Analysis Overview
Threat Level: Known bad
The file http://dox.io/haes was found to be: Known bad.
Malicious Activity Summary
Umbral
Detect Umbral payload
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Drops file in System32 directory
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
NTFS ADS
Suspicious behavior: MapViewOfSection
Checks SCSI registry key(s)
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Uses Task Scheduler COM API
Suspicious behavior: EnumeratesProcesses
Checks processor information in registry
Modifies registry class
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Opens file in notepad (likely ransom note)
Modifies Internet Explorer settings
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-07-09 07:12
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-09 07:12
Reported
2024-07-09 07:28
Platform
win10-20240404-en
Max time kernel
965s
Max time network
968s
Command Line
Signatures
Detect Umbral payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Umbral
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\combase.pdb | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| File opened for modification | C:\Windows\SYSTEM32\ntdll.pdb | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| File opened for modification | C:\Windows\SYSTEM32\rasman.pdb | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\SystemInformer\x86\plugins\ExtendedTools.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\PoolTag.txt | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\ExtendedNotifications.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\ExtendedServices.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\OnlineChecks.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\Updater.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\UserNotes.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\ksidyn.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\SystemInformer.exe | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\OnlineChecks.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\ToolStatus.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\README.txt | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\peview.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\DotNetTools.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\ExtendedNotifications.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\ExtendedServices.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\NetworkTools.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\x86\SystemInformer.exe | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File opened for modification | C:\Program Files\SystemInformer\clr.pdb | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| File created | C:\Program Files\SystemInformer\ksidyn.bin | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\DotNetTools.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\ToolStatus.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File opened for modification | C:\Program Files\SystemInformer\rasman.pdb | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| File opened for modification | C:\Program Files\SystemInformer\combase.pdb | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| File created | C:\Program Files\SystemInformer\x86\plugins\DotNetTools.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\x86\plugins\DotNetTools.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\EtwGuids.txt | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\peview.exe | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\SystemInformer.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\ExtendedTools.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\HardwareDevices.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\UserNotes.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\COPYRIGHT.txt | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\SystemInformer.sys | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\WindowExplorer.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\x86\plugins\ExtendedTools.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File opened for modification | C:\Program Files\SystemInformer\ntdll.pdb | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| File created | C:\Program Files\SystemInformer\LICENSE.txt | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\CapsList.txt | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\icon.png | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\ksi.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\HardwareDevices.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\WindowExplorer.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\ExtendedTools.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\NetworkTools.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\plugins\Updater.dll | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
| File created | C:\Program Files\SystemInformer\x86\SystemInformer.sig | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File created | C:\Windows\rescache\_merged\4183903823\2290032291.pri | C:\Windows\system32\taskmgr.exe | N/A |
| File created | C:\Windows\rescache\_merged\1601268389\715946058.pri | C:\Windows\system32\taskmgr.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.pdb | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| File opened for modification | C:\Windows\Debug\ESE.TXT | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\Total\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Generic" | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000007800000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\DynamicCodePolicy = 00000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-SubSysId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mega.nz | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1 = 8c00310000000000e958973a110050524f4752417e310000740009000400efbe724a6fa8e958973a2e0000003f0000000000010000000000000000004a000000000003127300500072006f006700720061006d002000460069006c0065007300000040007300680065006c006c00330032002e0064006c006c002c002d0032003100370038003100000018000000 | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\IsSignedIn = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\Total | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1\MRUListEx = 00000000ffffffff | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 73001a59cfd1da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 2f369159cfd1da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = ffffffff | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0000000001000000ffffffff | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VendorId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\Total | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DomStorageState | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DomStorageState\EdpState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mega.nz\NumberOfSubdomains = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = a0354559cfd1da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mega.nz\NumberOfSubdomains = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\KnownFolderDerivedFolderType = "{57807898-8C4F-4462-BB63-71042380B109}" | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DeviceId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingDelete | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1\0\MRUListEx = ffffffff | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000ffffffff | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = 0100000000000000ffffffff | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main\OperationalData = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mega.nz\Total = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\stereocord.rar:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\SystemInformer\SystemInformer.exe | N/A |
Suspicious behavior: MapViewOfSection
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "http://dox.io/haes"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.0.919569151\85728719" -parentBuildID 20221007134813 -prefsHandle 1692 -prefMapHandle 1684 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c97133ca-bc66-4002-9330-e4c98e75584c} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 1764 1ea006e4c58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.1.150742694\208204220" -parentBuildID 20221007134813 -prefsHandle 2096 -prefMapHandle 2092 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {127f784d-d098-46be-940e-fb165ee59689} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 2124 1ea0060b258 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.2.658335423\1618733622" -childID 1 -isForBrowser -prefsHandle 3164 -prefMapHandle 3160 -prefsLen 20866 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a69b303-6e29-4823-906a-9c0d123501d5} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 3176 1ea046e3558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.3.642271995\857848698" -childID 2 -isForBrowser -prefsHandle 3488 -prefMapHandle 3484 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8ad4ff1d-cffb-4d8e-ac27-2c7f41dba56d} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 3300 1ea04c7c158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.4.1465714293\695438641" -childID 3 -isForBrowser -prefsHandle 3916 -prefMapHandle 3920 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a880022e-66bf-48b8-8890-0c8eafc48168} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 4008 1ea05a89e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.5.2103480498\20829034" -childID 4 -isForBrowser -prefsHandle 4928 -prefMapHandle 4964 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {df559805-a9ae-4256-8efa-809d09133618} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 4956 1ea04643358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.6.2048857672\1324041764" -childID 5 -isForBrowser -prefsHandle 5096 -prefMapHandle 5100 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d6e812e3-4e2f-4f69-a540-d3126b30a07f} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 5084 1ea04644258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.7.878645118\568604452" -childID 6 -isForBrowser -prefsHandle 5280 -prefMapHandle 5284 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {08fd4806-c418-45f6-badc-f8b3586149e7} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 5272 1ea04644b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.8.760155187\168073067" -childID 7 -isForBrowser -prefsHandle 5124 -prefMapHandle 4956 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {48633472-7c3b-400e-a939-5e30977509d4} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 5060 1ea00906258 tab
