3A9D.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI6992.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI69A2.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI734B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI6972.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\{6403482D-895D-44E7-8DE7-190FB85AA9C5}\SystemFoldermsiexec.exe | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3A2F.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\{6403482D-895D-44E7-8DE7-190FB85AA9C5}\SystemFoldermsiexec.exe | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI7532.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e5a378c.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{6403482D-895D-44E7-8DE7-190FB85AA9C5} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\{6403482D-895D-44E7-8DE7-190FB85AA9C5}\MailIcon_1.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\{6403482D-895D-44E7-8DE7-190FB85AA9C5}\MailIcon_1.exe | C:\Windows\system32\msiexec.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 000000000400000057e87298238d7ad50000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff00000000270101000008000057e872980000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff00000000070001000068090057e87298000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1d57e87298000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000057e8729800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2a | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2b | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133592394234652992" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2A\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Mailbird.Url.mailto | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\mailbird\shell | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\mailbird\shell\ = "open" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\BBE7F467081DEDC41BE42765F896426F | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\Mailbird.Url.mailto\EditFlags = 02000000 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Mailbird.Url.mailto\ = "Mailbird Url" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\D2843046D5987E44D87E91F08BA59A5C | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\activatepro\shell\ = "open" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\D2843046D5987E44D87E91F08BA59A5C\ProductName = "Mailbird" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\D2843046D5987E44D87E91F08BA59A5C\PackageCode = "7D764D7467C02374BA26521A4BE363E4" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\mailbird\shell\open | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Mailbird.Url.mailto\shell\open | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\D2843046D5987E44D87E91F08BA59A5C\SourceList\PackageName = "MailbirdSetup.x64.msi" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\mailbird | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\activatepro\shell\open\command\ = "\"C:\\Program Files\\Mailbird\\Mailbird.exe\" \"%1\"" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000300000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-877519540-908060166-1852957295-1000\{D8002100-971C-4AF1-B1C3-1DCEEE728D58} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\DisplayName = "Chrome Sandbox" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Software | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Mailbird.Url.mailto\shell\open\command | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\D2843046D5987E44D87E91F08BA59A5C\Assignment = "1" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\mailbird\shell | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Mailbird.Url.mailto\shell\open\command\ = "\"C:\\Program Files\\Mailbird\\Mailbird.exe\" \"%1\"" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Mailbird.Url.mailto\FriendlyTypeName = "Mailbird Url" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000700000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\activatepro\FriendlyTypeName = "URL:Mailbird Activation Protocol" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\activatepro | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Mailbird.Url.mailto\FriendlyTypeName = "URL:Mailbird mailto Protocol" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Mailbird.Url.mailto\shell\open\command | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000100000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\D2843046D5987E44D87E91F08BA59A5C\InstanceType = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\D2843046D5987E44D87E91F08BA59A5C\SourceList\LastUsedSource = "n;1;C:\\Users\\Admin\\AppData\\Roaming\\Mailbird\\Mailbird 3.0.10\\install\\85AA9C5\\" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\mailbird\FriendlyTypeName = "URL:Mailbird Protocol" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\mailbird\URL Protocol | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\activatepro\shell\open\command | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Mailbird.Url.mailto | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Mailbird.Url.mailto\shell\open\command\ = "\"C:\\Program Files\\Mailbird\\Mailbird.exe\" \"%1\"" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\D2843046D5987E44D87E91F08BA59A5C | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\mailbird\EditFlags = 02000000 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Mailbird.Url.mailto\shell | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe\Children | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Mailbird.Url.mailto\shell | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\D2843046D5987E44D87E91F08BA59A5C\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\D2843046D5987E44D87E91F08BA59A5C\Clients = 3a0000000000 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Moniker = "cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Mailbird.Url.mailto | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000500000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InProcServer32\ = b648c2a4939dda0134bec2a4939dda01010000000a00000000000000 | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\mailto\shell\open | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\activatepro | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\mailbird | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Mailbird.Url.mailto\shell\open | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\mailbird\shell\open | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\D2843046D5987E44D87E91F08BA59A5C\C4FE6FD5B7C4D07B3A313E754A9A6A8 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\mailto\shell | C:\Program Files\Mailbird\Mailbird.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\activatepro\DefaultIcon | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\D2843046D5987E44D87E91F08BA59A5C\MainFeature | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\D2843046D5987E44D87E91F08BA59A5C\ProductIcon = "C:\\Windows\\Installer\\{6403482D-895D-44E7-8DE7-190FB85AA9C5}\\MailIcon_1.exe" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\D2843046D5987E44D87E91F08BA59A5C\SourceList\Media | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\activatepro\EditFlags = 02000000 | C:\Windows\system32\msiexec.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mailbird\Mailbird.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mailbird\Mailbird.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://mailbird
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x104,0x108,0x10c,0xd4,0x110,0x7fff129acc40,0x7fff129acc4c,0x7fff129acc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2096,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2092 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1860,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1916 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2144,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2644 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3036,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3152 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3040,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4360,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4020 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3536,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3504 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3444,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3164 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4820,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4848 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5024,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5020 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5132,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5124 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4800,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4808 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4816,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4832 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3428,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5152 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3356,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3808 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5308,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5084 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5700,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5560 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5704,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5716 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4724,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=964 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4412,i,6017346904236954326,15051282013181659836,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5056 /prefetch:8
C:\Users\Admin\Downloads\MailbirdSetup.exe
"C:\Users\Admin\Downloads\MailbirdSetup.exe"
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding A89A0E97C538CD53E6F6F7C4A947E77D C
C:\Users\Admin\Downloads\MailbirdSetup.exe
"C:\Users\Admin\Downloads\MailbirdSetup.exe" /i "C:\Users\Admin\AppData\Roaming\Mailbird\Mailbird 3.0.10\install\85AA9C5\MailbirdSetup.x64.msi" AI_EUIMSI=1 SHORTCUTDIR="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mailbird" APPDIR="C:\Program Files\Mailbird" SECONDSEQUENCE="1" CLIENTPROCESSID="4652" AI_MORE_CMD_LINE=1
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding F396B638B6F8E9C88E0357E9E9FBED50