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x374
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.9.1033564539\389742573" -childID 8 -isForBrowser -prefsHandle 3876 -prefMapHandle 4308 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a7a5b3d3-ef2a-42da-b1a7-2fd6e7f79823} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 3608 1ea02c40d58 tab
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\stereocord\" -spe -an -ai#7zMap28666:82:7zEvent4802
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.10.1453215289\1303661950" -childID 9 -isForBrowser -prefsHandle 3460 -prefMapHandle 3404 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0e153236-d98f-4441-a202-0c59075e2811} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 5568 1ea04642d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.11.1598158154\280472838" -childID 10 -isForBrowser -prefsHandle 6504 -prefMapHandle 5336 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f8a3f4eb-ca98-41d9-bf57-3f362e022bf5} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 5276 1ea06b46058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.12.2043386317\2047818420" -childID 11 -isForBrowser -prefsHandle 10300 -prefMapHandle 6712 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c1222014-314c-4b88-823d-103e06e6329f} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 5432 1ea06b46658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.13.773721527\1951927274" -childID 12 -isForBrowser -prefsHandle 6744 -prefMapHandle 10152 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {67b6d814-7193-4cc0-afb0-302d89664dc0} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 10164 1ea7526f558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.14.1648722226\189349008" -childID 13 -isForBrowser -prefsHandle 9768 -prefMapHandle 9772 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {024500a3-483f-4877-8691-d631ed9b5cde} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 9800 1ea0521cc58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.15.1883642330\657732427" -childID 14 -isForBrowser -prefsHandle 9596 -prefMapHandle 9592 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a2f5338-7116-4b62-ba6d-5e532463eac2} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 9612 1ea0521ba58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.16.1127935128\1588165308" -childID 15 -isForBrowser -prefsHandle 3888 -prefMapHandle 6512 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {52b1795a-3541-4ae2-9f6c-a847c2c755ff} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 5636 1ea08f80558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.17.1546543602\734699126" -childID 16 -isForBrowser -prefsHandle 10052 -prefMapHandle 5604 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d4e51f3-f492-44db-bbb5-58fdfde98734} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 10160 1ea04fc1d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.18.1425173022\180743625" -childID 17 -isForBrowser -prefsHandle 6432 -prefMapHandle 9944 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {284c2dfc-e4b2-4a72-b94b-c4baa3655cf0} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 9948 1ea05087b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3008.19.765611463\1620599105" -childID 18 -isForBrowser -prefsHandle 6908 -prefMapHandle 5364 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1372 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a198a3ac-41b1-4fef-a6b9-139da251eb1f} 3008 "\\.\pipe\gecko-crash-server-pipe.3008" 6892 1ea0a3a8558 tab
C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe
"C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe"
C:\Program Files\SystemInformer\SystemInformer.exe
"C:\Program Files\SystemInformer\SystemInformer.exe" -channel release
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /7
C:\Windows\system32\msconfig.exe
"C:\Windows\system32\msconfig.exe"
C:\Program Files\SystemInformer\SystemInformer.exe
"C:\Program Files\SystemInformer\SystemInformer.exe"
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Windows\System32\Wbem\wmic.exe
"wmic.exe" csproduct get uuid
C:\Users\Admin\Downloads\stereocord\stereocord.exe
"C:\Users\Admin\Downloads\stereocord\stereocord.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5540.0.156741962\1521060855" -parentBuildID 20221007134813 -prefsHandle 1572 -prefMapHandle 1560 -prefsLen 21145 -prefMapSize 233583 -appDir "C:\Program Files\Mozilla Firefox\browser" - {41a96fb2-bbb3-490b-ade4-1ce78730a46e} 5540 "\\.\pipe\gecko-crash-server-pipe.5540" 1656 236d030c358 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5540.1.939970802\264030289" -parentBuildID 20221007134813 -prefsHandle 1956 -prefMapHandle 1952 -prefsLen 21190 -prefMapSize 233583 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8005d0ad-5270-4374-8237-b9f4ecb3d94e} 5540 "\\.\pipe\gecko-crash-server-pipe.5540" 1980 236be2dd958 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5540.2.2129070120\821133048" -childID 1 -isForBrowser -prefsHandle 3016 -prefMapHandle 3136 -prefsLen 21651 -prefMapSize 233583 -jsInitHandle 1324 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c5fc172f-5545-4452-849f-1413aaa94fb8} 5540 "\\.\pipe\gecko-crash-server-pipe.5540" 2872 236d036bd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5540.3.1148238107\1685111181" -childID 2 -isForBrowser -prefsHandle 3608 -prefMapHandle 3600 -prefsLen 26829 -prefMapSize 233583 -jsInitHandle 1324 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4a890a07-da38-4199-a118-3bda6940fb0f} 5540 "\\.\pipe\gecko-crash-server-pipe.5540" 3616 236d4ef4658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5540.4.989837668\259058742" -childID 3 -isForBrowser -prefsHandle 4284 -prefMapHandle 4280 -prefsLen 26888 -prefMapSize 233583 -jsInitHandle 1324 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2d2b2608-59c9-4712-8cb8-749950ae8651} 5540 "\\.\pipe\gecko-crash-server-pipe.5540" 4352 236d5f53258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5540.5.1974314362\1731585316" -childID 4 -isForBrowser -prefsHandle 3312 -prefMapHandle 3280 -prefsLen 26888 -prefMapSize 233583 -jsInitHandle 1324 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {16c8289e-d51b-4dc7-8390-cd9780f11ae0} 5540 "\\.\pipe\gecko-crash-server-pipe.5540" 3308 236be25d658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5540.6.1402833672\302441279" -childID 5 -isForBrowser -prefsHandle 2372 -prefMapHandle 4760 -prefsLen 26888 -prefMapSize 233583 -jsInitHandle 1324 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {45f880e6-f4e2-4415-8eea-fd1226fd1b63} 5540 "\\.\pipe\gecko-crash-server-pipe.5540" 4188 236be25df58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.0.462176123\982714272" -parentBuildID 20221007134813 -prefsHandle 1604 -prefMapHandle 1596 -prefsLen 21145 -prefMapSize 233583 -appDir "C:\Program Files\Mozilla Firefox\browser" - {101de397-0e62-4ce3-ab3b-d4b33b91cc3a} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 1684 210f5ce9c58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.1.1785946725\1060380725" -parentBuildID 20221007134813 -prefsHandle 1992 -prefMapHandle 1944 -prefsLen 21190 -prefMapSize 233583 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a069e35a-af91-48c5-9eaf-496c5e5df083} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 2024 210f5931758 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.2.1311675359\388487051" -childID 1 -isForBrowser -prefsHandle 3344 -prefMapHandle 3340 -prefsLen 21651 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b35e2e31-2d46-46d0-a2eb-0836e86af9a4} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 3356 210f981a358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.3.1720252342\1168575576" -childID 2 -isForBrowser -prefsHandle 3676 -prefMapHandle 3672 -prefsLen 26829 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {746bd7af-e10c-4917-b9c1-50c60fa7e127} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 3688 210fa83c458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.4.198420458\415817055" -childID 3 -isForBrowser -prefsHandle 3872 -prefMapHandle 3764 -prefsLen 26829 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a630111a-29f5-47b6-85ac-ea9de80fd217} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 3888 210fa83d358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.5.1835586414\1922239393" -childID 4 -isForBrowser -prefsHandle 4836 -prefMapHandle 4832 -prefsLen 26888 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {06034b27-b9b9-4802-a04a-96ef243fc083} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 4820 210fc559c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.6.693836623\3088257" -childID 5 -isForBrowser -prefsHandle 5072 -prefMapHandle 5068 -prefsLen 26888 