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding B11532152D4712278B6921ABAA52D958 E Global\MSI0000
C:\Windows\Installer\MSI75DE.tmp
"C:\Windows\Installer\MSI75DE.tmp" /EnforcedRunAsAdmin /DontWait /RunAsAdmin "C:\Program Files\Mailbird\Mailbird.exe" "installed;en; " "source; ; ; ; " "tracking; "
C:\Program Files\Mailbird\Mailbird.exe
"C:\Program Files\Mailbird\Mailbird.exe" "installed;en; " "source; ; ; ; " "tracking; "
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.getmailbird.com/confirm-installation/?u=dd4fb180-e032-4b19-b793-aa900c26e531
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffee18646f8,0x7ffee1864708,0x7ffee1864718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1988 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2712 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\explorer.exe
"C:\Windows\explorer.exe" "C:\Program Files\Mailbird\Mailbird.exe"
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Program Files\Mailbird\Mailbird.exe
"C:\Program Files\Mailbird\Mailbird.exe"
C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe
"C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe" --type=gpu-process --no-sandbox --locales-dir-path="C:\Program Files\Mailbird\locales" --log-severity=info --resources-dir-path="C:\Program Files\Mailbird" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Mailbird\Misc" --cefsharpexitsub --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --log-file="C:\Users\Admin\AppData\Local\Mailbird\CefLog.log" --mojo-platform-channel-handle=4584 --field-trial-handle=4576,i,4297404138743918956,9621889106949902516,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2 --host-process-id=4504
C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe
"C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --locales-dir-path="C:\Program Files\Mailbird\locales" --log-severity=info --resources-dir-path="C:\Program Files\Mailbird" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Mailbird\Misc" --cefsharpexitsub --log-file="C:\Users\Admin\AppData\Local\Mailbird\CefLog.log" --mojo-platform-channel-handle=4936 --field-trial-handle=4576,i,4297404138743918956,9621889106949902516,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=4504
C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe
"C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe" --type=gpu-process --no-sandbox --locales-dir-path="C:\Program Files\Mailbird\locales" --log-severity=info --resources-dir-path="C:\Program Files\Mailbird" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Mailbird\Misc" --cefsharpexitsub --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=disabled --log-file="C:\Users\Admin\AppData\Local\Mailbird\CefLog.log" --mojo-platform-channel-handle=5072 --field-trial-handle=4576,i,4297404138743918956,9621889106949902516,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2 --host-process-id=4504
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=9f87c23f-2ebc-4a25-bb7f-3dbdb56e5ed0&redirect_uri=http%3a%2f%2f127.0.0.1%3a56015&response_mode=query&response_type=code&scope=openid+email+offline_access+https%3a%2f%2foutlook.office.com%2fEWS.AccessAsUser.All+https%3a%2f%2foutlook.office.com%2fcontacts.readwrite&login_hint=fsepsan%40hotmail.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffee18646f8,0x7ffee1864708,0x7ffee1864718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4fc 0x464
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2056 /prefetch:1
C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe
"C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-sandbox --locales-dir-path="C:\Program Files\Mailbird\locales" --log-severity=info --resources-dir-path="C:\Program Files\Mailbird" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Mailbird\Misc" --cefsharpexitsub --log-file="C:\Users\Admin\AppData\Local\Mailbird\CefLog.log" --mojo-platform-channel-handle=6600 --field-trial-handle=4576,i,4297404138743918956,9621889106949902516,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=4504
C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe
"C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --locales-dir-path="C:\Program Files\Mailbird\locales" --log-severity=info --resources-dir-path="C:\Program Files\Mailbird" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Mailbird\Misc" --cefsharpexitsub --log-file="C:\Users\Admin\AppData\Local\Mailbird\CefLog.log" --mojo-platform-channel-handle=6204 --field-trial-handle=4576,i,4297404138743918956,9621889106949902516,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=4504
C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe
"C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe" --type=renderer --locales-dir-path="C:\Program Files\Mailbird\locales" --log-severity=info --resources-dir-path="C:\Program Files\Mailbird" --user-data-dir="C:\Users\Admin\AppData\Local\Mailbird\Misc" --cefsharpexitsub --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Local\Mailbird\CefLog.log" --disable-threaded-scrolling --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5928 --field-trial-handle=4576,i,4297404138743918956,9621889106949902516,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=4504 /prefetch:1
C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe
"C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe" --type=renderer --locales-dir-path="C:\Program Files\Mailbird\locales" --log-severity=info --resources-dir-path="C:\Program Files\Mailbird" --user-data-dir="C:\Users\Admin\AppData\Local\Mailbird\Misc" --cefsharpexitsub --no-sandbox --log-file="C:\Users\Admin\AppData\Local\Mailbird\CefLog.log" --disable-threaded-scrolling --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=7248 --field-trial-handle=4576,i,4297404138743918956,9621889106949902516,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=4504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5808 /prefetch:2
C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe
"C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe" --type=renderer --locales-dir-path="C:\Program Files\Mailbird\locales" --log-severity=info --resources-dir-path="C:\Program Files\Mailbird" --user-data-dir="C:\Users\Admin\AppData\Local\Mailbird\Misc" --cefsharpexitsub --no-sandbox --log-file="C:\Users\Admin\AppData\Local\Mailbird\CefLog.log" --disable-threaded-scrolling --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=7500 --field-trial-handle=4576,i,4297404138743918956,9621889106949902516,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=4504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5596 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3484 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=1976,18159574574156309275,6862251997011965489,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6848 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| BE | 88.221.83.211:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 211.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | go.getmailbird.com | udp |
| US | 8.8.8.8:53 | io.clickguard.com | udp |
| US | 104.26.12.152:443 | io.clickguard.com | tcp |
| US | 104.26.12.152:443 | io.clickguard.com | tcp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 152.12.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 172.64.153.235:443 | go.getmailbird.com | tcp |
| US | 172.64.153.235:443 | go.getmailbird.com | tcp |
| US | 8.8.8.8:53 | builder-assets.unbounce.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | www.getmailbird.com | udp |
| GB | 18.172.89.36:443 | builder-assets.unbounce.com | tcp |
| US | 172.66.40.122:443 | www.getmailbird.com | tcp |
| US | 172.66.40.122:443 | www.getmailbird.com | tcp |
| US | 172.66.40.122:443 | www.getmailbird.com | tcp |
| GB | 142.250.179.234:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | 235.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.40.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.89.172.18.in-addr.arpa | udp |
| US | 172.66.40.122:443 | www.getmailbird.com | udp |
| US | 172.66.40.122:443 | www.getmailbird.com | udp |
| US | 8.8.8.8:53 | b95f39c1f85b46dba032b862acf99b9c.js.ubembed.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | cdn.mxpnl.com | udp |
| US | 8.8.8.8:53 | d1f8f9xcsvx3ha.cloudfront.net | udp |
| US | 8.8.8.8:53 | d9hhrg4mnvzow.cloudfront.net | udp |
| US | 35.186.235.23:443 | cdn.mxpnl.com | tcp |
| GB | 13.224.78.18:443 | d1f8f9xcsvx3ha.cloudfront.net | tcp |
| GB | 18.165.160.73:443 | static.hotjar.com | tcp |
| US | 104.18.39.181:443 | b95f39c1f85b46dba032b862acf99b9c.js.ubembed.com | tcp |
| GB | 18.165.158.102:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| GB | 18.165.158.102:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| GB | 18.165.158.102:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| GB | 18.165.158.102:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| GB | 18.165.158.102:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| US | 8.8.8.8:53 | fonts.ub-assets.com | udp |
| GB | 18.165.158.102:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| GB | 13.224.81.40:443 | fonts.ub-assets.com | tcp |
| US | 8.8.8.8:53 | mailbird.onfastspring.com | udp |
| US | 8.8.8.8:53 | assets.ubembed.com | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| US | 23.23.84.107:443 | mailbird.onfastspring.com | tcp |
| GB | 18.165.160.28:443 | assets.ubembed.com | tcp |
| GB | 3.162.20.56:443 | script.hotjar.com | tcp |
| US | 8.8.8.8:53 | sc.lfeeder.com | udp |
| GB | 18.172.89.121:443 | sc.lfeeder.com | tcp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | b95f39c1f85b46dba032b862acf99b9c.pages.ubembed.com | udp |
| US | 172.64.153.235:443 | b95f39c1f85b46dba032b862acf99b9c.pages.ubembed.com | tcp |
| US | 172.64.153.235:443 | b95f39c1f85b46dba032b862acf99b9c.pages.ubembed.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| GB | 13.224.81.40:443 | fonts.ub-assets.com | tcp |
| BE | 64.233.167.156:443 | stats.g.doubleclick.net | tcp |
| GB | 18.172.89.36:443 | builder-assets.unbounce.com | tcp |
| GB | 18.172.89.36:443 | builder-assets.unbounce.com | tcp |
| GB | 18.172.89.36:443 | builder-assets.unbounce.com | tcp |
| US | 8.8.8.8:53 | 23.235.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.78.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.39.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.158.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.84.23.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.167.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tr-rc.lfeeder.com | udp |