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e22b8e66-f717-4297-92a6-dfe1699bd4fb} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 5084 210fb571458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.7.43956370\1280014770" -childID 6 -isForBrowser -prefsHandle 5208 -prefMapHandle 5212 -prefsLen 26888 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0e88d545-0516-4843-8ae0-f5e7a2f6781c} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 5164 210fc820258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.8.1875026282\1448014815" -childID 7 -isForBrowser -prefsHandle 5472 -prefMapHandle 3228 -prefsLen 26888 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {31381a27-89be-4e5d-8fc0-f5081e6f10e5} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 5016 210f9f27858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.9.545490983\1968226071" -parentBuildID 20221007134813 -prefsHandle 5700 -prefMapHandle 5024 -prefsLen 26888 -prefMapSize 233583 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d80577b-dee3-43b4-88ee-97b3b48d89ad} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 5724 210f9fdea58 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.10.2052365691\402923183" -childID 8 -isForBrowser -prefsHandle 5860 -prefMapHandle 5856 -prefsLen 26888 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7f5fe6fe-1634-4588-835e-a42929e19d04} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 5872 210fa0e3358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.11.964030494\2071734723" -childID 9 -isForBrowser -prefsHandle 5904 -prefMapHandle 5900 -prefsLen 26888 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6102b3fe-5d91-4d0a-a22c-7e9cf99f124e} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 3616 210fa0e3058 tab
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Search results.txt
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\3f9159b1098344fcbbd924d95939be74 /t 5056 /p 5780
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
"C:\Program Files\Windows NT\Accessories\WORDPAD.EXE" "C:\Users\Admin\Downloads\Search results.txt"
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\bb66e94794494e968932989f08ee8545 /t 676 /p 1484
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\lol\lol.txt
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" a -i#7zMap858:172:7zEvent10963 -tzip -sae -- "C:\Users\Admin\Downloads\lol\lol.zip"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.12.682322480\733195939" -childID 10 -isForBrowser -prefsHandle 4460 -prefMapHandle 3288 -prefsLen 26906 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {154b21ba-6aea-4068-a92e-42237d78b6d8} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 3040 210fa83d658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.13.1428538744\1824459151" -childID 11 -isForBrowser -prefsHandle 6228 -prefMapHandle 5296 -prefsLen 26906 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a24a889e-a33e-48b6-b122-f94d6528d65b} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 5168 210fc557e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.14.900554148\472053646" -childID 12 -isForBrowser -prefsHandle 5376 -prefMapHandle 6244 -prefsLen 26906 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2bf2a3e7-483d-46bd-ad32-ddcf6019b8bb} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 6212 210f6029558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.15.1601392\796292647" -childID 13 -isForBrowser -prefsHandle 6424 -prefMapHandle 6420 -prefsLen 26906 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {abb660f7-455c-436d-98e2-2c859f63aba9} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 6360 210fdddfd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.16.2103025725\1458284103" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5360 -prefMapHandle 5892 -prefsLen 26906 -prefMapSize 233583 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d1f2d56a-59ae-4040-90da-5080df54ff60} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 5968 210f60b3a58 utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.17.1063331149\945041240" -childID 14 -isForBrowser -prefsHandle 6892 -prefMapHandle 6888 -prefsLen 26906 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0b3ab9b0-d6e7-4f01-9990-a3e09a260392} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 5060 21100edcf58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.18.1038319483\1784013518" -childID 15 -isForBrowser -prefsHandle 10908 -prefMapHandle 10900 -prefsLen 27658 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f3fdf273-bb71-4ece-9044-8615bde02264} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 10912 2110307a758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.19.751154727\1890205143" -childID 16 -isForBrowser -prefsHandle 10728 -prefMapHandle 10908 -prefsLen 27658 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b9e64d0b-3af0-4050-88a1-542b6895b151} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 10720 2110307b358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.20.1231537806\371483242" -childID 17 -isForBrowser -prefsHandle 10208 -prefMapHandle 10204 -prefsLen 27658 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {35a181f6-5c59-4524-a6e2-23e2956728be} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 10604 2110307b658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.21.2072797319\96767500" -childID 18 -isForBrowser -prefsHandle 10564 -prefMapHandle 10560 -prefsLen 27658 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8be477d0-8cd0-4983-a41c-44e5d57597ba} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 10004 211034d9858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.22.236749551\2100909049" -childID 19 -isForBrowser -prefsHandle 9780 -prefMapHandle 9764 -prefsLen 27658 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {16434be5-ee8e-474d-bf18-dbdd10bc8a43} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 9784 210fa83d358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.23.2070079827\1071213649" -childID 20 -isForBrowser -prefsHandle 10880 -prefMapHandle 10920 -prefsLen 27658 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {eff1aba1-e7aa-405e-af00-d99f5dd6b0d7} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 10740 210e3b2e158 tab
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\lol\lol.txt
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4596.24.1519482642\377856657" -childID 21 -isForBrowser -prefsHandle 10896 -prefMapHandle 6408 -prefsLen 27658 -prefMapSize 233583 -jsInitHandle 1376 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {71cf941e-e484-440d-9d6c-e966ea3315aa} 4596 "\\.\pipe\gecko-crash-server-pipe.4596" 9780 210fad54158 tab
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\lol\lol.txt
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | dox.io | udp |
| US | 104.16.157.237:80 | dox.io | tcp |
| US | 104.16.157.237:80 | dox.io | tcp |
| US | 104.16.157.237:443 | dox.io | tcp |
| US | 8.8.8.8:53 | x2.c.lencr.org | udp |
| US | 8.8.8.8:53 | 237.157.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| GB | 95.100.245.168:80 | x2.c.lencr.org | tcp |
| US | 8.8.8.8:53 | mega.nz | udp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| US | 8.8.8.8:53 | 5.145.216.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.147.200.23.in-addr.arpa | udp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| US | 8.8.8.8:53 | eu.static.mega.co.nz | udp |
| NL | 66.203.127.11:443 | eu.static.mega.co.nz | tcp |
| NL | 66.203.127.11:443 | eu.static.mega.co.nz | tcp |
| GB | 95.100.245.168:80 | x2.c.lencr.org | tcp |
| US | 8.8.8.8:53 | 11.127.203.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 23.48.165.17:443 | assets.msn.com | tcp |
| GB | 23.48.165.17:443 | assets.msn.com | tcp |
| GB | 23.48.165.17:443 | assets.msn.com | tcp |
| GB | 23.48.165.17:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.165.48.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 44.242.121.21:443 | shavar.services.mozilla.com | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | 166.188.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.121.242.44.in-addr.arpa | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 104.16.157.237:80 | dox.io | tcp |
| US | 104.16.157.237:80 | dox.io | tcp |
| US | 8.8.8.8:53 | dox.io | udp |
| US | 8.8.8.8:53 | dox.io | udp |
| US | 104.16.157.237:443 | dox.io | tcp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| US | 8.8.8.8:53 | mega.nz | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| NL | 66.203.127.11:443 | eu.static.mega.co.nz | tcp |
| NL | 66.203.127.11:443 | eu.static.mega.co.nz | tcp |
| US | 8.8.8.8:53 | eu.static.mega.co.nz | udp |
| US | 8.8.8.8:53 | eu.static.mega.co.nz | udp |
| US | 8.8.8.8:53 | g.api.mega.co.nz | udp |
| LU | 66.203.125.11:443 | g.api.mega.co.nz | tcp |
| LU | 66.203.125.11:443 | g.api.mega.co.nz | tcp |
| US | 8.8.8.8:53 | lu.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | lu.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | 11.125.203.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gfs270n082.userstorage.mega.co.nz | udp |
| US | 8.8.8.8:53 | gfs270n082.userstorage.mega.co.nz | udp |
| LU | 89.44.168.229:443 | gfs270n082.userstorage.mega.co.nz | tcp |
| US | 8.8.8.8:53 | gfs270n082.userstorage.mega.co.nz | udp |
| US | 8.8.8.8:53 | 229.168.44.89.in-addr.arpa | udp |
| N/A | 127.0.0.1:50013 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:6341 | tcp | |
| N/A | 127.0.0.1:6341 | tcp | |
| N/A | 127.0.0.1:6341 | tcp | |
| N/A | 127.0.0.1:6341 | tcp | |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 4.180.250.142.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | systeminformer.com | udp |
| US | 204.68.111.101:80 | systeminformer.com | tcp |
| US | 204.68.111.101:80 | systeminformer.com | tcp |
| US | 8.8.8.8:53 | systeminformer.com | udp |