| GB | 18.165.160.20:443 | tr-rc.lfeeder.com | tcp |
| GB | 18.165.158.102:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| GB | 13.224.81.40:443 | fonts.ub-assets.com | tcp |
| US | 8.8.8.8:53 | b95f39c1f85b46dba032b862acf99b9c.events.ubembed.com | udp |
| US | 44.214.129.125:443 | b95f39c1f85b46dba032b862acf99b9c.events.ubembed.com | tcp |
| US | 44.214.129.125:443 | b95f39c1f85b46dba032b862acf99b9c.events.ubembed.com | tcp |
| US | 44.214.129.125:443 | b95f39c1f85b46dba032b862acf99b9c.events.ubembed.com | tcp |
| GB | 13.224.81.40:443 | fonts.ub-assets.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | 20.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.129.214.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api-js.mixpanel.com | udp |
| US | 107.178.240.159:443 | api-js.mixpanel.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 159.240.178.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | utt.impactcdn.com | udp |
| US | 35.186.249.72:443 | utt.impactcdn.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | script.crazyegg.com | udp |
| US | 35.186.249.72:443 | utt.impactcdn.com | tcp |
| US | 104.19.147.8:443 | script.crazyegg.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.19.147.8:443 | script.crazyegg.com | tcp |
| US | 8.8.8.8:53 | argos.getmailbird.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | udp |
| US | 34.136.124.34:443 | argos.getmailbird.com | tcp |
| US | 34.136.124.34:443 | argos.getmailbird.com | tcp |
| US | 8.8.8.8:53 | 72.249.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.124.136.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 104.19.147.8:443 | script.crazyegg.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| US | 104.19.147.8:443 | script.crazyegg.com | tcp |
| US | 8.8.8.8:53 | 8.147.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pagestates-tracking.crazyegg.com | udp |
| US | 8.8.8.8:53 | assets-tracking.crazyegg.com | udp |
| GB | 3.162.20.79:443 | pagestates-tracking.crazyegg.com | tcp |
| GB | 3.162.20.112:443 | assets-tracking.crazyegg.com | tcp |
| US | 8.8.8.8:53 | tracking.crazyegg.com | udp |
| IE | 54.195.89.156:443 | tracking.crazyegg.com | tcp |
| US | 8.8.8.8:53 | 112.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.89.195.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | goto.getmailbird.com | udp |
| US | 34.136.124.34:443 | goto.getmailbird.com | tcp |
| US | 34.136.124.34:443 | goto.getmailbird.com | tcp |
| US | 8.8.8.8:53 | download.getmailbird.com | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 177.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | o9270.ingest.sentry.io | udp |
| US | 34.120.195.249:443 | o9270.ingest.sentry.io | tcp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.223.142.52.in-addr.arpa | udp |
| US | 172.66.40.122:443 | download.getmailbird.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 2.18.190.81:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 81.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 35.186.235.23:443 | cdn.mxpnl.com | tcp |
| US | 34.136.124.34:443 | goto.getmailbird.com | tcp |
| US | 8.8.8.8:53 | utt.impactcdn.com | udp |
| US | 35.186.249.72:443 | utt.impactcdn.com | tcp |
| US | 8.8.8.8:53 | script.crazyegg.com | udp |
| US | 104.19.147.8:443 | script.crazyegg.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 64.233.167.156:443 | stats.g.doubleclick.net | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 104.19.147.8:443 | script.crazyegg.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 34.120.195.249:443 | o9270.ingest.sentry.io | tcp |
| US | 8.8.8.8:53 | magicalmailapp.com | udp |
| US | 172.67.68.209:443 | magicalmailapp.com | tcp |
| US | 172.67.68.209:443 | magicalmailapp.com | tcp |
| US | 8.8.8.8:53 | 209.68.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | updates.getmailbird.com | udp |
| DE | 85.10.209.70:443 | updates.getmailbird.com | tcp |
| US | 8.8.8.8:53 | api.mixpanel.com | udp |
| US | 35.190.25.25:80 | api.mixpanel.com | tcp |
| US | 8.8.8.8:53 | 70.209.10.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | imap.gmail.com | udp |
| BE | 64.233.167.109:993 | imap.gmail.com | tcp |
| US | 8.8.8.8:53 | 25.25.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.167.233.64.in-addr.arpa | udp |
| US | 35.190.25.25:80 | api.mixpanel.com | tcp |
| US | 204.79.197.212:443 | hotmail.com | tcp |
| US | 8.8.8.8:53 | autodiscover.hotmail.com | udp |
| GB | 52.97.202.66:443 | autodiscover.hotmail.com | tcp |
| GB | 52.97.202.66:80 | autodiscover.hotmail.com | tcp |
| US | 8.8.8.8:53 | _autodiscover._tcp.hotmail.com | udp |
| US | 8.8.8.8:53 | 212.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.202.97.52.in-addr.arpa | udp |
| GB | 52.97.202.66:80 | autodiscover.hotmail.com | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | outlook.office365.com | udp |
| GB | 52.97.202.82:993 | outlook.office365.com | tcp |
| US | 8.8.8.8:53 | 82.202.97.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| GB | 52.97.202.82:993 | outlook.office365.com | tcp |
| GB | 52.97.202.82:443 | outlook.office365.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.68:443 | login.microsoftonline.com | tcp |
| IE | 20.190.159.68:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | outlook.office365.com | udp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 13.107.246.64:443 | acctcdn.msauth.net | tcp |
| GB | 40.99.213.34:993 | outlook.office365.com | tcp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 172.66.40.122:443 | download.getmailbird.com | udp |
| US | 192.229.221.185:443 | logincdn.msftauth.net | tcp |
| US | 192.229.221.185:443 | logincdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | acctcdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.213.99.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 192.229.221.185:443 | lgincdnvzeuno.azureedge.net | tcp |
| US | 8.8.8.8:53 | 185.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| AU | 104.46.162.225:443 | browser.events.data.microsoft.com | tcp |
| AU | 104.46.162.225:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 225.162.46.104.in-addr.arpa | udp |
| AU | 104.46.162.225:443 | browser.events.data.microsoft.com | tcp |
| AU | 104.46.162.225:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.gravatar.com | udp |
| US | 192.0.73.2:80 | www.gravatar.com | tcp |
| US | 192.0.73.2:443 | www.gravatar.com | tcp |
| GB | 40.99.213.34:993 | outlook.office365.com | tcp |
| GB | 40.99.213.34:993 | outlook.office365.com | tcp |
| GB | 40.99.213.34:993 | outlook.office365.com | tcp |
| US | 8.8.8.8:53 | 2.73.0.192.in-addr.arpa | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | www.getmailbird.com | udp |
| US | 172.66.40.122:443 | www.getmailbird.com | tcp |
| US | 8.8.8.8:53 | parakeet.getmailbird.com | udp |
| US | 34.136.124.34:443 | parakeet.getmailbird.com | tcp |
| BE | 88.221.83.219:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 219.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 88.221.83.186:443 | r.bing.com | tcp |
| BE | 88.221.83.186:443 | r.bing.com | tcp |
| BE | 88.221.83.219:443 | th.bing.com | tcp |
| BE | 88.221.83.219:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 96.17.178.188:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 186.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.178.17.96.in-addr.arpa | udp |
| GB | 96.17.178.188:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | r.g.bing.com | udp |
| IE | 68.219.88.225:443 | r.g.bing.com | tcp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | www.ubereats.com | udp |
| US | 69.48.216.12:443 | www.ubereats.com | tcp |
| US | 69.48.216.12:443 | www.ubereats.com | tcp |
| US | 8.8.8.8:53 | clickserve.dartsearch.net | udp |
| GB | 142.250.179.238:443 | clickserve.dartsearch.net | tcp |
| US | 69.48.216.12:443 | www.ubereats.com | udp |
| US | 8.8.8.8:53 | d3i4yxtzktqr9n.cloudfront.net | udp |
| GB | 3.162.19.71:443 | d3i4yxtzktqr9n.cloudfront.net | tcp |
| GB | 3.162.19.71:443 | d3i4yxtzktqr9n.cloudfront.net | tcp |
| GB | 3.162.19.71:443 | d3i4yxtzktqr9n.cloudfront.net | tcp |
| GB | 3.162.19.71:443 | d3i4yxtzktqr9n.cloudfront.net | tcp |
| GB | 3.162.19.71:443 | d3i4yxtzktqr9n.cloudfront.net | tcp |
| GB | 3.162.19.71:443 | d3i4yxtzktqr9n.cloudfront.net | tcp |
| GB | 3.162.19.71:443 | d3i4yxtzktqr9n.cloudfront.net | tcp |
| GB | 3.162.19.71:443 | d3i4yxtzktqr9n.cloudfront.net | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 225.88.219.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.216.48.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.19.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.81.224.13.in-addr.arpa | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 69.48.216.12:443 | www.ubereats.com | udp |
| US | 8.8.8.8:53 | 89.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | auth.uber.com | udp |
| US | 34.98.127.226:443 | auth.uber.com | tcp |
| US | 34.98.127.226:443 | auth.uber.com | udp |
| US | 8.8.8.8:53 | 226.127.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 34.98.127.226:443 | auth.uber.com | udp |
| US | 8.8.8.8:53 | www.cdn-net.com | udp |
| GB | 13.224.81.19:443 | www.cdn-net.com | tcp |
| US | 8.8.8.8:53 | uber-api.arkoselabs.com | udp |
| US | 172.64.154.86:443 | uber-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | appleid.cdn-apple.com | udp |
| BE | 104.68.84.171:443 | appleid.cdn-apple.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 86.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.84.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | six.cdn-net.com | udp |
| US | 35.190.2.11:443 | six.cdn-net.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | stun.cdn-net.com | udp |
| IE | 52.208.80.187:3478 | stun.cdn-net.com | udp |
| US | 8.8.8.8:53 | 11.2.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.80.208.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cn-geo1.uber.com | udp |
| US | 35.227.224.91:443 | cn-geo1.uber.com | tcp |
| US | 35.227.224.91:443 | cn-geo1.uber.com | udp |
| US | 8.8.8.8:53 | 91.224.227.35.in-addr.arpa | udp |
Files
\??\pipe\crashpad_4804_OVIZBBZTHSGRNBAF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 58390175b28216ef7e7aa3e4eb0959be |
| SHA1 | fb609ed7069e9c0138cd6eea17a3758bfa24d159 |
| SHA256 | c9d859a497d49c84c2d2a04e54707a5cc60e2031f921ad6c6309e43584ab6743 |
| SHA512 | 008d77ccd4e0acdbdedd0eb757c140f92d3831df702b198cab4c6d278a0773b9240250432aa2c94c7ad395e57200e721692b265cad31de5bb0b96e64d0a75cc4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9c6cb23a217dae07a81bbb34759c5845 |
| SHA1 | 263ace15f73e4179fafab15d6b0bd9f9e570baa0 |
| SHA256 | c1c463b9b12d98842f9186d1a89a95bd29f597ede4440ca4f72900bafbf2076f |
| SHA512 | 0303417d97712fa3fd4b14a16ee7d1267e687f7c92a22710d40d4d1a642884db9840eea1830f1aacda619d712f8734f97b8f88d7e743bf4227ac3d20ee57d1ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 433e468198c251f72314e1d31208ad73 |
| SHA1 | a59da392449af36e78d0c2540288067396d2e231 |
| SHA256 | 3b0ba00875970be550679c077a3ccf67410f92b197ae0be9db6ff1f2102d582c |
| SHA512 | f256e1e5fc0f432ea4e8e215cf9ef448c1fe94c94ef86339d4d30fc6bab93fd8cfccea68218045bbb646dc43e258b47d12111918f2181bab7da5101a65a97e2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 934cbda1a613e8b9a9ea0d14637c3d72 |
| SHA1 | c95aed07151a3d7096cb0bedd1333a8ef21290e4 |
| SHA256 | 89b6a172df796b88fbf43b7ef88229cd78233e2191569a6929a1b4a1d4ce35d4 |
| SHA512 | db56c764c376cf823e4d5f79138a806d0cca6d27abc0ba98e3f1a805ccb6a4d2cd1671ff04f6d09bae76fa6a0dbf138a6ce8731a3a59c4e40caade278784a22d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ba2cac175539b623eb113a65db9b73ed |
| SHA1 | 648fed816814d136e7ee581c99e7a2550f22b656 |
| SHA256 | c175021ef1a5836234fe3b1ce8961bb1c13a44581b8f537caa403d38c972f4c2 |
| SHA512 | 8b49c986df5104543ca27d35a4be01df1849e7a0a25e61d1796bc81b47eb1c19ee40648fdc9e41d2d3786788e1d94d3995d5e4ed1e4f2d4b3dd9751256186175 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d8bef8f06a1bada1fd8c3412da2d57ca |
| SHA1 | ba26406bcc37fe1ebb603cb8e4b20fdd674288dc |
| SHA256 | cc997100b8b2d61a3e1651a841caef921200e28be6df5df5df734526dc4109d1 |
| SHA512 | b0ffd5935cc78996732ce896446d0cf0d61d53735e607eebca98515baaaa140c4adf4518f3cc22b116cac29217d10701d984ed1b26232c4bc8cd3ed6c66a796b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1c06cba9b1677cb051c836fb4fabb830 |
| SHA1 | 1b9b1bff0b52252b84c0b8fa1737cd1ad7150408 |
| SHA256 | c7f8e2be1058ef2245dbfe949a323624a8ae7516bbb1dc7d28ac62e3ccac10a7 |
| SHA512 | d16088b2d8b3ba21b549a8dbe5aa2371b44397a88d24bc392167df1ec39966b7cb8ff225a043cf2ddd8c16942f9e02c108fd24124d755e82383623e9afc2329f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1676301b24c94059e7e8c5672e29d9a4 |
| SHA1 | 25de1fd06b402e09d97cfee76560fd0319bfb859 |
| SHA256 | 103766ad94a5dfeaf27824413b1263ea4c4dc92b5da5ceeacb9329f765df8aa5 |
| SHA512 | 79ac3f40b71867d6e838792cbce1fd8591fef639b259b21ef2941be9ba306f8e1edd65d5fbeb9bef772e28755a96d95594d6cf684829e9e3a4da76b21e83ab32 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f8fab9ed8a90a5edc1de498dab08f4ea |
| SHA1 | 6fa4e14d3a31f0e0a4a7211f24fb75d321ee3151 |
| SHA256 | ac9abfd16d5075c200d270b6babb3ece18ba943893de175c7a86f4105495db24 |
| SHA512 | d7c034911eb159a4903067083b70a2d392c375ccfe6fbc58528a45d37dccdb3886191b758078919202a822ffd58392773234c284dc5b75e9f9b842efa396d4a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 00e5e55f1b741c70a47acac89e4d7ba7 |
| SHA1 | 5506821d8dcefdc3e997905dac9accc6b8ab0098 |
| SHA256 | a7b618beb0d9f78197cbb81e31ed32b3625756dc477109a1ee3ef0564dcf2248 |
| SHA512 | 1180c83cc0cfb57ef0fba8c845a7382f61213b2e216f11ec0b18f915536c5845c644318cc878ec75875f5b164fb446b340f12224152be21b590f97f1ca880f7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 12e29fb4475035793cffac8cf0315640 |
| SHA1 | bdacf6cd17f4e0192d321a1a346853fa7a5cc04a |
| SHA256 | 1e702a6de1600f0bcb0dd434bde917b777fd8ac1d51e6e7dc50616e5739291f8 |
| SHA512 | 683ae82c5f3fc9566ece9d07f7d7dd3b7c057622c912ca7bc9c7a08cd31d1a1e857f486af3ad70b29e6011dffa997f4190d4993bf144ff5fa6a24e3f71dc2c06 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
| MD5 | bd93f85c1fac021d73c431694e26bec9 |
| SHA1 | 77d4de1454c44dfd1c0d8fc6f0616874c095bd51 |
| SHA256 | 15a9458a94c65792f3bc4a546c1f0e596f7ef6d17dac951df4c17291e35a1096 |
| SHA512 | 5ba3f5c3533a284db4f7d7634d705749ecbc2517e3e85e251d7e7968cd102e18ceabe84093d34c970fff82098ab984206bb4ab9c5906dde0139bfe126e9e0492 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
| MD5 | 6ab151a953eba3e747ecc12ecf321cf3 |
| SHA1 | d0513d018a0f38525b2183cdcad123852172e5aa |
| SHA256 | 7d87f1ce033c5df583ccef815541d41f435b150daf2cdf50861afd0bc526e5dd |
| SHA512 | 2ca894a5fba86c4d3b1fa48919e168450d654f70740c72009600c7fc3a653f18f37120ef71703a49f0d49a53410c5a4012bf656d59aed5e5d85546423d193e87 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 06123922d00211324e6d8a1911e05ac0 |
| SHA1 | 2da1b2a15077cedb21182bc38f2ac8e29b044ae5 |
| SHA256 | 6f86623ff931a41433971c6d7861d6dd0fc0f94461d6b5cc45787739a3aed4c5 |
| SHA512 | cb23eff3ec033c18f4d1bf6b1094f41414c1bb752e9ced9f608a3459be2dafda5e5f91348d1a76cc65456fcc355482ae85179d9c0b337c9f908ff2adeb127e82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c3fe0d5f33024f28a9eb260da2c1a1e4 |
| SHA1 | 12568e848ea455e984b4b458d6b06af8154579fa |
| SHA256 | 63ec98b00e383000264cf5e77568abc59c2156f49528d9813f6883ef70fcf7fe |
| SHA512 | 171d473579eec6f2aef829561b46dbb2ea4ba83504d7083d3f9cade6ea838c232134cd7d4e86f95189f37a2c59dd62a5d64eda0b09c74edc8b7d9ae403257709 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 40612061fcefad60804313b9a9cc60d7 |
| SHA1 | be58641a0cccedba1276e176a365111a158233ec |
| SHA256 | a8c7310139114f5b7437857427dedb3db8439db5cf98d933258f0d9c17bf61e2 |
| SHA512 | 85a218ffcc59db79a48ad7241484af2a4c13d9b39668f796bd40371ff0a1441b9b8e6a6392b16e9bc3eca26956a17adf738a2d6275a10a96784b73cb939d1182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 19e56d645cea265b9b38e670b1b731f2 |
| SHA1 | 0e5a71ee415edc0cfb3ea8a7893a333028c25ccc |
| SHA256 | 3dff1a9c9c078b255e7f9d8bb41f82b8c8fe2995aa0102350a76e655504d8803 |
| SHA512 | b5ff383ed0f23950cbdc165460e091f7100fcb1ee1936244fa500df79ab554e0ef344a99284d8472d4b3a1dfbc07200a9b06c5bee98f9cb13a0dedf709918a41 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7e24fb847c903931045a05def256279c |
| SHA1 | c7e561cc9b401413a36f55d2e11ee7a3a09c475f |
| SHA256 | 9cdeae0835850281304d7f06c1974c04ab68ad676e3433e04c0d8e5c6457e66d |
| SHA512 | 21318b287cdcbe6cdc6baa066cdcd73a34e207d2c010a421444ef85a764e57c05956a9dab2215113c6e6b887a377e282933bea9b1052a06d1c8544b9ac8a5655 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0768a94e8b6fe17397237c7333b11718 |
| SHA1 | 1c73d1502a3a173fcb7331005d6f6425e13cd6fe |
| SHA256 | ae4483b4bc28246241fc41ee40eb6b33529afa7d5d7074b4d1d8505387ac1030 |
| SHA512 | 2b0b7e665751f31eb5a5677d9628e00500710030cc56a1c7147eeee2055c966656a86967249e3435d85d92dab4730fae2d1dbbf2300827cce27ad8081d848030 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 23f285137be66efcb20eac17e99a27e9 |
| SHA1 | 39b8bd98c10394a76e4a19d321106602ae157a98 |
| SHA256 | 73b2077e9855ee526c0be891f0230c98d414ab279038dc4ff7628ae893eb74f9 |
| SHA512 | fb3450d11125038848eede13ba82c1e2a0ffb739a82f53bfc88061ef22f0c21911ee9c3f3ec8ea75f09e4e739a255d2424c220767a1f0cc433fccd15eddb7ece |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d135c705b0abcd6aece376669a5243bb |
| SHA1 | 5e4c4285e91f923a4f2fa9caa89df5ac66443f28 |
| SHA256 | 402e1a0cd7eedda0619b3d39ab0d1af472167a33f620c54ef25641b4bcc6d593 |
| SHA512 | 8857d0d2d314b531979f6325bbcab2a4f1a6d4adeae3c4e996d71380ffa1e08d118037d0dd5491dc71d36d0f016a3a70147dbb870ee32e70e0a08ee85624b4a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c58e08c64284c0218d59cbdb3e4d1fb6 |
| SHA1 | 7db1e9466e0c060cecf2f01666e9dd22a4e29442 |
| SHA256 | c0b785bb665c5b874baa1f89967a9c4a4b6c840cdc398656e3222b6225717624 |
| SHA512 | 6659bf14f69d7d5bd4f5fef6d3cbe157d57275bb1666822ec332b63c0eb9234b809e19b71ca82386e60456d97b173a60134eb6d1c3b9548c231247ab324c301e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d2337fbb98a40f9b37e7324e24feb496 |
| SHA1 | 6cd1cf273f8d712fb503a8934ad2c4f7eac5cfc0 |
| SHA256 | 9d87b813ad64f8864d0b8a8e1efde4af6db6603b192e8a0040b429947b220f16 |
| SHA512 | 1da49b35c3c7126ba4c8d1f005ce555a610ca78e6f3abc9ab0840328313ea5387e4b4a36e862d81df164267b222b6e0509c54ef1fc740103915c0aa306812768 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 36da1b3d1114cc38dcc6a6be89d9da16 |
| SHA1 | 5d8cabb527e29f9dadcc2c0984eac8f03efa6861 |
| SHA256 | 628ea9671527d6df6083fb933a558abe411e1bc77524327b7b17ec2eb27a2ceb |
| SHA512 | 08b60783f63e5994edf9eb2a93b4a70268f91099770e1997d5a9edd5b1f1b2989df3c28e98cb273a4330e2fb31e26d3c8d81224fa8e6b2ba2b12424d7ccaf89a |
C:\Users\Admin\AppData\Roaming\Mailbird\Mailbird 3.0.10\install\decoder.dll
| MD5 | bc00325b004cf04b852429f5b9e71ce0 |
| SHA1 | 3584b23ae9f7e82be20a223afa15d7696449a60e |
| SHA256 | 23131f8af5f06ddf022cea7456430a41368f747f1eec276d93c872019b909456 |
| SHA512 | 809a907a5633615cb142c3c003fd0dc713137aa86b167b5b2263cfd021f15ea7cdae5fa441e861b86559626b0b78e9225b833c6a9fb23651736b076afe906847 |
C:\Users\Admin\AppData\Roaming\Mailbird\Mailbird 3.0.10\install\85AA9C5\MailbirdSetup.x64.msi
| MD5 | 52862f107d64ef527f9eaf7f87bf19a9 |
| SHA1 | 3981d5bfdcf677268e66938c129456dcf29fc8db |
| SHA256 | 50adce6121c471324db221241cd36459502646838aee4b64d73230de2d7f5ebf |
| SHA512 | 27b6770a59ca53893777100ba13c2b81a6456c8fc8de21658174ba23fb1254b20dfd3bc945b3820c822c1efdd0d37c587a044e8bba97bcd5529acd8f211987f5 |
C:\Users\Admin\AppData\Local\Temp\MSIE75B.tmp
| MD5 | 8259dc74965f3c8e91d152862580a773 |
| SHA1 | d2d029f9f9be25be3c5526c5a52449c034c673e1 |
| SHA256 | 84f8a39d32775639bb3f8875b8e871e0e2344f2a96c52ab6660e65d5c33fd7f9 |
| SHA512 | 50903688a44609700a84bfb18859b038ebb9ea69d142b1fc23d7bc639879e8be469dab23de777bba8265eb4da8ca7614747f2559034339061236ea7e2b5fd6d0 |
C:\Users\Admin\AppData\Local\Temp\AI_EXTUI_BIN_4652\DialogBitmap.png
| MD5 | 2b864b97bf95c506809e907e249986da |
| SHA1 | a2c4f5c3033432e58ea818d72e44565b6d9e65c8 |
| SHA256 | 24ff6e3460b042637b7127043db2763b2c4f801b85e6aa4eea264a8e4d154f46 |
| SHA512 | 4ba23ee3f17b96dda9401809d011cfa6085778b0e6c491ed20f70abf792514f32ccb6a2f2a9d9b66216f46ebb95fc4deb28174c72925783434a440a6b1950785 |
C:\Users\Admin\AppData\Local\Temp\MSIE9B1.tmp
| MD5 | 8ecff5e8777908818edd94721ddc349d |
| SHA1 | a3ffcfcffae1b44261c1b1a64917ac898c40b9e2 |
| SHA256 | 1c450659c7681df9df21b20412c9647e7e8e5bf0f2945c48b1ab51f330f2516b |
| SHA512 | 8418049fe52dcf6e294cf58d200b7a7d8e704ba592b3f59243c4c5a4d661c60f8db97540badd9a1718547a0047b39316ec7917c43ddcb8a71bebad49e7baaf08 |
C:\Users\Admin\AppData\Local\Temp\AI_EXTUI_BIN_4652\BannerBitmap.png
| MD5 | 01310d590f6f030f399ba5ccfdd79e27 |
| SHA1 | 30fa70484e3ba7001f798702b93c9bccf89ce87d |
| SHA256 | 26f43034d063c8044b21ce8059ff6acfba2e9b6a8735f5e919105ace5afab2a3 |
| SHA512 | 7d252c0210bf2636386f7a870601851d0cde6db94c30527baefd2f367b435ee29e24e74b19ca6623cb71f6cb7a91951ce201b09c9e0d3aea86c2fbebd70ac92f |
C:\Users\Admin\AppData\Local\Temp\MSIE43C.LOG
| MD5 | 62a466dc69407f0024b58721b3484840 |
| SHA1 | 2b549b5eae98347813d79d8e7e3e026e936790bd |