| US | 8.8.8.8:53 | systeminformer.com | udp |
| US | 204.68.111.101:443 | systeminformer.com | tcp |
| US | 8.8.8.8:53 | 101.111.68.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 204.68.111.101:443 | systeminformer.com | tcp |
| US | 8.8.8.8:53 | d2zvcf2q9m0etg.cloudfront.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 204.68.111.101:443 | systeminformer.com | tcp |
| GB | 18.172.155.150:443 | d2zvcf2q9m0etg.cloudfront.net | tcp |
| GB | 18.172.155.150:443 | d2zvcf2q9m0etg.cloudfront.net | tcp |
| GB | 18.172.155.150:443 | d2zvcf2q9m0etg.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d2zvcf2q9m0etg.cloudfront.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | d2zvcf2q9m0etg.cloudfront.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| GB | 18.172.155.150:443 | d2zvcf2q9m0etg.cloudfront.net | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.155.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | sourceforge.net | udp |
| US | 104.18.37.111:443 | sourceforge.net | tcp |
| US | 8.8.8.8:53 | sourceforge.net | udp |
| US | 8.8.8.8:53 | sourceforge.net | udp |
| US | 104.18.37.111:443 | sourceforge.net | udp |
| US | 8.8.8.8:53 | 111.37.18.104.in-addr.arpa | udp |
| US | 104.18.37.111:443 | sourceforge.net | tcp |
| US | 104.18.37.111:443 | sourceforge.net | udp |
| US | 8.8.8.8:53 | a.fsdn.com | udp |
| US | 104.18.40.209:443 | a.fsdn.com | tcp |
| US | 104.18.40.209:443 | a.fsdn.com | tcp |
| US | 104.18.40.209:443 | a.fsdn.com | tcp |
| US | 8.8.8.8:53 | a.fsdn.com.cdn.cloudflare.net | udp |
| US | 104.18.40.209:443 | a.fsdn.com.cdn.cloudflare.net | tcp |
| US | 104.18.40.209:443 | a.fsdn.com.cdn.cloudflare.net | tcp |
| US | 104.18.40.209:443 | a.fsdn.com.cdn.cloudflare.net | tcp |
| US | 104.18.40.209:443 | a.fsdn.com.cdn.cloudflare.net | tcp |
| US | 104.18.40.209:443 | a.fsdn.com.cdn.cloudflare.net | tcp |
| US | 8.8.8.8:53 | a.fsdn.com.cdn.cloudflare.net | udp |
| US | 104.18.40.209:443 | a.fsdn.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | d.delivery.consentmanager.net | udp |
| US | 8.8.8.8:53 | cdn.consentmanager.net | udp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| US | 8.8.8.8:53 | d.delivery.consentmanager.net | udp |
| US | 8.8.8.8:53 | c.sf-syn.com | udp |
| GB | 195.181.164.15:443 | cdn.consentmanager.net | tcp |
| US | 8.8.8.8:53 | 1376624012.rsc.cdn77.org | udp |
| US | 8.8.8.8:53 | d.delivery.consentmanager.net | udp |
| US | 8.8.8.8:53 | 1376624012.rsc.cdn77.org | udp |
| US | 172.64.154.159:443 | c.sf-syn.com | tcp |
| US | 8.8.8.8:53 | c.sf-syn.com | udp |
| US | 8.8.8.8:53 | c.sf-syn.com | udp |
| US | 8.8.8.8:53 | 209.40.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.98.230.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.154.64.172.in-addr.arpa | udp |
| US | 172.64.154.159:443 | c.sf-syn.com | udp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | analytics.slashdotmedia.com | udp |
| US | 8.8.8.8:53 | j.6sc.co | udp |
| US | 8.8.8.8:53 | ml314.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 216.105.38.9:443 | analytics.slashdotmedia.com | tcp |
| US | 8.8.8.8:53 | analytics.slashdotmedia.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 2.16.167.139:443 | j.6sc.co | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | analytics.slashdotmedia.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ml314.com | udp |
| US | 8.8.8.8:53 | e212585.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | ml314.com | udp |
| US | 8.8.8.8:53 | e212585.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.167.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.38.105.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | b.6sc.co | udp |
| US | 8.8.8.8:53 | c.6sc.co | udp |
| US | 8.8.8.8:53 | ipv6.6sc.co | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| GB | 2.16.167.82:443 | ipv6.6sc.co | tcp |
| GB | 2.16.167.82:443 | ipv6.6sc.co | tcp |
| GB | 2.16.167.139:443 | ipv6.6sc.co | tcp |
| GB | 2.16.167.82:443 | ipv6.6sc.co | tcp |
| US | 8.8.8.8:53 | e212585.dscb.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e212585.dscb.akamaiedge.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 34.117.77.79:443 | ml314.com | tcp |
| US | 34.117.77.79:443 | ml314.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.167.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.77.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| IE | 54.155.49.201:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| IE | 54.154.176.81:443 | sync.crwdcntrl.net | tcp |
| DE | 52.57.150.20:443 | ps.eyeota.net | tcp |
| US | 8.8.8.8:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 8.8.8.8:53 | 3d4d9aeeb8ae6ac64e534f61cd204e01.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| GB | 142.250.180.1:443 | pagead-googlehosted.l.google.com | tcp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| GB | 142.250.180.1:443 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.49.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.176.154.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.150.57.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| GB | 216.58.201.97:443 | cdn-content.ampproject.org | tcp |
| GB | 216.58.201.97:443 | cdn-content.ampproject.org | tcp |
| GB | 216.58.201.97:443 | cdn-content.ampproject.org | tcp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |
| GB | 216.58.201.97:443 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e212585.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e212585.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 18.173.189.20.in-addr.arpa | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.180.1:443 | pagead-googlehosted.l.google.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.201.97:443 | cdn-content.ampproject.org | udp |
| US | 104.18.37.111:443 | sourceforge.net | udp |
| US | 104.18.40.209:443 | a.fsdn.com.cdn.cloudflare.net | udp |
| US | 104.18.40.209:443 | a.fsdn.com.cdn.cloudflare.net | udp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| US | 8.8.8.8:53 | cdn.consentmanager.net | udp |
| US | 8.8.8.8:53 | 1376624012.rsc.cdn77.org | udp |
| US | 8.8.8.8:53 | 1376624012.rsc.cdn77.org | udp |
| US | 172.64.154.159:443 | c.sf-syn.com | udp |
| US | 216.105.38.9:443 | analytics.slashdotmedia.com | tcp |
| US | 8.8.8.8:53 | j.6sc.co | udp |
| US | 8.8.8.8:53 | e212585.b.akamaiedge.net | udp |
| US | 216.105.38.9:443 | analytics.slashdotmedia.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | e212585.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | b.6sc.co | udp |
| US | 8.8.8.8:53 | c.6sc.co | udp |
| US | 8.8.8.8:53 | ipv6.6sc.co | udp |
| US | 8.8.8.8:53 | e212585.dscb.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e212585.dscb.akamaiedge.net | udp |
| US | 8.8.8.8:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| DE | 52.57.150.20:443 | ps.eyeota.net | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | 548b9aedc3180be7d8338486cc648107.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| GB | 142.250.180.1:443 | 548b9aedc3180be7d8338486cc648107.safeframe.googlesyndication.com | tcp |
| GB | 142.250.180.1:443 | 548b9aedc3180be7d8338486cc648107.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | downloads.sourceforge.net | udp |
| US | 204.68.111.105:443 | downloads.sourceforge.net | tcp |
| US | 8.8.8.8:53 | downloads.sourceforge.net | udp |
| US | 8.8.8.8:53 | downloads.sourceforge.net | udp |
| US | 8.8.8.8:53 | 105.111.68.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | deac-riga.dl.sourceforge.net | udp |
| US | 8.8.8.8:53 | deac-riga.dl.sourceforge.net | udp |
| LV | 89.111.52.100:443 | deac-riga.dl.sourceforge.net | tcp |
| US | 8.8.8.8:53 | deac-riga.dl.sourceforge.net | udp |
| US | 8.8.8.8:53 | 100.52.111.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.6sc.co | udp |
| US | 8.8.8.8:53 | e212585.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e212585.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 8.8.8.8:53 | systeminformer.sourceforge.io | udp |
| US | 104.18.37.173:443 | systeminformer.sourceforge.io | tcp |
| US | 8.8.8.8:53 | 173.37.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gstatic.com | udp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| NL | 52.142.223.178:80 | tcp | |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| GB | 142.250.200.3:443 | gstatic.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:51236 | tcp | |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | codeshare.io | udp |
| US | 172.67.206.89:80 | codeshare.io | tcp |
| US | 172.67.206.89:80 | codeshare.io | tcp |
| US | 8.8.8.8:53 | codeshare.io | udp |
| US | 8.8.8.8:53 | codeshare.io | udp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 172.67.206.89:443 | codeshare.io | udp |
| US | 8.8.8.8:53 | 89.206.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | 57.110.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | widget.intercom.io | udp |
| GB | 18.244.114.10:443 | widget.intercom.io | tcp |
| US | 8.8.8.8:53 | widget.intercom.io | udp |
| US | 8.8.8.8:53 | widget.intercom.io | udp |
| US | 8.8.8.8:53 | 10.114.244.18.in-addr.arpa | udp |
| GB | 18.154.84.124:443 | cdn.amplitude.com | tcp |
| GB | 18.244.114.10:443 | widget.intercom.io | udp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 8.8.8.8:53 | 124.84.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.intercomcdn.com | udp |
| GB | 18.165.227.95:443 | js.intercomcdn.com | tcp |
| GB | 18.165.227.95:443 | js.intercomcdn.com | tcp |
| US | 8.8.8.8:53 | js.intercomcdn.com | udp |
| US | 8.8.8.8:53 | js.intercomcdn.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| GB | 18.165.227.95:443 | js.intercomcdn.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | 95.227.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 151.101.64.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | stripecdn.map.fastly.net | udp |
| US | 8.8.8.8:53 | stripecdn.map.fastly.net | udp |
| US | 8.8.8.8:53 | 176.64.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 151.101.0.176:443 | m.stripe.network | tcp |
| US | 8.8.8.8:53 | 176.0.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 52.27.171.251:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 8.8.8.8:53 | 251.171.27.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:51249 | tcp | |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| N/A | 127.0.0.1:51398 | tcp | |
| N/A | 127.0.0.1:51403 | tcp | |
| US | 8.8.8.8:53 | 26.211.222.173.in-addr.arpa | udp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 8.8.8.8:53 | 11.211.222.173.in-addr.arpa | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | gofile.io | udp |
| FR | 151.80.29.83:80 | gofile.io | tcp |
| FR | 151.80.29.83:80 | gofile.io | tcp |
| US | 8.8.8.8:53 | gofile.io | udp |
| US | 8.8.8.8:53 | gofile.io | udp |
| FR | 151.80.29.83:443 | gofile.io | tcp |
| US | 8.8.8.8:53 | 83.29.80.151.in-addr.arpa | udp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | ufile.io | udp |
| US | 104.27.206.87:80 | ufile.io | tcp |
| US | 104.27.206.87:80 | ufile.io | tcp |
| US | 8.8.8.8:53 | ufile.io | udp |
| US | 8.8.8.8:53 | ufile.io | udp |
| US | 104.27.206.87:443 | ufile.io | tcp |
| US | 8.8.8.8:53 | 87.206.27.104.in-addr.arpa | udp |
| US | 104.27.206.87:443 | ufile.io | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | client.crisp.chat | udp |
| US | 104.18.28.104:443 | client.crisp.chat | tcp |
| US | 8.8.8.8:53 | client.crisp.chat | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | client.crisp.chat | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 104.16.80.73:443 | cloudflareinsights.com | tcp |
| US | 104.16.80.73:443 | cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | cloudflareinsights.com | udp |
| US | 104.18.28.104:443 | client.crisp.chat | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | cloudflareinsights.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 104.28.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store-eu-hz-3.ufile.io | udp |
| US | 8.8.8.8:53 | store-eu-hz-3.ufile.io | udp |
| DE | 176.9.98.14:443 | store-eu-hz-3.ufile.io | tcp |
| US | 8.8.8.8:53 | store-eu-hz-3.ufile.io | udp |
| US | 8.8.8.8:53 | 14.98.9.176.in-addr.arpa | udp |
| DE | 176.9.98.14:443 | store-eu-hz-3.ufile.io | tcp |
| US | 8.8.8.8:53 | dox.io | udp |
| US | 8.8.8.8:53 | dox.io | udp |
| US | 104.16.157.237:80 | dox.io | tcp |
| US | 104.16.157.237:80 | dox.io | tcp |
| US | 8.8.8.8:53 | dox.io | udp |
| US | 104.16.157.237:443 | dox.io | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | kit.fontawesome.com | udp |
| US | 104.16.80.73:443 | cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.18.40.68:443 | kit.fontawesome.com | tcp |
| US | 8.8.8.8:53 | kit.fontawesome.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | udp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com | tcp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com | tcp |
| US | 8.8.8.8:53 | ka-f.fontawesome.com.cdn.cloudflare.net | udp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com.cdn.cloudflare.net | tcp |
| US | 8.8.8.8:53 | ka-f.fontawesome.com.cdn.cloudflare.net | udp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.40.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.26.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | workers.cloudflare.com | udp |
| US | 104.16.196.131:443 | workers.cloudflare.com | tcp |
| US | 8.8.8.8:53 | workers.cloudflare.com | udp |
| US | 8.8.8.8:53 | workers.cloudflare.com | udp |
| US | 8.8.8.8:53 | 131.196.16.104.in-addr.arpa | udp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.244.181.201:443 | prod.balrog.prod.cloudops.mozgcp.net | tcp |
| US | 35.244.181.201:443 | prod.balrog.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 88.221.134.155:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| GB | 142.250.200.14:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.200.14:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r2---sn-aigzrnse.gvt1.com | udp |
| GB | 74.125.168.199:443 | r2---sn-aigzrnse.gvt1.com | tcp |
| US | 8.8.8.8:53 | r2.sn-aigzrnse.gvt1.com | udp |
| US | 8.8.8.8:53 | r2.sn-aigzrnse.gvt1.com | udp |
| GB | 74.125.168.199:443 | r2.sn-aigzrnse.gvt1.com | udp |
| US | 8.8.8.8:53 | 155.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.168.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | udrop.com | udp |
| US | 65.103.40.169:80 | udrop.com | tcp |
| US | 8.8.8.8:53 | udrop.com | udp |
| US | 65.103.40.169:80 | udrop.com | tcp |
| US | 8.8.8.8:53 | udrop.com | udp |
| US | 65.103.40.169:443 | udrop.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 104.16.157.237:443 | dox.io | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | 169.40.103.65.in-addr.arpa | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.40.68:443 | kit.fontawesome.com.cdn.cloudflare.net | tcp |
| US | 104.16.80.73:443 | cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | www.udrop.com | udp |
| US | 65.103.40.169:443 | www.udrop.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | udp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com.cdn.cloudflare.net | tcp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com.cdn.cloudflare.net | tcp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com.cdn.cloudflare.net | tcp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com.cdn.cloudflare.net | udp |
| US | 65.103.40.169:443 | www.udrop.com | udp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 172.67.206.89:443 | codeshare.io | udp |
| US | 8.8.8.8:53 | codeshare.io | udp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 8.8.8.8:53 | codeshare.io | udp |
| US | 8.8.8.8:53 | codeshare.io | udp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 172.67.206.89:443 | codeshare.io | udp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 8.8.8.8:53 | widget.intercom.io | udp |
| GB | 18.244.114.87:443 | widget.intercom.io | tcp |
| US | 8.8.8.8:53 | widget.intercom.io | udp |
| US | 8.8.8.8:53 | widget.intercom.io | udp |
| GB | 18.244.114.87:443 | widget.intercom.io | udp |
| US | 8.8.8.8:53 | js.intercomcdn.com | udp |
| GB | 18.165.227.11:443 | js.intercomcdn.com | tcp |
| GB | 18.165.227.11:443 | js.intercomcdn.com | tcp |
| US | 8.8.8.8:53 | js.intercomcdn.com | udp |
| US | 8.8.8.8:53 | js.intercomcdn.com | udp |
| GB | 18.165.227.11:443 | js.intercomcdn.com | udp |
| US | 8.8.8.8:53 | 87.114.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api-iam.intercom.io | udp |
| US | 8.8.8.8:53 | api-iam.intercom.io | udp |
| US | 3.217.26.44:443 | api-iam.intercom.io | tcp |
| US | 8.8.8.8:53 | api-iam.intercom.io | udp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 8.8.8.8:53 | nexus-websocket-a.intercom.io | udp |
| US | 8.8.8.8:53 | nexus-websocket-a.intercom.io | udp |
| US | 35.174.127.31:443 | nexus-websocket-a.intercom.io | tcp |
| US | 8.8.8.8:53 | nexus-websocket-a.intercom.io | udp |
| US | 8.8.8.8:53 | 44.26.217.3.in-addr.arpa | udp |
| US | 172.67.206.89:443 | codeshare.io | tcp |
| US | 8.8.8.8:53 | 31.127.174.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | anotepad.com | udp |
| US | 216.22.3.241:80 | anotepad.com | tcp |
| US | 216.22.3.241:80 | anotepad.com | tcp |
| US | 8.8.8.8:53 | anotepad.com | udp |
| US | 8.8.8.8:53 | anotepad.com | udp |
| US | 216.22.3.241:80 | anotepad.com | tcp |
| US | 216.22.3.241:80 | anotepad.com | tcp |
| US | 216.22.3.241:80 | anotepad.com | tcp |
| US | 216.22.3.241:80 | anotepad.com | tcp |
| US | 8.8.8.8:53 | notepad.link | udp |
| US | 104.21.47.32:80 | notepad.link | tcp |
| US | 8.8.8.8:53 | notepad.link | udp |
| US | 104.21.47.32:80 | notepad.link | tcp |
| US | 8.8.8.8:53 | notepad.link | udp |
| US | 104.21.47.32:443 | notepad.link | tcp |
| US | 8.8.8.8:53 | 32.47.21.104.in-addr.arpa | udp |
| US | 104.21.47.32:443 | notepad.link | udp |
| US | 8.8.8.8:53 | cdn.quilljs.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | s.nitropay.com | udp |
| US | 172.66.40.163:443 | cdn.quilljs.com | tcp |
| US | 8.8.8.8:53 | cdn.quilljs.com | udp |
| US | 172.66.40.163:443 | cdn.quilljs.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.3.78:443 | s.nitropay.com | tcp |
| US | 8.8.8.8:53 | s.nitropay.com | udp |
| US | 8.8.8.8:53 | cdn.quilljs.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | s.nitropay.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.18.3.78:443 | s.nitropay.com | udp |
| US | 8.8.8.8:53 | 78.3.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.40.66.172.in-addr.arpa | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | wrappers.geoedge.be | udp |
| US | 8.8.8.8:53 | rumcdn.geoedge.be | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| GB | 18.165.227.13:443 | wrappers.geoedge.be | tcp |
| US | 8.8.8.8:53 | d34psiby7ky5o6.cloudfront.net | udp |
| GB | 108.156.39.120:443 | rumcdn.geoedge.be | tcp |
| US | 8.8.8.8:53 | d1bqktvj79b0wh.cloudfront.net | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | d34psiby7ky5o6.cloudfront.net | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | d1bqktvj79b0wh.cloudfront.net | udp |
| US | 8.8.8.8:53 | consent.nitrocnct.com | udp |
| US | 172.67.193.156:443 | consent.nitrocnct.com | tcp |
| US | 8.8.8.8:53 | consent.nitrocnct.com | udp |
| US | 8.8.8.8:53 | consent.nitrocnct.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 172.67.193.156:443 | consent.nitrocnct.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 13.227.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.193.67.172.in-addr.arpa | udp |
| US | 104.21.47.32:443 | notepad.link | udp |
| US | 104.21.47.32:443 | notepad.link | udp |
Files