| SHA256 | dc5fb11b553d66a35facbedb9a884305a428e789eff7da46779fee65d5a05bf5 |
| SHA512 | f651d51cc4539945d8d03b717c15570fdad2473eb2c5506e5dce2409002dc9a5ec7c232f30afa445d2297c0babd951860452285237a02fba5e2b72433d2c98cd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\03B6193231D6872FDA0CFE8EF2B47341_BAB6E26FC25F72AD91D8C5BBCC4F8365
| MD5 | bd37e98a49d7c2b5fc0ac27b7b515ad5 |
| SHA1 | 21291a8f0bc4468a7bf37232d552ffe0e1a6ec80 |
| SHA256 | f8cb1843f617534326cbcf1f039744d4b620ae6b1c87077b30e1d7a82d115ee5 |
| SHA512 | a5e3f81149d9c957e93c70559c8918cc462eafcefefb9d0a03248574f0e0e0842d5349f089ecc36d6ea747fe549673c5fb4e88c981c5a91e985f6842f488f80a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\03B6193231D6872FDA0CFE8EF2B47341_BAB6E26FC25F72AD91D8C5BBCC4F8365
| MD5 | d8264e11626beacefd7d34f47721634a |
| SHA1 | fbe3f1816d428df94a41a3824e52a26847d9fe9a |
| SHA256 | d498d0f2802493248e5d8fd4edd323d156af4d684b5ab43ae9c1d8341586d8fd |
| SHA512 | 822897211531ab29d6f841dd7cc370010f50e8564afe5b585785ea93beef378a822a301534193cd0f94cea456fcf2f2dfa82e7252af020cac79b91b5bc7c3dd8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_B60E2B15CE7688A988CAACF7F569B2DE
| MD5 | cb3de335c31a3c7558742a4b060d01d6 |
| SHA1 | 54a9e9fa00c65582f10add21c552e2841096ad72 |
| SHA256 | 80823b827a748f66ac695a1c77112429b46bc2da07362e48aa545bf06c72cc0c |
| SHA512 | d867c9ce482614abc3fdf1a7bc3b01b9bbecac6345c8add663ab419bd7ba75b38d10f715ac619bdb8947fa5639eac61743ac07d386e295254b94cb921cb4ac43 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_B60E2B15CE7688A988CAACF7F569B2DE
| MD5 | af5eb067bc258257cbd7833b468269ae |
| SHA1 | 9ff131ac3a4524fb3e86f32cb9dd1c08dcf0a5d8 |
| SHA256 | 4370d549f24d7c8e38fd7720ae2610d0ce235fcd666b35721ae2b64ab61076c4 |
| SHA512 | 3c5848f987d1b3d6222a6888981ee94d996d17f8a81d474ea5df1597085aad0d76ed8a1a412b7852ea2757c24a54a6a2244f6090ace18d6babca7741b8d759fa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB
| MD5 | d190fb454568a217de72a718d2b6f945 |
| SHA1 | 9bc15378a293032d990f44a2cc47913f57d22dfb |
| SHA256 | c3082d52dac402dba2000b4ec3f94baa6ac0b92cc9ec0165e25000effa5e2464 |
| SHA512 | 9350839b154854f3535333f55c67d14c6aeb60ba4e4f1871e0931ffc63ddd1751df75aba99bfa8f8abf1f6fe9dba93cfb9d07543760d9a7fefff03067bd36518 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB
| MD5 | 2db0f0d86863ee0c5aae2875bff0ef67 |
| SHA1 | 5b2129fa746bcdf36d1988c4d6d0c5f6affe7abc |
| SHA256 | f7f70f7ddd0276305d34c5d6e736724f86ed36166ddba663445b458423ded503 |
| SHA512 | 8a990507f01fe4c046320275ab85189cac0766393b761b82b6eeafdcad437798176fc3421c2a6e1dd1cd463d4627badef30ed65f0b2fdd40b18b1c421c248ee0 |
C:\Users\Admin\AppData\Local\Temp\shi63B.tmp
| MD5 | 77d6c08c6448071b47f02b41fa18ed37 |
| SHA1 | e7fdb62abdb6d4131c00398f92bc72a3b9b34668 |
| SHA256 | 047e2df9ccf0ce298508ee7f0db0abcb2ff9cff9916b6e8a1fbd806b7a9d064b |
| SHA512 | e1aeb8e8b441d755a119f45a465ca5660678f4131984322252bfb6d2cec52e7ee54d65a64b98429b23915eb5707b04b5cd62a85446c60de8842314130a926dbd |
C:\Users\Admin\AppData\Local\Temp\MSIE43C.LOG
| MD5 | a7198c48d621d120f8dbd4e8a42507a2 |
| SHA1 | 822b55d123b3c5c0e4f184bcd88c3102a6a2ce25 |
| SHA256 | c5c86c4cbd471e036d54d5ccab02c1f97f7b54a1a07a21af1736b73cfd64fb8f |
| SHA512 | 8c68022cb37b31887d3ac154e88becc5dddb7fe3ee7dd626ac32b20c69f5ed5c418360b2e21c484ab91ad71b883069a04578b6ed710f32d553873ee74a71a46c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f58b3f98a80a08216094be0950730424 |
| SHA1 | fea4d432cc65d790869fd2f32fac4586ec032580 |
| SHA256 | 77d9e01b3ff4e685937a34bc22ee51b38951e62019e5b8cb56ce8dda83bdb01f |
| SHA512 | 2e346cf0a0b3c8e28ee50a3dde5564eb0cc6d7705da52588ea3259d632724614a1c892230c5e4996e08fe51864c44bffd7ced702078d725c13d15b2277ae7549 |
C:\Users\Admin\AppData\Local\Temp\shi39DE.tmp
| MD5 | 6e34fc4a713c3fbd88e47ac188d2540d |
| SHA1 | 1877a17da406d147566168c56aac1eb576782b37 |
| SHA256 | d8faf8ebf360ed0b3b1a43877a04863f7e044b3d19b641d88737e0829d683b36 |
| SHA512 | 848a1d9602210d7da0f6e4d7817af08dc02baac7eccf1cfaadaf3a24b55e1316e77c40672a6a1195797e525f448817e534ae200e99cdf548ee64a7996fbcec4f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6be0eadf574f52eef32c53e92da91397 |
| SHA1 | 52264e72a0b43e5c41bc832059ed0869e707c022 |
| SHA256 | 86f8d9946a30220325c8b520c2f52984f21982e40a012e1d7fdd6ef85cf5bed2 |
| SHA512 | d79652a927d0acf6de8858a7020baed935def05a329cb852bfcd8bfde99792819dedaeb4bd3c8516328c823684796ac729317296dced78a56c3d960ce9d6c4a2 |
C:\Windows\Installer\MSI69A2.tmp
| MD5 | 752b1dafa9e6a7978d6dd35828d51050 |
| SHA1 | 9145932d7b771ed839e2c805f8703b5310a176b0 |
| SHA256 | 8608b0858e85369fa8b95dce6b3b505f0bdbe3e14ea378c0db1a627a4ab41458 |
| SHA512 | 102991b9b61fb618dd646291f642c166479cf88f9e7e519aac2770979bac1bd526213e4ed07a650a87f368a6032c078cc37af9d4bb9534db5ed5578c621e14e6 |
C:\Program Files\Mailbird\Migrator.Framework.dll.config
| MD5 | 3b309755187e45054c52d95619776307 |
| SHA1 | 006a44bf6f8023591169a46539d76d3f2c9a756d |
| SHA256 | e71b12294adc8f32f9208baf88a62357562b336b2fb00b8895a8a593bbfcd275 |
| SHA512 | 4340d738f9c97c68c31abf2e1d5b977748f32749d030e358822a69307dcb273a7c8e7ef217dc12bed2e81402dd05ab5439d7fe50d79f05f58ab7811e66c26b23 |
C:\Windows\Installer\MSI734B.tmp
| MD5 | 4d2f7fca24c7674f8586c44cc6605511 |
| SHA1 | 9b1d31d77cb4865bbd045c5bf3caa3173ccaa996 |
| SHA256 | 81238901271d0d96e4ec082f201c744a66f456114c19effa12fddd6ad6d9f558 |
| SHA512 | 2a68f19fc34f3edeace8ce1ec29f13b1f29dd2dcd974d6b9c19bc5596af55893ec4a27f7761451e86410962dcd76592436aa8c93514e92a4707ce8ed465e09c2 |
C:\Config.Msi\e5a378d.rbs
| MD5 | 07b2399fc2b5cb6b87776f378d7c6ef4 |
| SHA1 | 6bbf5e5ffd49fd4352377be1e5589ae9cf78deae |
| SHA256 | d6bbe92c8d9b33b21e5a1b3824498d33e86537a1f77fefb7c16b010cfb88d7b0 |
| SHA512 | 347a49c87c7b03d1688ba4f3a00a561019c01b8c8177049ab64d6507fbe72093c3ec3b0c750d91f30d3b0487e46c1c96bcd5d6be8ccd9169e9005b2e46b477d2 |
C:\Windows\Installer\MSI75DE.tmp
| MD5 | a99aa38782f1392091ac7c58d29bde42 |
| SHA1 | 6ca5c6b5d725c221e6bb8a3cfc229f1f4130fea4 |
| SHA256 | 0d34c2a0518f6adc17ee78e1bbb7f42bf432f0378f39e402d684232d039e13d0 |
| SHA512 | f4834c946076a705df60f56bf9c03c9dc45bc61dad68164f7ead6c659cd5d73c96deb526212ae0000aef0d7536e5b720b768ee8c5d874241da3ce02fbea468a0 |
memory/3228-1266-0x0000029434530000-0x0000029436E8A000-memory.dmp
memory/3228-1293-0x00000294516D0000-0x000002945194E000-memory.dmp
memory/3228-1294-0x0000029451950000-0x0000029451AB0000-memory.dmp
memory/3228-1295-0x0000029451450000-0x00000294514B8000-memory.dmp
memory/3228-1296-0x00000294372C0000-0x00000294372FE000-memory.dmp
memory/3228-1297-0x0000029437280000-0x0000029437298000-memory.dmp
memory/3228-1299-0x0000029438BF0000-0x0000029438C1A000-memory.dmp
memory/3228-1298-0x0000029437270000-0x000002943727E000-memory.dmp
memory/3228-1300-0x00000294514C0000-0x00000294514F4000-memory.dmp
memory/3228-1301-0x0000029451AB0000-0x0000029451BBC000-memory.dmp
memory/3228-1304-0x0000029452070000-0x00000294523BA000-memory.dmp
memory/3228-1303-0x0000029451BC0000-0x0000029451D20000-memory.dmp
memory/3228-1305-0x0000029451590000-0x0000029451620000-memory.dmp
memory/3228-1306-0x0000029451620000-0x000002945167E000-memory.dmp
memory/3228-1307-0x0000029451F20000-0x0000029451F9E000-memory.dmp
memory/3228-1308-0x00000294524B0000-0x0000029452522000-memory.dmp
memory/3228-1311-0x00000294525A0000-0x0000029452616000-memory.dmp
memory/3228-1314-0x00000294527E0000-0x0000029452856000-memory.dmp
memory/3228-1315-0x0000029451570000-0x000002945157A000-memory.dmp
memory/3228-1316-0x0000029451580000-0x000002945158A000-memory.dmp
memory/3228-1317-0x0000029452040000-0x0000029452048000-memory.dmp
memory/3228-1318-0x0000029452760000-0x00000294527BA000-memory.dmp
memory/3228-1320-0x0000029451680000-0x0000029451688000-memory.dmp
memory/3228-1319-0x0000029452010000-0x0000029452036000-memory.dmp
memory/3228-1322-0x00000294516B0000-0x00000294516C4000-memory.dmp
memory/3228-1323-0x00000294516A0000-0x00000294516A8000-memory.dmp
memory/3228-1325-0x0000029451690000-0x000002945169C000-memory.dmp
memory/3228-1327-0x0000029452050000-0x000002945205A000-memory.dmp
memory/3228-1328-0x0000029452860000-0x000002945289C000-memory.dmp
memory/3228-1330-0x0000029452550000-0x0000029452562000-memory.dmp
C:\Users\Admin\AppData\Local\Mailbird\Misc\Sentry\FD5F450BADA113E3C36A62B1C198B2CC99EDCACD\1714766018_1296__45653674.envelope
| MD5 | 468a4ee8bfd10cf9a9f513d8533f131d |
| SHA1 | 52e21edf89fe82272885f847fbf40208b129572d |
| SHA256 | da11b086a0e323eebed7fb02a6e5bc80e3a439a19814cf55bd54582b122670cf |
| SHA512 | 2893cc7d13943d7e4f3b1a5d5b26ae847c11ffeb807c61b68275930a7ab2be21007dcd44da4dacafa94beba1960395febc4e4a65c2ba2076043f0eef375db691 |
memory/3228-1336-0x0000029452570000-0x000002945258E000-memory.dmp
memory/3228-1338-0x00000294529A0000-0x00000294529F0000-memory.dmp
memory/3228-1337-0x00000294528E0000-0x0000029452908000-memory.dmp
memory/3228-1339-0x0000029452B00000-0x0000029452C0A000-memory.dmp
C:\Users\Admin\AppData\Local\Mailbird\Mailbird.config
| MD5 | ace75dc8af45d719cd180a8a4e5209b1 |
| SHA1 | 985e61564e319bfdb131e6a9ce9085dc5e2e6782 |
| SHA256 | a296fb6bebd2da6a0d6afb65dba2158d5359fe32b2533dd8b14bae8d01eb3de0 |
| SHA512 | 3c4d96e87b826b1e147e460fcfb8f2135a512cc421789d8cba44c3a70d2ba4901f44c26d4a7e9ebe28e7c8cb621922c1d704a070fae4a1751a3ac4973c37185c |
memory/3228-1342-0x0000029452060000-0x000002945206A000-memory.dmp
memory/3228-1345-0x0000029452CC0000-0x0000029452D70000-memory.dmp
memory/3228-1348-0x0000029452910000-0x0000029452932000-memory.dmp
memory/3228-1350-0x0000029452530000-0x000002945253E000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 850f27f857369bf7fe83c613d2ec35cb |
| SHA1 | 7677a061c6fd2a030b44841bfb32da0abc1dbefb |
| SHA256 | a7db700e067222e55e323a9ffc71a92f59829e81021e2607cec0d2ec6faf602a |
| SHA512 | 7b1efa002b7a1a23973bff0618fb4a82cd0c5193df55cd960c7516caa63509587fd8b36f3aea6db01ece368065865af6472365b820fadce720b64b561ab5f401 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 62c02dda2bf22d702a9b3a1c547c5f6a |
| SHA1 | 8f42966df96bd2e8c1f6b31b37c9a19beb6394d6 |
| SHA256 | cb8a0964605551ed5a0668c08ab888044bbd845c9225ffee5a28e0b847ede62b |
| SHA512 | a7ce2c0946382188e1d8480cfb096b29bd0dcb260ccdc74167cc351160a1884d04d57a2517eb700b3eef30eaf4a01bfbf31858365b1e624d4b0960ffd0032fa9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9d578dfe5d855013c41ff08750a84c58 |
| SHA1 | ee82505d9b49782baa49479a2d168b72bca0c910 |
| SHA256 | c13ca5465e3f041bcec281dc941f3340333e2d31d77bfd1b6c711814c116f28f |
| SHA512 | 9446dacac5bcb89f89e27c0870eec05e9dc8fb3201f1b5b05086eb8901ec11629910aae7850a02f13e339d8232e5e1942c1072377ba5cbd834ba70be3922ca2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b20b5ea03e10632b4ee2bb4666a98fdc |