memory/312-0-0x000002AA67920000-0x000002AA67930000-memory.dmp
memory/312-16-0x000002AA67A20000-0x000002AA67A30000-memory.dmp
memory/312-35-0x000002AA66BF0000-0x000002AA66BF2000-memory.dmp
memory/4900-43-0x0000015EBAA40000-0x0000015EBAB40000-memory.dmp
memory/4900-44-0x0000015EBAA40000-0x0000015EBAB40000-memory.dmp
memory/4720-64-0x0000021403700000-0x0000021403800000-memory.dmp
memory/4720-77-0x0000021413D60000-0x0000021413D62000-memory.dmp
memory/4720-80-0x0000021413D80000-0x0000021413D82000-memory.dmp
memory/4720-75-0x0000021413D40000-0x0000021413D42000-memory.dmp
memory/312-104-0x000002AA6E170000-0x000002AA6E171000-memory.dmp
memory/312-105-0x000002AA6E180000-0x000002AA6E181000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\ATXXLKKH\favicon[1].ico
| MD5 | 72f13fa5f987ea923a68a818d38fb540 |
| SHA1 | f014620d35787fcfdef193c20bb383f5655b9e1e |
| SHA256 | 37127c1a29c164cdaa75ec72ae685094c2468fe0577f743cb1f307d23dd35ec1 |
| SHA512 | b66af0b6b95560c20584ed033547235d5188981a092131a7c1749926ba1ac208266193bd7fa8a3403a39eee23fcdd53580e9533803d7f52df5fb01d508e292b3 |
memory/4720-129-0x0000021413B10000-0x0000021413B12000-memory.dmp
memory/4720-135-0x00000214143E0000-0x00000214143E2000-memory.dmp
memory/4720-133-0x0000021413FE0000-0x0000021413FE2000-memory.dmp
memory/4720-131-0x0000021413FC0000-0x0000021413FC2000-memory.dmp
memory/4720-127-0x0000021413AD0000-0x0000021413AD2000-memory.dmp
memory/4720-149-0x0000021415BF0000-0x0000021415CF0000-memory.dmp
memory/4720-153-0x0000021415900000-0x0000021415A00000-memory.dmp
memory/4720-148-0x0000021415BF0000-0x0000021415CF0000-memory.dmp
memory/4720-154-0x0000021414AF0000-0x0000021414AF2000-memory.dmp
memory/4720-156-0x0000021414EE0000-0x0000021414EE2000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| MD5 | 1bfe591a4fe3d91b03cdf26eaacd8f89 |
| SHA1 | 719c37c320f518ac168c86723724891950911cea |
| SHA256 | 9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8 |
| SHA512 | 02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db |
memory/4720-169-0x00000214157F0000-0x00000214157F2000-memory.dmp
memory/4720-171-0x0000021415F00000-0x0000021415F02000-memory.dmp
memory/4720-173-0x0000021414D10000-0x0000021414D12000-memory.dmp
memory/4720-177-0x0000021413F20000-0x0000021413F22000-memory.dmp
memory/4720-175-0x0000021413F10000-0x0000021413F12000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DFB5F5FF3010802F95.TMP
| MD5 | 41114fd73e43d8a88373faccd9820e09 |
| SHA1 | ee0e1b73e398eec3f2c1000f6c73eddc7313cad5 |
| SHA256 | 31ca402e90bdd2263ea6bb8b22c8c01baaceb7d73ffae5dd74a58bce4f1b2805 |
| SHA512 | a28dfbe91ffee04559d8b3336cde667a1acf22b00e0109549151de87890a9de3cb110d4c682fc303b7f76352f11b22cbe3252cdc7236c9be258b57a66eb47413 |
memory/312-203-0x000002AA66BE0000-0x000002AA66BE1000-memory.dmp
memory/312-199-0x000002AA6BBD0000-0x000002AA6BBD1000-memory.dmp
memory/312-196-0x000002AA6BD10000-0x000002AA6BD12000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\6c7d37d0-a2ac-44fe-9eb0-3ec9cdc40616
| MD5 | 7ef5f8e5f0a6499ebd9356db1fb34e27 |
| SHA1 | 44f76699e5ad522a9a5033e4bea916ced22672bd |
| SHA256 | 9c2ed2f8ceb6a06e3ff6c862fe99a0ddf8dd5c7514051ab9743d714e72f327d4 |
| SHA512 | a52928a6e6ba8896ce602aa49c2758844e7b4d18ce33a744be634033bd9b721c101359ee29c35f77386bfd1d43245c8498842f667baf9067a5ba6381431ab1de |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\c8689a0e-5200-482b-9ab4-abf3e38e2f37
| MD5 | f8d50c699deb300898af0ff85b115a71 |
| SHA1 | 778774519468e786b107e8f9b91066cd2caad595 |
| SHA256 | 37599b4f76962eaf7280fe8ee518149e402a386e39ed3ce0a262a7ea4a0862e8 |
| SHA512 | 3979d86b51daf79eab574b9b2d514cc629a3b8ddb462d2f9961e4ccae98f0e42b293533800d1f575bf9968ce52fb9252e1d1245425c9359032ffb3a220abf818 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\db\data.safe.bin
| MD5 | cb08db3275f51a65b6371486666a1ca6 |
| SHA1 | 5a9bbbc1cd177280f7586629726196c829e76cc9 |
| SHA256 | 9df2c3dc9306606d0fcabdb8bce99a327c4d121a60205bc0891966c83987ce3b |
| SHA512 | 48614d0e31cfc830c948e0a023295e239e9792c58d1d8a3a5c809c9da847fad8c8a88ce1e7ed651d68bcfe137d57109a0bb275f085221d5365175a6a3ae7c226 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs.js
| MD5 | e1a7b41e3fc08d4ab7ef58c08be75cd4 |
| SHA1 | 68d28c5bbf320d334110045dedfd6f2c7e026a23 |
| SHA256 | fd4b5fa6e4c989e05966152e0aaae68716fb91cbb1154514b71940961d5a666c |
| SHA512 | a179a5dea3272d96a9aa4b4cd098d3d5db6abb088b9a53863e84ed1d2ff63b986f466dadd2f209d5f4aaca35352b3d6596880ef34113ff773320da7c4528013f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
| MD5 | b86fdaee57be95552e2ee9bab125f932 |
| SHA1 | eb954bafe5195fd60806d831673765ec7f861f32 |
| SHA256 | 795f63c54aa7a2c2ec1fca53a445d7939d12e3c9eca5a40e8316a702c389084f |
| SHA512 | df2435c0c459296d2128192bb57d57f082128144067d782fdb73d44511e88279bb8b3e55aa479526d97b91f72183990a08c4e5a6206b37184181767660073737 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 0d0013d9708d9fef539adc917f5b87f6 |
| SHA1 | 5e071e6b4d8abf007c8bb78ee948caf5bb0439e1 |
| SHA256 | f416d29cdbaa66b7d04483831d2a593a735316fafb643414a12df78da0ab054b |
| SHA512 | 851e9965a0fed9e0f5195ce655635cf13687d18678e4a9df807ab22cbc53c02cd2006fd65d93cd80b2a06d709e59122ea9933ba5cec551c6d51f5e9b4c175388 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
| MD5 | 1b7ff0d2c5c16e5a45bf19eccd792f9c |
| SHA1 | 33ea2f48627425b03b41131c058adb8c326f27ce |
| SHA256 | 61e1d3fb0f9e23e62186fd5245b35987078f97331ad70d074bc264f3f7c65251 |
| SHA512 | 8bf655447732f40fb88e1aeb78b3107f65f304a0d6cf844dcf40215e2948e57a60ed4b248069588817dc2585c5afdb24a3beea8b2afaf66a29ed50a76ff183a3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 1d1c39fd31e88c65787f27909309e1f3 |
| SHA1 | b01cbd81e010e6b495ac822ac8ea350e5b0454e3 |
| SHA256 | 43e104453f12d5f0abea3d36dbf6455d51204e7950831eb970c48592a6c5a58b |
| SHA512 | a21f665c08a934c7fa14c0fc4688a28aeb3664c1922badbb57cb37c52776343e09f2691c1d5672f60554e6db6ef156fbd8d34dd5c632eb9f5de1d0c2a8fce71a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\default\https+++mega.nz\cache\morgue\57\{fb5383ac-89d9-45b3-b670-339ffbb7c639}.final
| MD5 | 3efa9abd92666265dd81c4f4311a96f9 |
| SHA1 | 41b6b716d67b93555e444cd453f3c6e3f8c9522c |
| SHA256 | 5066b1841e8877db31312ef3af86f9bc9234c95071119e025764f45241a4e2e7 |
| SHA512 | 5961950f077501608a0f2975e7f69c483eeacc4eec4ac77fd650cc1131609501f87819f93ed23aa508a90426156abf038a859fac4112d2d4435bbb634027cd6c |
C:\Users\Admin\Downloads\3gH7gsER.rar.part
| MD5 | 42e75638d3969c9d1e6b1fe5bae02ee0 |
| SHA1 | f3d2982ff4a3d9335de4586f9ae6a65e09e4ed98 |
| SHA256 | 7ec52c05c086799ea24514fbe6e3ef6c35e65e66cf4a03a890447f32219c58c3 |
| SHA512 | 493455b36eea7b354bb658a706fbb7c5d529a01a9d8847b79b7779b5598cd89ceca4d0c2b4e3b8fb71d2da92feefbbfabff04bb7858a9235780df27a8e9ffb5f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\16325
| MD5 | a879227a5aaa7f949393e8f2ce033a66 |
| SHA1 | 731357c91f2f0c97b692d4c22cd8d870859c2720 |
| SHA256 | 45166bd4bd79c7a736b4607557da577d9b0e0caac1a8960dd0687e998dcdb5bd |
| SHA512 | 130b2f64067ddfbaba6d3bd14ddeee2b4f62568c80c2a89adb67cc2e7271a12de7edfd5d52c2018fb8a8c4aafd7f7b0c44657acb4b83ae0e73f589b8ff10fc68 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | d4df69111e687ca6886771705601c4b2 |
| SHA1 | a6aca6e32865a3cedd22a0d5c040761587b66efe |
| SHA256 | 854371bc651a537d60c3a3c817aae7600715cb2e99720e27efe87385f8be9d4c |
| SHA512 | 0676d2e4cd1f67f8d9b8bc7eacac5a16c6be0db6375f8d40d045224a661e8f673354a683adee5c1543898758cad0a8fa02f713d624e8837fb9d9e4f7a9cf56b8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\default\https+++mega.nz\idb\3713173747_s_edmban.sqlite
| MD5 | 7164a153fa618a0db5533d45c2b1dff4 |
| SHA1 | 858765974f895844df8d7af8fccb8da13801f96c |
| SHA256 | 5389ceab38b506c6de00b5feb51242c13b5ea2c88a3cd44192c160b87e265485 |
| SHA512 | 5b87b4e1a29bcc0bfcafd8437e32a3d36f6c700ba6f566d7bbbaf1dac21b58f40de1e7c9a9aa4c1d7b8426f70cc211ef33e125c3bf9e29f1a295eb8d05d98adf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
| MD5 | 0ff3ebeb74a8ddbcc320b9e208681325 |
| SHA1 | 5b0d065537892ee644c5fa35617b2dd14a78b808 |
| SHA256 | d4e1e9caafc81a6f1121dae0d3a396c52c3b52e0bd2e5fc7a9afec3c6285dd33 |
| SHA512 | 66ae9358243ef97124ea60c3a0f432efededbdf13ed25eec3a793fb60d05d5c7c2874e6e36605fda3aa781accd8067036d9e9ebc2fae54906c9f565ebf272725 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 66b4d6881c27464ac38c686480edf5d9 |
| SHA1 | b9d90307990593473950d054f869f0835f0169fe |
| SHA256 | cfe3c48cafb0500d909bf961d8ecc51c80377338a796e1c26b153a41e341976c |
| SHA512 | 4ba9ba9326c242c33ea23ed53b57fae86037195d7c199e285cea1c3d86583815989bdbb9e1f96c8c4ceae4f8da7c02f1ec6861177c43780b580a5ae68133a42e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 7c5b9de05b0770c872bab5162b10d156 |
| SHA1 | b18681ab4c5fa637b674a218df8989cafd0717d9 |
| SHA256 | d76ada8afc2af3a0d0bf506f749487ea32263af4b09ab3f86679915f2fba232c |
| SHA512 | 89a562f98c76a229d51f84a2526275f2b473f98289a26ed1f3d01310526c97cf8903c75522d1821e1765223d7f1c8e9fb130d28b6172388503ee51392f1ab0ab |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\thumbnails\8d600d380d44463983af74a8dd81f611.png
| MD5 | fb0c9f6ff59988e8eeb690651769e58a |
| SHA1 | c121e70f8904be81fd43ceef345b44edcad7970e |
| SHA256 | 600b6716bde73e9398a3a977b1ec223fe87a3fc1f58451318bf80def38318e0d |
| SHA512 | 068e7b1e9210705666bcd5c9d653dcccb013f76f1d5fe7102228208b803f7313e4863ef77c45d827ac182d4b37656bcab63eae868ff6b9f769bdbc5239285e53 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 358bbc3429e1bd3b04b1d75b7ad3489c |
| SHA1 | 319400789b905db0a3a75bec9c160648614af601 |
| SHA256 | ffa6e187beb3e2c71b09f8c824cfe9ba1c222aef9dafc8d514ff1411c81015b8 |
| SHA512 | b24d983f7e00aa7e5bfd1d510e964c68a6a4b43eefca54bc0d56f65aef2fd8845f875533487b8dcd5f95d928ca89283dde96a133124e7032c234006c2fed8d06 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 7bee63a5ec882983a2db1d969a293228 |
| SHA1 | 3a4b60d691539db59d306c9829c03ebdbe59e80a |