| SHA1 | 769c6770456f0124171b6c9088aa7e35aa1a7f79 |
| SHA256 | 315359e6108ae1cee66b10591b9024c5350ddd8349f1651222cb93a716dbf2ea |
| SHA512 | 5aa39c4a923c416d47a21eb3db769fe2fa618c16710a317d3708ae1251a2afa1157b0831abfbcca7f52413e11f4e1846dc52f07afd368f8284b4fae16eb5cca1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | 015c126a3520c9a8f6a27979d0266e96 |
| SHA1 | 2acf956561d44434a6d84204670cf849d3215d5f |
| SHA256 | 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa |
| SHA512 | 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 8d63e5128e76248bcdcf190fb3ba428d |
| SHA1 | b2ef9d7d400d006f3e726daf7c30eb2f76030fa4 |
| SHA256 | e6c17125d778eda3b255fb7f25dfb76f63effe7682dd64d7d18f66631a3d5d44 |
| SHA512 | ba2003b93e02c0f6072d4f9ea33ba27bad31e3683e1149570ac07042f544e4bf7279731384c4a2872ccf69d20fa93bd4c5cbfc8805ea26d52595227027b4ac24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 27389edcd135c48ef7c1b62d62750d67 |
| SHA1 | 0d5ff5fb84cff8f5cd3f9e65119fda85e6f0e6be |
| SHA256 | cb6eafd70f73866b541ad4924f7192a5cde0f7f1129af1bb1c28b33a7356b1d5 |
| SHA512 | b38418ee981b986fb38d1b84eb30e5b64d2c37c07508381f8bfe63bc78629a3a04a48f3fb936c5b0183b2b3dd4d4b218fc87180dc2887693a74d39134f50ca6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7e9c8f253aec738c186a0ba7e0b7cfe0 |
| SHA1 | b0de7b5cba6318ec755be317e0deda9d60ac8266 |
| SHA256 | 29b87cb10e07ce9a1bab9b40512610da39c7752630119204e360d03f5d07a9e6 |
| SHA512 | 6f27cd0ceef205d5da0a977e50bd9aeae9a416b452da69104c02d651b3337ea5607870d708ff4ed3cad2c6bcf6b53302bcc72318b672afbf0f6ce1217f0630e9 |
memory/3228-1448-0x00000294539A0000-0x00000294539BE000-memory.dmp
memory/3228-1450-0x0000029453930000-0x0000029453948000-memory.dmp
C:\Users\Admin\AppData\Local\Mailbird\Misc\Sentry\FD5F450BADA113E3C36A62B1C198B2CC99EDCACD\1714766034_-454__45653674.envelope
| MD5 | 5d4d42fbcffff3a24d4c52a958fc9545 |
| SHA1 | 9095ac33d8535d69039f3399ee35bdb1e917cfbf |
| SHA256 | 04adf35620706f7fc7ca6d28e17557c278185a70c993b036d7a89f7bd8b2f565 |
| SHA512 | 4a885e88a353834c8f44c9e5da22f36e5b85f51c6315747c913a013ed0e06653470904f141a03f8e5075c6fe29dde1988072a3d38c4158818de03cf2a2bff153 |
memory/4504-1468-0x0000020F496F0000-0x0000020F49740000-memory.dmp
C:\Users\Admin\AppData\Local\Mailbird\Misc\Sentry\FD5F450BADA113E3C36A62B1C198B2CC99EDCACD\__processing\1714766034_3852__41149443.envelope
| MD5 | 7f51c1f7f444f46fc1576d64c17fbd9c |
| SHA1 | d7bd30b7099c6ab46d450cbd9e79a68c302f9cf7 |
| SHA256 | 515ae5045aa7d5216f75499b7d356731a50284866f5ad0803d281acc86849db1 |
| SHA512 | fc1d1745e744b88bf3beaa83dea1eaf5b3740c7899bb0d180565c02091d2397c58be5053e5eb7bf2311ad73e7feadb7ad45b00fdb45d1b12158b22b0aae3297d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 360f49bc7c554c78ddeb4b344fc2a32e |
| SHA1 | 9d5709d521df4d125f47de3c13c2f70df6c4a271 |
| SHA256 | 8fc1a5b5a4cff059058e4536b963f712257b7c1e120149ef6dce754aafa284a9 |
| SHA512 | 34ee648eb751ab55296ee443c81bfab7c1341f5b0dd891dd7d6e013f7f166716f1dde2f500929053c92cadb51ec1264d756710bdff16a0b1f1999b0882d84f09 |
memory/4504-1488-0x0000020F49B90000-0x0000020F49BD6000-memory.dmp
memory/4504-1489-0x0000020F48CB0000-0x0000020F48CB8000-memory.dmp
memory/4504-1490-0x0000020F49CA0000-0x0000020F49D5A000-memory.dmp
memory/4504-1491-0x0000020F49320000-0x0000020F49328000-memory.dmp
memory/4504-1492-0x0000020F49B60000-0x0000020F49B7C000-memory.dmp
memory/4504-1494-0x0000020F49C10000-0x0000020F49C22000-memory.dmp
memory/4504-1495-0x0000020F49C60000-0x0000020F49C88000-memory.dmp
memory/4504-1496-0x0000020F49DA0000-0x0000020F49DE0000-memory.dmp
memory/4504-1497-0x0000020F49DE0000-0x0000020F49E04000-memory.dmp
memory/4504-1498-0x0000020F49B50000-0x0000020F49B58000-memory.dmp
memory/4504-1499-0x0000020F4B000000-0x0000020F4B038000-memory.dmp
memory/4504-1500-0x0000020F49C90000-0x0000020F49C9E000-memory.dmp
memory/4504-1501-0x0000020F4B040000-0x0000020F4B062000-memory.dmp
memory/4504-1502-0x0000020F4A790000-0x0000020F4A7A0000-memory.dmp
memory/4504-1503-0x0000020F4B190000-0x0000020F4B2A4000-memory.dmp
memory/4504-1504-0x0000020F4B2B0000-0x0000020F4B466000-memory.dmp
C:\Users\Admin\AppData\Local\Mailbird\Misc\CefCache\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
memory/5532-1510-0x000001EF3E3C0000-0x000001EF3E3C6000-memory.dmp
memory/5532-1511-0x000001EF588C0000-0x000001EF589DF000-memory.dmp
memory/4504-1514-0x0000020F4A640000-0x0000020F4A64A000-memory.dmp
memory/4504-1513-0x0000020F4A610000-0x0000020F4A62A000-memory.dmp
memory/4504-1517-0x0000020F4A6D0000-0x0000020F4A750000-memory.dmp
memory/4504-1518-0x0000020F4D300000-0x0000020F4D34A000-memory.dmp
memory/4504-1519-0x0000020F4D460000-0x0000020F4D564000-memory.dmp
memory/4504-1520-0x0000020F4A600000-0x0000020F4A60E000-memory.dmp
memory/4504-1521-0x0000020F4A690000-0x0000020F4A6C4000-memory.dmp
memory/4504-1516-0x0000020F4A5F0000-0x0000020F4A600000-memory.dmp
memory/4504-1512-0x0000020F4A5E0000-0x0000020F4A5EC000-memory.dmp
memory/4504-1527-0x0000020F4D400000-0x0000020F4D424000-memory.dmp
memory/4504-1530-0x0000020F4D430000-0x0000020F4D444000-memory.dmp
memory/4504-1529-0x0000020F4D370000-0x0000020F4D37C000-memory.dmp
memory/4504-1528-0x0000020F4A750000-0x0000020F4A75A000-memory.dmp
memory/5532-1531-0x000001EF5A120000-0x000001EF5A39E000-memory.dmp
memory/4504-1525-0x0000020F4CD20000-0x0000020F4CD46000-memory.dmp
memory/4504-1524-0x0000020F4D390000-0x0000020F4D3CA000-memory.dmp
memory/4504-1547-0x0000020F4A630000-0x0000020F4A638000-memory.dmp
memory/4504-1548-0x0000020F4E260000-0x0000020F4E2E0000-memory.dmp
memory/4504-1551-0x0000020F50C40000-0x0000020F5359A000-memory.dmp
memory/4504-1552-0x0000020F4E400000-0x0000020F4E516000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6aa1a9fc94c98718.customDestinations-ms
| MD5 | c92002040d3137ea6fb3d0187b681705 |
| SHA1 | 20ebee7964f9bae5a36399433824efc3c8030c5b |
| SHA256 | bef470645222307b907316ae230354412d61815487a439a5e73e2fd9af4483e8 |
| SHA512 | ab0681e1aab11c80b7a51712d65631fa92569dc96447e55c14895f08a1584c49cdffbc4818e2576e58f406fc92ba9e13c533c80e84b77a8ad400973cc31d6ca4 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6aa1a9fc94c98718.customDestinations-ms
| MD5 | e4a1661c2c886ebb688dec494532431c |
| SHA1 | a2ae2a7db83b33dc95396607258f553114c9183c |
| SHA256 | b76875c50ef704dbbf7f02c982445971d1bbd61aebe2e4b28ddc58a1d66317d5 |
| SHA512 | efdcb76fb40482bc94e37eae3701e844bf22c7d74d53aef93ac7b6ae1c1094ba2f853875d2c66a49a7075ea8c69f5a348b786d6ee0fa711669279d04adaac22c |
memory/4504-1566-0x0000020F4D450000-0x0000020F4D458000-memory.dmp
memory/4504-1569-0x0000020F4E570000-0x0000020F4E5B4000-memory.dmp
C:\Users\Admin\AppData\Local\Mailbird\Mailbird.config
| MD5 | f90aeef9eccc618d3c2589ccc9a7a698 |
| SHA1 | 6c5cfcbec6b1a13dba6d00191df37733c035a8fd |
| SHA256 | 2dcdad368c6cee205d4709307a5b4078bb4b3a8cc2cc9cea1543ca455a95ec01 |
| SHA512 | e90cb20fe4302f67cb879daa3195a6a986dc131e7297dffb1a3972adcf113fb365e261eb043e54319d0339d089cb5839683ecd977a7fe014175f342ddc0d0a96 |
memory/4504-1579-0x0000020F50B70000-0x0000020F50D32000-memory.dmp
memory/4504-1580-0x0000020F51270000-0x0000020F51798000-memory.dmp
C:\Users\Admin\AppData\Local\Mailbird\Store\Store.db
| MD5 | 2dc421043d7140e3ba73801f12f0ccec |
| SHA1 | d3bf0c8553b957736e04fc36227b99ee4f9660c1 |
| SHA256 | 41caaf22954f08dcaeb0cfc43cf81e98f6449899c58d3fea2ea81a07dab4def5 |
| SHA512 | 641ed83374e14402b9889ab12b5647a508b5393541ed2a6eae07d07ffcda2184984836219a2eb2727ff20026526ae71caaf88ce09db445b5417d3e6a1e053910 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c977027dac3a4c97b3f53285db079d3c |
| SHA1 | 92211bcc39be58ecaf9cda7760b95ba2db0702ec |
| SHA256 | 8886529a778bcee2d9d1e471c8bd9ad4cdbcf82b3317cb3c0e3e7e722e0bc3fa |
| SHA512 | 6832227bdbb0185be9dbfb66333b28a9aba367c5a59502bf98efd3468d1d56b4b3942950af0ede19033bf748f961f553daf1e253e2baa8254c8c042f35d71dd7 |
memory/1016-1602-0x00000244EA910000-0x00000244EAB8E000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5b07ce5b35841a8a08633209f77cf3b2 |
| SHA1 | 9d6b7d41f7df2fc3eb586b31f6fe21d392321bfb |
| SHA256 | 21765ed13fa8facbcbef045a6ddb1bbf99eeb842d580e196ab3b676cbc73d436 |
| SHA512 | b79f8fc4018f0e49ffab2e52748f781e3286a83073a297226dcd413f8fd37c80477f6773dce2547eca85de93c15f032dd48e6386bee7ea2c18bc682dfee1ef05 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5b0cfd.TMP
| MD5 | a36ec78eb05c2ad9d0c225496a8bf644 |
| SHA1 | 8c0f7daa430937915923ce5f11b2f2d9d9da9fb4 |
| SHA256 | ab425e3f90e38cc3a7f4ad7a17b3d33a2f309b2b399aa6ac5ad3d82dc33ccfdf |
| SHA512 | 493cfde4e42c194186d26189e3ba41543fffbb12651674d273097371f450e0b7ddde4e254bad000874e1e9fc747d5638a99732cdd719a3af982eb60e5215d1eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9e81dd80b9d7ded8fec7a50a027e1b5a |
| SHA1 | 5fd2f5e9734636c9e212df3ca3b423a2c6e3ce71 |
| SHA256 | 62506a77775a69583bfa49699fd3ff6745d57d6eabfa91ea1ec1457b9d05263b |
| SHA512 | 0ee1321bc0e2551e81abf0cc788024403411f82a345cfee86313393d1582ed2be8106c325068b4785c8a476cd7f6207da97d67cdea2b62ea5ae16818e6c0610e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b808547bc2b801213d4b523a68abeca2 |
| SHA1 | 22e4283c8fbb09a85d41eabb854a43f91bd11329 |
| SHA256 | c8889e4a95da5d31120397362b69a89545484dc57a1ecd95399a213dc7070f94 |
| SHA512 | 3f0b14f1b58fce9ad51e96e274a76bb1441cc716b2e6e684e5a518b2f57222bebb1b492269592d915788726c9d73abd416d2bb11b2855625f1c37f10973d44c2 |
C:\Users\Admin\AppData\Local\Mailbird\Mailbird.config
| MD5 | d04daa773781f63a476b8a3b5c349c88 |
| SHA1 | c07aa87384d741b4300ee061f29fcc49de7cd95b |
| SHA256 | 806e8a5968fe1efb12c3a7d87209021d5441d1bb77e3073a78836e4cf272ca9d |
| SHA512 | d5d7bea5cff61c26cd72287bd3eb2c19289b3ee484cdee5e83eb1e63d20a9f548dc9d508aec4dbf733d73a9779663eea4f3e7c7074cea231b86f6c667f0fab25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9cc6da573b70393358f4dbb80155353c |
| SHA1 | 120a3567357f12cb4d4316195d53279480450fd3 |
| SHA256 | 8ec647d75938d0c174c1bf883762c92090edb905bff511de7d17fecf73959ddf |
| SHA512 | 3876621572864acf900faf81ddd84f7e8b1fb40055bf4fdef416ea153107c78a98bed1cbcdb53eb5b74469598dcbbfb86fe500a8310ee52e35376973b92f0db7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b73735272e40af2fa78aa9342678c92c |
| SHA1 | 9169120d7ee41fd34078eccebffa7ae670b4e55e |
| SHA256 | 5ccab611706b38f20d1140315d711579371b802c25a6ccef561e4809867c64b7 |
| SHA512 | b4eb3570eee90e477d97f94cffc2c4677e395aaea8f1304dd7bde369e7ddda08e207a197f535b72d0449ddb52bdcc5e52926dc53dc17ec44f995da82dfca74e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 38f159718028aec7fd18af9f71267c33 |
| SHA1 | 25da955586bf335817ec94e4aa637427d3584aaa |
| SHA256 | 88614a94cbe93d654fa9e89d4eec6235b90f0ee4d7eff0c4df52d59b3b6c4918 |
| SHA512 | a62f2e07ef74cf0869b11ec96ca5e8b0f7867ae89cf0fc52549257420fbf4e594cc28ce47ebd53d52b53e5611b08eacab611d913074cb82fb7928cfa9eca71b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c7037cfada4c6d631cb2ff3257f789bb |
| SHA1 | 0b58d5787251bf7ceb4f60b58402fe7a6c470d59 |
| SHA256 | a1f22e1f55b6b56a19eb590b6aa66bfe9c4a0ea7bef1583cc0d74023c3476736 |
| SHA512 | fe5dc4f18d2dadee4bad166367bb2b717d46e2a74da4b4c5cf74b3a7decb899a8ee9bfd474937c53df08e5d901a53b61011fccb9ba3fea5202a0178b3d55233b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fbe3afcf0637bb9baed3d9489e959a80 |
| SHA1 | 62b8ba98b1b83a8da50ed5ac2bae99726d32c512 |
| SHA256 | d8a318ef6aa0ca9b52d6e91ea91537b11d806e83475db8ad9ba4e0dfd761f3fc |
| SHA512 | 1a34187cf8b2374ceec01b757ce1936a7bb9faee1bc2986949fc97605c24657f90ce4b8882a7110ed9246efa08acc8be279b890a5f804815ce0da31524bc00da |
C:\Users\Admin\AppData\Local\Mailbird\Misc\CefCache\LocalPrefs.json
| MD5 | a17de958a0ff74b2562f285a941fd907 |
| SHA1 | 5d28df3b413088c88067d43b603e46dfbdb034e4 |
| SHA256 | e3509b5b8f39d6822486cb998a6f22a504d6b193e7f60cb01607952d5b50103c |
| SHA512 | 711528cef25755b899de7ffcc5e84d55f50c0d11c4ca680a33771f0023d5bf255c2bfb3c72925eb5bd3911799d931260870e5bfdceeba38ce0861787e9c563db |
C:\Users\Admin\AppData\Local\Mailbird\Misc\CefCache\LocalPrefs.json~RFe5bde27.TMP
| MD5 | 0f05a1bf0770fe7aa9bca94d1ebb2da4 |
| SHA1 | 0779bbf8b48f6bbb7f75ac6849edeae8d573c75f |
| SHA256 | 605f54296c1514ab8a784ab3ea197390e65cc670686efb5a5285d4fb22838725 |
| SHA512 | f5b88f0182458e591fe56fa9d2d18c79107e0c20a466c3f1c984113947f3b0a63043402a7646a912f8102fc8dd38bd02df3fc63cab6c1d9cfdbb1c352d5f1b58 |
C:\Users\Admin\AppData\Local\Mailbird\Store\Store.db-wal
| MD5 | 350d61af2fe11a53df57979a2381596e |
| SHA1 | 3e30ef84ea521d7a5c53cfe92a9b17740d2f48b1 |
| SHA256 | b4a25e960c768b5347b69852998d4dc94797de54bfc3ec26e61bc4a73fefc463 |
| SHA512 | 13c47a1be72a6c19027d0d9b35fa87bb348b0c6d9c487be704dd081921d20fe283b15c425814943887d21cfe34c33e3b135edcd2066bb06f836ba7f9e32ce25c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6ed45de6ab6bedb88fb0b37c6ab5ed40 |
| SHA1 | d5145b18854744559352c9af28d70c57f67dcfb8 |
| SHA256 | a313a130e57ca169a01d50ed9236736d47b531fdedb003bc4adf051de0581a48 |
| SHA512 | 44cd2c5018433b1fe9260beb55fdc99670f32c20756efb89ba60d3ea017d43cd654e33917febff553031d94aba60fb608b0161f0cb275855588e53f30a8a95e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
memory/4504-1798-0x0000020F4C8C0000-0x0000020F4C8EE000-memory.dmp
memory/4504-1808-0x0000020F4C970000-0x0000020F4C99E000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8ff38ee3f8346e7baabc0e00afc0552e |
| SHA1 | 94a258084c363c02b560a91bb31e91e2d78025be |
| SHA256 | 7de54c60f70a60dec819d895cd168f2b77f7b4f2f2f43642a92cc728e46eff64 |
| SHA512 | 0a8403f345db8d5ed9161c39926a9cf8c3098a6c2f36edd0d95654a5e337ce427f5cf954c4b86137b9f9d1d9750e6dd34a119c0510ee8c75ad4e5b1f618e7499 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4d4f2c5df0dc093ef50fb3734f7b3670 |
| SHA1 | 3606046e0a8e901c755bba90e58962e064ded180 |
| SHA256 | b445c339540aee591215291e8459c3123e5329854a10c7eaa84923aa050e26f3 |
| SHA512 | 1539467acf3c3a9d21e5c1cb8ca120fffca287dd63e010089964f6995b18d13198cbcb79502f3555350602efb7e868401f9bdd9d71b0b2cd4fa51bcf5a86a3e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 56f390d2e7bbdf6f392a827537d72c55 |
| SHA1 | 285bc4cc6bded8307c7b5a703e4b396fc2d9a4c7 |
| SHA256 | e43620f70b2bd9a0e8007b1e2f0ca6c4082f0963748b582607087afe1e6367d8 |
| SHA512 | bc79fb1b3231d8f29596b46ec1d6accaf6a1e0a4900a74f29c4e738d1dbbc96464b405840aba19e4c7c292ceeb0cebbcfd12df32b8bcbf36e308af699e4018e9 |
C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping4504_1682540992\manifest.json
| MD5 | 2648d437c53db54b3ebd00e64852687e |
| SHA1 | 66cfe157f4c8e17bfda15325abfef40ec6d49608 |
| SHA256 | 68a3d7cb10f3001f40bc583b7fff0183895a61d3bd1b7a1c34e602df6f0f8806 |
| SHA512 | 86d5c3129bec156b17b8ebd5dec5a6258e10cb426b84dd3e4af85c9c2cd7ebf4faea01fd10dd906a18ea1042394c3f41a835eae2d83dc8146dfe4b6d71147828 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8cd36253248641ed470fe8e4b8731c37 |
| SHA1 | 53c162c8468b3d62cba905dc4fee879f45a3e438 |
| SHA256 | e84f615654d7f1e974d43a471ee23bfcb75cc65806e8102c3c33699cf41d32eb |
| SHA512 | 82f760a67b1ec858456a4265490732b4cc2376f567008b0461b342c5e8ad2a5eabb56343898a0395c329bb9d926a328a7ff6632e8107fbae1974d29591e5d17b |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6aa1a9fc94c98718.customDestinations-ms
| MD5 | b4d7f95e1777360f8d8212f4b9b38b0e |
| SHA1 | 0a9ecd1f0ce4960d5b29f9c8fe1d8a920f7d0226 |
| SHA256 | c269197111fbd8cc7357c08e4d6c8fd842371609db771943bd2f4d9ca1034659 |
| SHA512 | d10487a1ae4d7d063e08cec63d0c33846d7d20ec488611f9848d065ae81a2965ccceaa4f4660b7d6328c15a949aa5b5d80f84572af7078d76289fb7c8414a112 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6aa1a9fc94c98718.customDestinations-ms
| MD5 | 44b056ea98ebbea1890c942240255ded |
| SHA1 | 4d5a7137ba9da5f3a726e4fc1acc61b7539091c3 |
| SHA256 | f26c561cf5d7b97a5f27fc9e3957a00e4b11629a256fd7b66747d45c896f45eb |
| SHA512 | e78f70078ffe05e7def262cd47994bfff64f8db4e929d212651728efc483677c1144624429e8a28a754ced91b1fbc96835b33d36518b8b7e3076a7930491f52b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7fc6f30247f47417e0eb1ae47f59e3cf |
| SHA1 | 16e69ff645e6ba65aea8b3d52dab614ae1816ad7 |
| SHA256 | d69e75f914ec89f8a8b6be9a881d81e7add69e93744fe3384a9356b288f480b2 |
| SHA512 | 50c016dbf47a55192fd1f51cf5b5066ad49534bc038003b30b7bbffc1bd6369d98008ea0aaa4b83f5cd9b4009b836d1ea7544e4c71175c271b6634396de9f04f |
C:\Users\Admin\AppData\Local\Mailbird\Misc\CefCache\LocalPrefs.json
| MD5 | 1d7ed64ea4e4b062b0329ec29b1e1a3b |
| SHA1 | 284952aa67770eca46ddaf6a82019c9b13022236 |
| SHA256 | 82769780c5eccd5118f1b21b397dfc744f36ccf1e1fbb7e62b08e8a156d4f89f |
| SHA512 | da730701037314d2286be385bcb4efbbfd92afe9ab3622693064761337d7c7c8a77062c5c2728aee109fc81e52ee1ebe410afdf9679c1dd8717d586cc22921a9 |
memory/4504-2008-0x0000020F61530000-0x0000020F615B4000-memory.dmp
memory/4504-2009-0x0000020F4F6A0000-0x0000020F4F6C0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 99552fb61f35a7b6c81e985cfe94c8e9 |
| SHA1 | 8b52c6b6fc13009e3713a5982bd98751ecd586b9 |
| SHA256 | 77b2fbff78920be771e89c4f87690a8c30a3354eb6b0e613508f16e6f82c0a46 |
| SHA512 | db67a769e48c9ae55ca79d95ec35887e9913fde159e00487276ac4b2887141890c90df6d952a5fc0870f5e67abaf803bdf74c29cdd4ac2f540fc2459ec3f4e81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d1698c286a48f5189deb0db36d1ba10a |
| SHA1 | f1d5ba63ef417055544f0b39b986245510bed021 |
| SHA256 | b0f053bbd4974b83649d145262f2af3156b844f39a36c0acac627dec16a08bda |
| SHA512 | 01b0910fbed1023479ebaba7316c182c008b1938fb0a71e7f6cd7d4cdb0abddc37c8079970365f7e063fd4a37d2c811a7e464ad15f8541f28a0717287b975c22 |
memory/4504-2053-0x0000020F61750000-0x0000020F618E0000-memory.dmp
memory/4504-2059-0x0000020F4F3D0000-0x0000020F4F3D8000-memory.dmp
memory/4504-2060-0x0000020F511E0000-0x0000020F51206000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6aa1a9fc94c98718.customDestinations-ms
| MD5 | 7dfae25194303338adedb93f38affd3c |
| SHA1 | eff3a2208efce525cf5c034c4350fad21bfe7dd8 |
| SHA256 | c18e7455e7fb414cf2f487715b1a9b6575bf9f9d7030f6b66c42409584ad5248 |
| SHA512 | 300494fcb73e935875d87df2db3c6ca69005a4d8fb2dbf39c879d8f2f8c7c77d1ded8faef2a85de712fd6edbe8ee791a8465f0c8ebf723423875be499c1b11f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2246dbd51ba7e21d310972f80cdce745 |
| SHA1 | 4a7f0fa88e1071e755d30a4e323ef2adcb9e5ae7 |
| SHA256 | e21e3055f78af534d1d44be394e9966b3804e589b11b742a68f75c9fa1d2b4a0 |
| SHA512 | 0b75ee47c7dc5e024769022f8df2e7d64ffa2ba515da0542622901c5fd2b050228035c905840eab6c3ba3c98ee155783a56ff0b0da67516f046d10473d01b43a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 15d9194968f1587112413611c8df4d3f |
| SHA1 | 175d0aa16487e3320cc4827a309a7f18fb144852 |
| SHA256 | f193cc66e0d2c6c011f9944583f55827e61cb090f75b799b94a04f7a681a32d9 |
| SHA512 | f949480518b5a69fbd75b04217a63756a9dbede13cc2443f1e95a33848572e640b84dcf166d9ce159c9c0671ebae26480b696a4f90934e4b8cb86fc0b29af34b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f77e6697d0f2d82db83c914409cbce86 |
| SHA1 | bb965ab3282cd0ad03e4ba577aec1fa9840cb162 |
| SHA256 | f15bc5bf1ee5c8fadda3b5ec21eabd772ac656bf8b863ea4c4f591eabcf9eda4 |
| SHA512 | 1b615ad65b182fa957ac8ef8c1f996f79fdc034ca5811ffd6f391b92e2546ed604ca7dc996189c2352b5906a45ea0a58816ed5cdd1c432e7fe31a531db139180 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | a484f2f3418f65b8214cbcd3e4a31057 |
| SHA1 | 5c002c51b67db40f88b6895a5d5caa67608a65ce |
| SHA256 | 79cbe928773386d07f0127f256f383debed5ccea5ff230465bf46ec7c87319d6 |
| SHA512 | 0be1bb8db08f6e6041a85cfee90cd36a5b595afbca34d52a125465454fc806b4bb7ae569eaf4c882922fb1b962b6060534e597791cd0ad23483be5981d9be85c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1a813bed-f193-4a39-b598-37645926f066.tmp
| MD5 | 5cf68b3fe9f53ea046e1c4fb85597dbe |
| SHA1 | 53bf5d5eb7b74f2fdd9648bfd14e82ffe1897376 |
| SHA256 | e475b917e09d5c6aee8e84d9703dab9ab362b78af585a274b4721eaad5744e53 |
| SHA512 | 3632802f7fcdeda565b4f6f8ec9db378fd8138ad47b1b1748623ba51cebf4f18856eb785d98b0ef0125b86d315546a461dd8947c4d6d7af07ce626ca0f7ef9c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 44a5f68d24ebf6d31ff030230d91bcc5 |
| SHA1 | f57b04b67db2d0b3d01768d9bab2c5a47e9177dc |
| SHA256 | 8e2d718cbac41d69029b38aac166db8f36abaade0e230406615b7c70ad1610ed |
| SHA512 | 21773ab11b410beadb493b8592a5cec16339ccbce310af91db1b11833b7faecbeed2be1c1ff63d43b4dffae15169db9e9ce9398115eb05f032c380783da91117 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | dbee639d1b1976897e3908d11fdc87b3 |
| SHA1 | a88ff03006651058babe639c86d7829a315f68c6 |
| SHA256 | ed8bfd0363a87bd201f711af8beda8619392b472e11b645a49f375988d127875 |
| SHA512 | 1a0332da9815ead61dad71c63c997974e159095f04d2ab17ec2746fbe02e33336550e0d6f85745da3e347c9906a45ee1d87418b4da81049c97243e30a2196346 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dd6b01d4117212763b2292ad298bffdb |
| SHA1 | 8d110526209ea2b0320ed96249448fd2a2e342a3 |
| SHA256 | e152fa98e62453a2b4fa4ee41990fe59bc25694f46edc91f1b8e7f22426b35ca |
| SHA512 | f6dc92eb90114e20ee5226ca0d26479bb7388737d16cee85a68d9ac3eae1374fff4375f642d118df54ac00a8b18be8b406ac7fba2d40f8dcab87522b57629057 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9f872dcc590878d5a2dfcf5d1c3c5e49 |
| SHA1 | 33cfb7f4faadd1a415561ba5d8ffc5f2fccecb25 |
| SHA256 | d62eebc96ad06b5c7060a0d64b290f74a5c028afb01475c7fd04bf55dcc8fa99 |