| SHA256 | e6f16a474ef94e6075c213cbd7b20bbe2cdf66283bfdeedad810ac702d8112f1 |
| SHA512 | 93f907b054be89b66132612def4d0c2e60a736158af8ca1dbe1ece014534cecfd827f1ac3bf4c6c744f050920945da698e32532389002d976efd598980129dd0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 354c0d66e495de5eeffac3b75e1cf444 |
| SHA1 | a407258e57f7e64ad7478195b81ead95c2cdb5c7 |
| SHA256 | b6c4a597fe6bcd60bb4f0423b44261618375c72fb7ec2014c006a7b2af9519e4 |
| SHA512 | 37007247d870c95ca751260ab3ec3e25c573dc75f03fd40a2eb2f509eeab1f038d5ea3acea659248eb0a56d5c2bc59befb41d2d2958b7196c12238ded94a8b71 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\39327C7658BB144319B9CB7E37D85AA1B94C90B7
| MD5 | d10637d8b3ffe3ae313b4ed0d81b368f |
| SHA1 | 6a4d5864e3c4192130411cb673c6f9767454f123 |
| SHA256 | faade035c5e50ee1d30e313821e8c7bd3ed8739c466756dc2a35cb3e43718ae8 |
| SHA512 | 07340f59126dfd909427f129e97bd3f27e8f7681cab5caed3d424a78e8ada8835c8d3de66b11cdc15e0c69537471e5f04320bc57a8c8fb3500d4363661fbb9c5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\11437
| MD5 | 80f0c9d82c59ae4d694d2fa8f5d26d15 |
| SHA1 | f234c732dae926d88a27e124aad2d311b7366f8c |
| SHA256 | 1923e61d98a349e31ac40b933ac27086836d6efce31b6fd12f9a6f84fd4b2bb4 |
| SHA512 | 9cc72e406aeaec66682e906c47331385ffb694127959213cfb0c2c959e23b2559897a1e6a99054293ddb74dc3914ad285d26aacc32eaf308d83b32d869400190 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\32725
| MD5 | b574b457f90698b0d5439ddb981dd3b4 |
| SHA1 | dc948f53087268f2b920ed305af7d0c143026f88 |
| SHA256 | 994d9af8604a8f905e51bba01dce8e97e0b22cf867cb4725d8056ed69714f457 |
| SHA512 | dfbe302c84527173a1e2f9b2dd02f5d4f9b278596b17e78db6e75ebdb4123c6c7f9fad81f3da0b374e073a40679ba2f9351af5919ff05fe393cde90dfd0bf373 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\17267
| MD5 | fd3ec7828f44342f2df1c4f0804f324c |
| SHA1 | 876debffc04c062809a7f94db3a89ac09397dcc4 |
| SHA256 | f240bc5b3c6fcd1ec72a5164eb20e8a5e3134737916c2dd83f01851a197abec6 |
| SHA512 | 20466aae12008e1408fc38d12819013eeb73b9d80dc452d61c3efb58470277c6268c3e0d6d4a1b3be645b55970224b3e0a734ba4e973e7a656a686d385c26477 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\10736
| MD5 | dbaf709281987e8a13d6d4d26beca107 |
| SHA1 | e0381996c228ab36d2b1eef76f3caaa0df952ad9 |
| SHA256 | 1862d20049d0ce27b3a8c92492ba364f89c2778ce60fffd06ddc797f8d17ae3c |
| SHA512 | 970435dc0b4bfac6442f6ad46060e81d95f959c19f2e17b54db68bcc0828e1beb43a543f553ed265eeb910e3cade1b54cb0313af83effdc8e7a25abaa46ad1ef |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\13553
| MD5 | 56447f5539081848b800c3698a963db2 |
| SHA1 | 0906b5a90de6506c93eba6125b124786753c0382 |
| SHA256 | 534cbbc843bf9d4ddcf75894695ea91c232c49250d0290dd6412c4f2be91dfef |
| SHA512 | a5224a033ef62b1642c4c99abf0cc262276aa1cc56f403bfcfe4263264778891daefc5fb58d8a187eae665d84d96f71b6d76d67b855cabbba8727934b0244d6f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\738
| MD5 | b29efc3bb93a3efdb7d3d6f86145989b |
| SHA1 | 49c278c9a3d057c955b0e9596023f8ae37fa14f0 |
| SHA256 | a3cea37185b1c33bbb547e0f1542441323d494e24301f12af8af7cd21bbb5140 |
| SHA512 | d4f6925c099c15231fd58730457847bf40a2f36585ba1f131faad9ffbbd8fccb4b071cd7df79e30bf843db1740cef645cc313ab660b1f8fdb84dd87cd1e2d7da |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\7157
| MD5 | 37af385a40aa977922f2cbf3eb9896d3 |
| SHA1 | 44c1c18e7f823ac993128199ec60d4fd0feceb51 |
| SHA256 | 33f6ce1aa65af956f1a602a1296847e387c1cb55cb9c731d37bf18d2fd956c57 |
| SHA512 | 0a080beb4d2163c3e659e1f949af8bc056ced6e7ffb4f45275844674e2d61e85be424a0dc7c07e5f5d737a1ce3f520f39dce0faffcc162305d1305d6d942383e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\9974
| MD5 | a6f51f56ab9725b20a6f23efbd51e12f |
| SHA1 | 3ca4dd113e8052908a42143820ff95c099b84905 |
| SHA256 | 508e32053a9006334f4cfecd2f353114282e5b2bdfe729ef293b8f6897fa3d39 |
| SHA512 | c6cc98f6e344412a817b18919d725e8eade3713da45eb764ef947e6d0e9830baeb664662970ffb5b77595132a4db212672584ef01614ae9774d2fab9a85b6036 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\25404
| MD5 | a1e0e2811bb98a77211276ee407343db |
| SHA1 | 6b42749bc5d7f0ecb3d0c760b916e56d09b83501 |
| SHA256 | b44c6ce90d0acb6afc1f0057a7b85efe171c103e05af44269b16a89e0630b345 |
| SHA512 | 42310933e8659ae8d7e4c2f2306becfc9b1e78d514535fdb1e0d2a056ac532344e79995ab0623ac3a4c74a187542b6532a441a901d127178900c5019ac20409c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\13924
| MD5 | 601c5527f8274da745e5d7bb61f10970 |
| SHA1 | 0d77bf63c94d578c515fd384570d8bc49544e0eb |
| SHA256 | be55946d13bc859efc4aa02d879619c500952d07bbca7e5ed4cfb975fe40b0bc |
| SHA512 | 783eeda8d2ccba1ccb05b718b1a12492fb8d44e9a233023e3a1d959c7abef0c55c3bbe5469e49caba6c791e19ce6d9dee73f47880e2cfbf2f7f1443bd5330740 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\17998
| MD5 | 148b1fb2c0a5f2596c82ed43a9419527 |
| SHA1 | fbd1ef9624473a482255f05f6b145520299e2f13 |
| SHA256 | 30f63c4aedafa7f9cacc05eaea4f1f1839d4c76552389cfe146896d31d0528a5 |
| SHA512 | d854efb1aa1ddfc3924519fc6c8e3fe80097e770ebea6372f1747d72ed52706698d7ff7cfcd32b337c2cceb4cc29ff76f3fa1fb5213f961ddfa1e2c526c29ab2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\17213
| MD5 | bbc5c59964cb440b44c63cda3e61f5a3 |
| SHA1 | 09fcf955cc2085aa77f3f1274629ec67b21d2533 |
| SHA256 | a1656250b2c1aca85e0dd5fc20cba64d73afddc11d4e3d85cec1ff357cc9b798 |
| SHA512 | ada7dfd2ef7b05c472a31f412fdeabd5ae4cc60dbb123e4dc505f0f8c3dd61d0a4141a105598e35095f9cf1505ba0086c316df66c1a90b4bd151b0d74c033add |
C:\Users\Admin\Downloads\systeminformer-3.Oq24HQGe.0.7660-release-setup.exe.part
| MD5 | e67cd84a09b80fb953c88e90b5710fb0 |
| SHA1 | 81fecc6cbbd15d4ee251a27270ae2630c0e0ee90 |
| SHA256 | 11142bd714571661b9d1428c8025fb6af24a0d80d0bb582c411a36b34c109bf1 |
| SHA512 | eac702d22ef79f3ea83786cb2aeecad475f2a299cd10c073ef9102d92999275f5325cf5a6fc977855cf6e53ddb33f5edf7ca14930fa817a9c9e854b4027eb154 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 1f0629f3cb47ccda659a6a1d0ae46b53 |
| SHA1 | fc879d226799dc5b56eb46491d8aac86f6ee8a70 |
| SHA256 | 30592b5f127f394071103f3f6690310c5232e2b2e6d996aa0c17e8a1e6a502bc |
| SHA512 | 877c4f9e01c0f9d8546c18a7ec6a346172d70a9aea751986f28f6f852bf7921740f3bb97800b17c8059edcb464628ffff40d409ff136687b4363ae777696ccbb |
C:\Users\Admin\Downloads\systeminformer-3.0.7660-release-setup.exe
| MD5 | 0d909a4a638465a17bc9f37c5024e574 |
| SHA1 | eab2bc1ca6ebfa17b95b8cacebcb04043238164e |
| SHA256 | a82821a4c18ef940354b84cd625ce0fd8ed5cfba5418014063f054071bd5fccd |
| SHA512 | 5ca49bb16ef39f1cd7914a083f50f71099934b29baec7a813db16bd89ca1407912e135be7fae9260bc1513d722dbcddd5e841e50cab08f04eea0364f1ccbd324 |
C:\Program Files\SystemInformer\SystemInformer.exe
| MD5 | 60d6d4096eed212458d15c1ae5a69b9b |
| SHA1 | b1ab46826bc2608cd4a36b5b8fb8b90d80570d59 |
| SHA256 | c2e6ee62a548067c722b71f19ce59e81922fe16d00e0fbf36a1a6e28803f57d5 |
| SHA512 | 5bf4380158369dbe30e480bd4679899cbf8d7758b8e49f0b19caf5ea5832dc968b21567aab0ac7f5e5c97c48475ae79b303fdf97d91b8440fcb4c758062df106 |
C:\Program Files\SystemInformer\plugins\ExtendedServices.dll
| MD5 | 6815e3c7b86ba599c2f4b6bb954a95a9 |
| SHA1 | aebcc1ccbbe83e7e633e68b89a7bf0f81665baa4 |
| SHA256 | 805054d9666437fc539765074820c85509011a118a2066f3edcd9422bd95070b |
| SHA512 | febf8087542ccd097ba9d6073183101a80d86d800a8142e6ce5eb3ac995caad87a7f2e6644870fa9ceceed32a9e6b2dd16f731b3833aad3d03d5cedfa4af014b |
C:\Program Files\SystemInformer\plugins\ExtendedTools.dll
| MD5 | dc96b9a724d3cd8cfcf8733a9a61de7c |
| SHA1 | 2536761631bdcd087f2e5f6c7e6a0c4122457570 |
| SHA256 | a6c4d7661a24341a722aef8daa7c325f5fc4ada962de8b98483374fd274e0239 |
| SHA512 | 3274bc3c7cd03390c494e92416412c63bda6deff243ce86640f93c032f28ffebee59efbb3ef08c051d3551c1c0c095e475b8c1d6e4aa483fe687048810d5dc5b |
\Program Files\SystemInformer\plugins\ExtendedNotifications.dll
| MD5 | a6298a0a586067279a5334b9337d1034 |
| SHA1 | ebba80db97b6457bd1adba783ced4493360b39b2 |
| SHA256 | d111eb9beb8e4635b87e051b47af97c190cc1f8d0cd7ad7f1557762f9a43b863 |
| SHA512 | dcb64076b7be0447dd65fa229714853776b45dfebe4a3c748389064abaab5d41de3334cd4ae05a9501f57aeb35e724fa29d21b7cccca1a31634408da77ce00a4 |
C:\Program Files\SystemInformer\plugins\HardwareDevices.dll
| MD5 | 01fd6be2a2c22b120daade0d1f29cc09 |
| SHA1 | 86a5c543dc0c45877f2682faf27d848351f68fdb |
| SHA256 | ffc35befa48d579ca14a20091b3cd094caba0d51a5b468a700b0ed9ef36436e5 |
| SHA512 | ef492fe5c607e1c75c6ef68d0c3455222e162b4d09e5e383663f0e353a95daf2ce437151fe25927ea1868e99d844142f20363b4031539647c32251dabf2c5e6a |
\Program Files\SystemInformer\plugins\WindowExplorer.dll
| MD5 | f33adb4807118a494631475860bd8a66 |
| SHA1 | 6bbc6e5914edf92839cdf7421a9e231f9c3e1a9a |
| SHA256 | 4f6141e419cdbda14137336c78492cd21a1c00e61e7b3e7ba646db4995fe678e |
| SHA512 | 3d7403737d1dfafd49b59566b31bb9e5ceca73685d8586c685eeb583626201568efc9ccf3a952106bd2ef585ae979f9af9caeaeaf4c5c89fe740105397eb0f90 |
\Program Files\SystemInformer\plugins\UserNotes.dll
| MD5 | 2199d7b465f79bc686c96df9f3211d43 |
| SHA1 | b8914fb38cf41c68b0c233898967fb8669a57a94 |
| SHA256 | 49a8bcc83078e8290f7406cb27b77e9c24ecf1f91e50ca756bf776031dc72f48 |
| SHA512 | 840eed353fe29a70d7d7b444f6bd649471a6ebea335453f1e6d35d19782c82307241e2c333dfc282e6ebbfc83bf3c6bbcbde93502d95c6068ff10dccadfac30d |
\Program Files\SystemInformer\plugins\Updater.dll
| MD5 | 0458698493e55a2fd790fbb5b9622cda |
| SHA1 | 7035caca22e5e6442a55099d6e58d96e3759d9ee |
| SHA256 | 3be34e2090edaf01f832ee9bd27ea52c576e9d11ffda2728af336869f0c887e9 |
| SHA512 | b0c5e3c08278243af6e5f9cdfe3cee5628ec4420fb5d01514ddfcf9e2a0219d00a90a6588ee4c96c247ebef9f5e7b4ef8cca7b673b54183005fed51386e7281c |
\Program Files\SystemInformer\plugins\ToolStatus.dll
| MD5 | f40b030643d4b2c496851f8f4a88f0c0 |
| SHA1 | 2f99c229466e8b9393d87e9e3bca8cb2b666334d |
| SHA256 | 1f5fdd373022a7326b606024de4c9887adb4a11c3316cf26e1ba8c735fc11bef |