| SHA512 | 14790be4ef74f73f6849ede9795739182cfdd7fa0de9c167217ef248b92bdbcc4b93114e54e73c076cdedc5556d55d950be9eb10509f9604e283bdd1edf3488a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a6e383a30090c1531048d8500e700849 |
| SHA1 | 917e08c96f8a26672699e039a238e7fa710fdf32 |
| SHA256 | 3cc4291591b72d1d91bd32b44e7d3170362bf950c6ff650735c6223698d65f05 |
| SHA512 | 200e3dd0409714e1b13ba872ff97559b052236cf53dbc1aaaf90c166b7690573888fb28b7fde20d1432917c43acfaeda8fd11609a03abb951b180d947ef681a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d
| MD5 | f782de7f00a1e90076b6b77a05fa908a |
| SHA1 | 4ed15dad2baa61e9627bf2179aa7b9188ce7d4e1 |
| SHA256 | d0b96d69ee7f70f041f493592de3805bfb338e50babdee522fcf145cb98fc968 |
| SHA512 | 78ec6f253e876d8f0812a9570f6079903d63dd000458f4f517ec44c8dd7468e51703ea17ecce2658d9ea1fdb5246c8db5887a16be80115bbf71fe53f439d8766 |
C:\Users\Admin\AppData\Local\Mailbird\Misc\CefCache\Network\Network Persistent State~RFe5d427a.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Mailbird\Misc\CefCache\Network\Network Persistent State
| MD5 | 8a429a38670a051256045d497548722f |
| SHA1 | 3f0bca8b4a6672387bacad9fa5cf94bed3390e16 |
| SHA256 | c7e2d5a64dff1fd33eade25d0f6c70bcfc84606cdaff362589f03e304530d525 |
| SHA512 | 232b721b2646dda6964bad3a09dea13f77e56c3bdf3187da3ba0d8a1d5b51e0a4b863122e211a42e3607b9171d657c7f4c5528d010747aa0b93fe8ede21c957f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2c5d8e012ca6a87022032d0e3370a4b7 |
| SHA1 | 61b9badd09b4e5283f774f8d8f0c10ae64867bf4 |
| SHA256 | e7dbf3385ea3ea342e6db36e7c16c67fb4b79257fd7d71c6c930635507735c16 |
| SHA512 | df7907e065914ac1c5606d6ba48d3ed58ca58b2439d94822fcf7bf71193cccccbe88cef376beb97dcc9dff2c757d7cd7024677032fdc13ec4893b1aff27e49e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 54b5f8266298f526126e0428d0953200 |
| SHA1 | 08338296840993d6320faa35a7a467013fcc455d |
| SHA256 | 747bb5c5cf7e71d262361106a1066b8bd4976b34d4e99b3a6f0c8a2cb6929832 |
| SHA512 | 5ccf31becdf12db844d19b224e0091f6e81495f5a2901c90cd2ba3123009a097b2c3186eb908c211dd1a0cd4b6f971ce06b54e7b20d004e6ce9b66b142268f08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c8ff06bd3295ed3b0a6df4928f211233 |
| SHA1 | c87f64bcfff772914700c2cc2344bdb3efae0809 |
| SHA256 | 62ee862e8a65e8f8321cf56edd5944260f74a9c5a0ac6460108b0b4619991f29 |
| SHA512 | 985fb9bec878d2848eff602151a013a86349465b3549eabab29ecd617bba59a4aecf72fb7ea419dcabd70b1e0bc361b8de6e053a3e312ab4769e559b0567de99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8be1cc6fdcde0dd04024660df74330bf |
| SHA1 | 68269cad72b361a5085878dd299d500511dbdfdb |
| SHA256 | a2092659634b54872ffb2ebfd27eb08140fe48b56d79c6a04d33cbd00719a42f |
| SHA512 | 9f28f4f83b69df629a525aeccb760a821c83ae9a2b2ff0af9d4fd596973b8713f34116d7456ab4be306a07881c60a42a3ee7fa761e1c2570cd341ae2f8717468 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3b460450dfcf98687c59bf7b919cff4b |
| SHA1 | ea026fbb4ededbfc6afe124be10eb8698ccf1a9c |
| SHA256 | 13f80a8d30801d7aa1849414cb4417ff6af88ba5d0385036c86b1b40ef2edd23 |
| SHA512 | 9386e15cb12e69fb4231281fb8788e781aa81137ec420125b4a6012b4974e94a5c8ed6d39c652a39f80aed5828a0657164756f7f24a8d2458ae804e51e5cddc7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8290536894fb429573f9e97da21f5236 |
| SHA1 | e1d9bcd01bc9c5e99523052e4f03d943b31765f6 |
| SHA256 | e61991d9f8528ea13e9ae9d813d11cd38588414c4116c671ffaaafaad3b5f44e |
| SHA512 | 464b576547d0482026120feb16c33f01978ae824563a416ef94fb6890cb1da45eabd412287d76f3dc52b7b040e86aba0bcf08d4d8cb93c6fd545e69f90ec09e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e32c3b07559aa02a459d1538cf903894 |
| SHA1 | 7087ba0d13a77c155eb726355a692762a867cdb1 |
| SHA256 | 054baa3e0d98f50431ecbdb044c98d22f4bce07b08db1e21da5764dadbaf470c |
| SHA512 | c72e09b2c3da3145d301e8654b461c4acf0ddd047c7e9aa5a7a09a1e9227b07e15acefde01c55e2a008fcf270466f230d1c48c87f7b5257f6b623983bfcb5c60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 33fbb85fccfcc4665e8474937867dead |
| SHA1 | 425b9790595e0d7b870d4de7d7ef3802c7b9415f |
| SHA256 | a708d81ab590b56a4de77b3edfe083afef2866f0cbc9f937175b70424cae5c58 |
| SHA512 | ac2647632670dfff3ad4b0146b567d5245d77da5751460164e343550ea2f8f16ce4254f3eb5140b27ae49d5344ab38af4e34b56bba15e870856844e50d9218ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d84e495ffa9c077dbd8be1fc98b22d62 |
| SHA1 | 01e0c7fe92d4289d3cd6238be0bf6dcbb8b2ba31 |
| SHA256 | a387dac50d85e5501da83ffdd01d5c2dafbcb56650ad7485f9be4cb1362a58d3 |
| SHA512 | 4fc2f34cea463912873ac7ed871b8c26acf91df0b0263c1cc32e57bf9062ca11f51b8ac052ded8667a7519e0846fa0c133d8dec4026ac14819fd9190a7906146 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5020b334418e7a69f8f7169b9665542f |
| SHA1 | da6b903bea8804dbe53d3dc57211c422f7a55a8c |
| SHA256 | 518149191bb4f8f695976b62022003e9c7916bb13ca4a6ebe83cf578098aef9c |
| SHA512 | 9aebe26f0c55131ff8db224bfae65d7aa84a4fbd5415ebcb1d00e5dbc50668e2873827beffb086fe7e6f5b51dfdaa163b7c6db691458a223d831fbee07b815d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dab40a4db24ae932ac7f40e4d9612b49 |
| SHA1 | b999683ca7a033949c79a707a789146aaac979c3 |
| SHA256 | f22de7de5afff18f50479a4e615a7026de9161e826836e4105564117c0734670 |
| SHA512 | 1a4e7853250ebe7e9b457ebe985d7320e05fb5d09ac8a55ea2913e4f644377b52c895f46493a941a625a8bc8b02cbe0fcd91fd64eeb9832ab2c47d4ea1596b47 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fba74ac025cec73c57fc46da08dc6b1a |
| SHA1 | f8f698d5eae751cd736da56aaaf90ff9da3e4d89 |
| SHA256 | 77359d7d565c71f23d08fde41a0d92957a81552847a593be9d53284ade18b6b2 |
| SHA512 | 63935588d641cbff228d3d488ae499121291b6508fcd90c114a9e545513f9cd47edfab87c2c4fe1858ef1d0d3d49c4fa3ee306eb7bd6b4d05389d53bf5853f71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c38fb9d78dc42f87c9242a5abb503008 |
| SHA1 | 474bf4a16479ad182d821963dc66659c449307b4 |
| SHA256 | ad5ad749f0e1c9db969cbfdbe4902eb5adadb94a7fc49b75347a195ca8296b65 |
| SHA512 | d837d3c43ddf414b54db49ff8d1ce92d651528903ac953ae06599aeb07c8879300355ed4beb365134e3d882ca929dce0752ef9c161e7709c336ed264bbdf00c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 485e0053f020cd36dcfb05a5919eb42d |
| SHA1 | 9293aad91bbb6cc79f9597d8b2e4363700a515c0 |
| SHA256 | 42e7e88dc971acb687c80ac91cf12cfba506c4a0ba5a92e6848a79dd3c7498bb |
| SHA512 | f48658cc275ae1b81c172e951ec0d42987bacbd89f1b28d3c2772dd8ca2482e562bec3ab49dfd815dd30bdbc0aa52aec1fd8582cc03b78f85f0403662f62e162 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ceeee1bd7829827c7fd17177650e68a3 |
| SHA1 | 34eb18e0c3f50a1cfb020b9422bd7e93642b30c4 |
| SHA256 | aa80b23d30cce3bbf785824d8def9f9698644a516a2c3a5a100312f6fe0d444e |
| SHA512 | 5e2e80f67928cc4bd3777d9d7ee30351baed8cf384c845727c2205f2ff14184fabe9af863c472b126b239ff2578cf3f70bf307c0d913ad6db785084899e8372b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0992910bb9515f03233984a345ffc7df |
| SHA1 | c4d5c577a72cc9abb36326003b8a24eab7d8daeb |
| SHA256 | 5cd06aee6e549054c3ec833a77d19b27db67adcc59bad5fa441677366de89b59 |
| SHA512 | 7b2c3a37df958b7b72ba122f82bfda13049d342fa8c92cdc746efb0d17e5a1a6121134a1a9c73673609d91ae9bc1efa13904030e61721160143db9fdf3b9df9c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2ee5dc455731ddbc3420695e235c61c7 |
| SHA1 | 948de71c8ee641194097b8ce47e68dbc7be210b7 |
| SHA256 | 5e93a97511ffed9e7a433a6982cb530bfb38ead7529cf59a363f492e54b46c7a |
| SHA512 | 484d44969bcf4c06519f3998396d2c37b8af4a42afc037901419d400d4a7f84e30606dd437468fca2133e5ee49215f8ac428e78d0210e6eb9825f2007de9190c |
C:\Users\Admin\AppData\Local\Mailbird\Store\Store.db
| MD5 | 47a8b6b50c6075c7945f0885ecb0ee85 |
| SHA1 | 4e4fed01c93ccdcba72daeb1cab642031493bcdc |
| SHA256 | b53620e03e651be7505ec04db1344ff5796e15823a5a713dcf4fe9fdf52195ab |
| SHA512 | efd65bf6b978bb7852a91993b2befaadd7a85ec6a05dc6f1d42d2d3f955fa59501f7c0269c731c16ae0733858a67ca9b5e65b6519bf6493290b77bfe65033cf0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d1037d3f58dd3e1dbed44b871b2d361a |
| SHA1 | 49ae5635a080effea0b081309ab46ba99a5b9d56 |
| SHA256 | 103cf08365ade3dc51503f5733d62025140c68bee9e8d2bb5a1f238b5dad354b |
| SHA512 | b5106d9be12d0d1795dc964ce66df48cc2ec5323dff166af57eb51e4a00299949bd5cd78a8d756afd81d439211b076b61752e0f6af870dbd0d11bf44c8144606 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2c06023997f3d979a187338e9c5d6759 |
| SHA1 | 9ae967c3c66c6f24c560431987ec5b4ed14e5a1a |
| SHA256 | e9189aba5f9f060afdb79447786b1f8e41400f21dc647eadbceb1bf79a1c5aa6 |
| SHA512 | b6949c5356fc149478cf71a56243445f143c43610256b280fcba56f4efc66458745682983df0b22b7812625ffbf29b884917ff4eb12dd41d0432e75f3e9049e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a545506ee6789edb1d6a5fc34aeb7860 |
| SHA1 | 590c49d449a38aff8805e559351c286d70176623 |
| SHA256 | 144c1aea6f6335ccd599fcc2f9aa27819023f3bed3626d60ed8d2e6014587a4f |
| SHA512 | d6bdb661f1ff5a7702e6faa2af1eb2e8a0231a25f6dd5eaa595c85633aca5151bde12147c45c91a660f044fc253ba1b804cd5fd8577bf94782361b66c44ab573 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 104ca5ebab0a295f9c38aaaaad0cbd81 |
| SHA1 | 3551e575964e30f3130ac5f0cc444b7e0feb45ee |
| SHA256 | 4498885efd211e06b591776051579fdb1e9d9d8a0c86c6ab8cdd5c711afe4768 |
| SHA512 | c0224508fc84105006f193d4b637cfc8c69fd69f44ab791ba90ecc3ca96e50bf1dba13a2498b4b00dc6d08e1d71189f58c69da7fc121c344c16f306f0f2eae4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7e6d1e24f4cdbcec3fb0daa0cec47575 |
| SHA1 | d89072a7a0acb34086bfbddf05205e5dd4b5b82d |
| SHA256 | 4077e17481515765de6280566088a73969640ccb8fc6a564c1bcba404f855c42 |
| SHA512 | 9b77f8aca02db02a4cd44b4c735a09dfbeaeea04c1575eb92072bb35179823f6a07f1daf412537bdc57a587b937e012b437c9f1491fdbab1ea48a53c1e08112f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 22693d5aa927bfb78cee7218340fe587 |
| SHA1 | fc9e8aca969fe579dc0d21eda11156b6fcc4e567 |
| SHA256 | 8dd326fe3a603cc534720eb6516a740120ea035e26e716946ecbf924bd54b95d |
| SHA512 | 3e4fb250349293e5e04a5d0e50257f25f14ddb7dbfcabb2dd4ff247ccce8599a2831119113d2d8961bc60373ece16a97b0ae08942181d04967864b9a5f467d26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3cd0768cb6aa6999dd59366ae3cd0194 |
| SHA1 | 57704ec746e98ec37a1ec2e4b19802545d18be50 |
| SHA256 | 0afb1d82040988f09743e3c5d6595a23cbf708f9fde0b8a054be135212dface4 |
| SHA512 | 9faf3f9ea62bea798b81b5ea1696a41cc5cb94a1c9c3ef79a5ad705ca513461e8d3786e4e312debdec25cdf52138711698781e1dba138a2ab04eb2a8893d6138 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5006afb972e536cd90d4e889e0f548e7 |
| SHA1 | 52c5761925b063a95c5ece418a60a85743fb8df7 |
| SHA256 | 6c7343cbb916ea6a915be2595f0e07a4208fec5694ad5506bef7c0d383cc5d4f |
| SHA512 | 15758b08d75d31733ace21f84a154a51f4c02a73d3381a6b3cd4aa2d910d79ca8ee1c4138ff60dcf7d2948873f8db8105fc1bd911a68b299332a2349aad422d3 |