| SHA512 | 2b55e43e7ad24cc37353921f681319a1369b162abc5ca72b754397025c6d94d4d9de6c51a8e174797c83a4b699a007bece9671b86d56895fcc0d5fcb102ddbfe |
\Program Files\SystemInformer\plugins\OnlineChecks.dll
| MD5 | e20b9986cb01302bce63059bb83cf544 |
| SHA1 | 55d453b20ab9cb29d4553212d897a3c558ba9c3f |
| SHA256 | 8bf52b4d8e32e502f11f1a4efcee33930a3c338dc506a9a0220cdd5bfd808557 |
| SHA512 | 57531957bae5e8bf89237361ae2b6ea1bae56ed7f37786e4fefbc28a664903ade6c0672bd287a22005693a59c29fae9454bdf0aa6f46b3027cd266ec4bd2a888 |
\Program Files\SystemInformer\plugins\NetworkTools.dll
| MD5 | ceed1b510d002839b9a9e40c1253ca80 |
| SHA1 | 6e5054bd2d4bcd9679fe5cf38c245d1b04975c18 |
| SHA256 | 269e630ec4760651af16939ee462cdf384e9aa6293082b6fdf164abbe4a64790 |
| SHA512 | 15dad48bdc567573636e3092bf17de2c8f31ead2bc785b8ed693387907c34843a2b84ff2282dd3a076cf48604516b499d4487d819b9647fbc3e11e058fea9576 |
memory/5980-1165-0x0000000000BE0000-0x0000000001AFC000-memory.dmp
\Program Files\SystemInformer\plugins\DotNetTools.dll
| MD5 | 56421d2865f0d3c710d234a3c556d7bf |
| SHA1 | b78b8d0799b32a9064471fe5ff058477e2460da0 |
| SHA256 | 3546ede3a7a85f5cfd74c473c50bdbcf19c48310503fb38937e082bfdf998be1 |
| SHA512 | f91619361495f7b247f3ad07800af025ac63deb5e36c1f81f9e37d1a4c9d44da1921874c0a1528e4dfb88fd1992c1c4daea8e09c5c013c23c17b150c8d55ea92 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore.jsonlz4
| MD5 | 8406d2aff88ef60c5a9d3a8f672ab983 |
| SHA1 | 0abe5dcbc50c19c10b3876bc0080b502fd4bfcdf |
| SHA256 | f1fee6500bb2e887119f39663c63cd40de3ca8ef44793ed88f2f05011f7d7f1d |
| SHA512 | b7f5774d9d25e900c114731e2acac3e1d48168079127a5d5bb5841a2ed304694ab021ee132a8f6de30bba9228e67aa9e5b0b4d98335ff0ab3e5a1d3dc30b9192 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
| MD5 | 5f563224087baf8cbc4184f89bb93282 |
| SHA1 | bfb6977ca7fe62f1a555072d23203813083c1240 |
| SHA256 | 79216ec8ec485b6999095c88cf3d2d731bbcf6c23a092fb17e14102fae0ea30a |
| SHA512 | c9a93108686f5e98128336ed8ee2207fd55d1763a15375d76a25a541e6120d6180f34748d5f6f36f7749585817a81a0edecb5acc1b182f00fad043b5a9164235 |
C:\Users\Admin\Downloads\stereocord\stereocord.exe
| MD5 | 93cb4256515db89ce22002d8e5892ee7 |
| SHA1 | 8d944861ee6e10ad49a0b592969f84ef19c1bb88 |
| SHA256 | 03f6a8c7682b9026d19c8f6dc162aeb77a8ca237d9fac278114ef7f33cded978 |
| SHA512 | ded4ac6d026aa35b31e9bf0e8bcd91c00191ee828b92d183be4e62634fe90f36db4e7aa3f730d201a986f5d34f8b277f6052dcec1c1bcaa839cff06be7bfbd46 |
memory/3724-1283-0x000001FD6AED0000-0x000001FD6AF10000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\stereocord.exe.log
| MD5 | 53ea0a2251276ba7ae39b07e6116d841 |
| SHA1 | 5f591af152d71b2f04dfc3353a1c96fd4153117d |
| SHA256 | 3f7b0412c182cbdefb3eedafe30233d209d734b1087234ac15409636006b3302 |
| SHA512 | cf63abfe61389f241755eef4b8ed0f41701568b79d1263e885f8989ce3eca6bf9f8d5805b4cc7304aaaa5c7e14122b0d15bd9948e47108107bbb7219fd498306 |
C:\Users\Admin\AppData\Roaming\SystemInformer\settings.xml
| MD5 | 6342da3289a788ef5017d2bfc5f96160 |
| SHA1 | a3a5630bd908c053a2cec29013c5a78ac12c7871 |
| SHA256 | c6edcf1539fc8f909f1c813e276e3395fef4e496961c53c62833ed7cd6f2da4d |
| SHA512 | 8d1aa341915a2e247b4abb011f62cbaf4195328875b02f4a248a95ecc28f2807ac0568ac88fb906e3dfc744652cd6a3fc5b3367709cfecf02c5464f9ebdcc7ad |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\startupCache\scriptCache.bin
| MD5 | 1ba3784502cc36b7a4957fb72a3d862a |
| SHA1 | 98b0b2b0472171b8a6cad6a3ef625a6ceaffff0d |
| SHA256 | 2cea76b2fdf5eec199ed1e4ff8fa5057f6325802e53663360128a5bd7ed452d0 |
| SHA512 | 475e225659b3d7feb61ce6be6fb1da8a98370d41900bfc43e47d358b4267c4d71beaf8c9b6cacd6185fb8700d53de2f8ba33275d6e2366ec64d297f4e1f335c5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\xulstore.json
| MD5 | 362246bf7b7acb02b8b6ab62c4b18fc7 |
| SHA1 | d171fff3779c6228917423caab154d84b19d6ec9 |
| SHA256 | a9bddc5efdd4e2b436fb7557646afe419e231b98b1725673ba8d7950473d0f8b |
| SHA512 | edcb0dbede5f85975beb74450a2d41d4c16d930aa7e6f14c3b48455181211cb18cbd50498f9d292f3a7adf1d8895d4860707cfe1c2d4adaeed274980ab87a03e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\startupCache\urlCache.bin
| MD5 | 1545a3e921a3098b76cf6cadccc4ae35 |
| SHA1 | 1d67d3f30d70cc8f630fa7efc31bc55e54e56665 |
| SHA256 | 19984a956bb9091780a609c5bfea2a29c9dcee058ca32ae715392eef6debc027 |
| SHA512 | fa364733cf0fa48126ae3b37cafc72b19bc7b8506cedf94f77fff3883de620b5f3402933a1cbbb26abc0ca18651000db882bc4b2c21417bda9c14c4929811ce8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\permissions.sqlite
| MD5 | ea8f76923cc7d15d1eef2ba4a4a57d04 |
| SHA1 | 344f666e2b303e57f30323468ddf60d17fb82800 |
| SHA256 | c2a3a273577c72fb64c6510c470435465ca3fffa088d1e3628fd8da44445d91b |
| SHA512 | fe8f96c9a03499f03548148e2b2ffac3ce0954e8d9f7cd7965729eb2d06186e11516d384c0447efe337fa5715bc46cc057880a3f9f73750a6a364194d444b1e9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\index.log
| MD5 | 50b71071efa963c77f664a0f017eaaf2 |
| SHA1 | dba3cd92fb7eaf7d264eba2d3c094cb55cce9ceb |
| SHA256 | 1d4347fcc99107bc8674ca8e30d7838b7e1305b5c2a7171a595a4ef90a1318c5 |
| SHA512 | 2e44c2fa686cb8da6b2d9f07b6b1fe43954d0b3d2db9142df48cdf43876b826ce885491e4cfbec8cd139c194c70fb68fa787ddcbdfaa187342556f28d4ec0f36 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionCheckpoints.json.tmp
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionCheckpoints.json.tmp
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\68852c70-ad2b-4ec9-a09c-957635ea7fae
| MD5 | 6ec3ceaf78d4e17d52c807bd607f8c4d |
| SHA1 | ad7f62a070b49597965e3ae1c7926886ac32c83a |
| SHA256 | 80bdbfce0077331c4b45ee2e5139456120753b24f44ddc2b824a5fcadad0b226 |
| SHA512 | 95e09ff8176a0bb1befb3f9883b7947e7290c0f810604dd521110776a1f4fc9ddc57e90c3f84b744341c3fc39def458536d2f9920214d0dd05a90e0b556e84cb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\c3ead2ba-46dd-4699-a10b-f3bedd2882a9
| MD5 | fc865a415f2546fe5174e10247558af5 |
| SHA1 | 30ac4bfe0439f66ef03c7dc3f9a209c2df079e61 |
| SHA256 | ffc281e6d226fffc132f528b3e751f88aa397c3f2565aab7e66b12a80a0c937e |
| SHA512 | 12a443fbf0561a3ccb475ecd17baf2259955a7dbb15c1ea5ea1160ea14c5d85ddcfe680f3f56b9376da6d693e7b4a02ae9197116601fa72c0f0104e9177fa26e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 029c794d1533bfb88e7cbf6c663a2e60 |
| SHA1 | baece683d85bf9678f521042e75c432301788d6e |
| SHA256 | bb04180a47e6fd6fc2e785cc7f1f7226c274742e3f196c8eef444bfbea9ae7eb |
| SHA512 | 95ea1a10465605fb379940dc4d7b8f84a06e6ae8319b6eb65af7a098e32b9fbd0c274544bfcd23c091703ae4a19784975b9cc25ae61cacac870dcdb211d8293c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionCheckpoints.json.tmp
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs.js
| MD5 | 0b9b4d9051257e94917d712779035f8e |
| SHA1 | 74f990ec53adab4ca12f2901d5e60a83a025a9af |
| SHA256 | 2dca4f8a292e75fb65aeb5d6a45fc82194504c6ddf8f97d494a92af13e797b6b |
| SHA512 | 62b4e97008f07d7127953a1dc7c7812f39369cf4c8290acef92749158e9c8506397370e3b96e92f7f556af9e398a567684e111360dc526439e64b1387bbfa2a2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionCheckpoints.json.tmp
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionCheckpoints.json.tmp
| MD5 | 2ad4fe43dc84c6adbdfd90aaba12703f |
| SHA1 | 28a6c7eff625a2da72b932aa00a63c31234f0e7f |
| SHA256 | ecb4133a183cb6c533a1c4ded26b663e2232af77db1a379f9bd68840127c7933 |
| SHA512 | 2ee947dcf3eb05258c7a8c45cb60082a697dbe6d683152fe7117d20f7d3eb2beaaf5656154b379193cdc763d7f2f3b114cf61b4dd0f8a65326e662165ccf89cc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionCheckpoints.json.tmp
| MD5 | 948a7403e323297c6bb8a5c791b42866 |
| SHA1 | 88a555717e8a4a33eccfb7d47a2a4aa31038f9c0 |
| SHA256 | 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e |
| SHA512 | 17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore.jsonlz4
| MD5 | f25062cf2512d7e3f37b902190e94fac |
| SHA1 | 3d7fa2ad0fbe00934c985a5f52abd45744ae287f |
| SHA256 | 457c20f4b285c8bc939623b44ad7bef67c24bcc9e4111950143aa8b87d8587f3 |
| SHA512 | 2297b79c472c4ab4e208dc436ce057594315ab727b2b45c8a43f4ee00ff4d0f83fe438a2f7f62c01036d05b1dd0bb40c31f37766e0b5491c1b2c9c02e73c5add |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\xulstore.json.tmp
| MD5 | 746641527af388096073f90326f2ca08 |
| SHA1 | e5d8a30a4704722a5753043ff2322e72d2fd1499 |
| SHA256 | 1b5dc479f3d46dda19d2be43427be3e6380ce9c0555d748cf25d4eb5c24798c0 |
| SHA512 | 8f5dd090147dbb97d6924e579d9dace4812ae132a7854c230fb5ea3cd894fd6db552a9877a76cc0fa961d330ed54291f80f618572e794afaa8aad5abc851f0e2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\2c1f141c-cc23-47cc-a0a6-967d00583371
| MD5 | c45e3ae39b57085a8f4e587d90612783 |
| SHA1 | 4ef89c19e7983d4ebfa72d9f54f299212a3bfe75 |
| SHA256 | 1e10468ed41514a93662e16bf806a13f4f84ab16026876ba2e52a73da4b02445 |
| SHA512 | 0888009837f6f24455b87ac45455de4725a5601181672e321b5734152efc6d680ddb938f76dc13d1e6afc44bb7fed98db0865926c9316ec0b96fef00dd6ea3f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 03a44d0822c6c62ab82c816c5e0fc3bd |
| SHA1 | b93cc11a6fbdab483f84382d7f0e263311adf5ee |
| SHA256 | f1f84745acc77a1666ba4ebce141e79ece2d65e1709e4ef4d2d30d44183da582 |
| SHA512 | 958075821bf62919f263c66c46609daa89a4915af1b57a9f5b05a9231c55dfa3a8ae7a0197e712dc2827e0be1d1bf965042fe60695811d086c1968a1b40a5ae5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
| MD5 | b669661d3b0ced91467951d06c9f09ea |
| SHA1 | c5b162ebaf6ab0d99e38efaa2c2fd9116135ad02 |
| SHA256 | 5ea508d07f90a35f2ebd3d6ba614bb69220173e8ad072fcecc57725001d9a75b |
| SHA512 | 038094f1a1ef81ebebd0e46c9abb1f29fe7e3713e997974f2817436eea82239b8769db03a041f75827d21b7cc50495a51f4d7892c9cccecfa6132b4975e785c9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 6af94f179a9b282b8d8d852d6f6ee95b |
| SHA1 | dfd9ba1316f430ed417432cd92cc29172b23b8b4 |
| SHA256 | 605d676e77dec03bf2ed34b585d5873d481839e1ab5104a93e81b816ee37237a |
| SHA512 | ca180e677edeab054206d634cd315867d316c6e09012dc4fddb70458a7f73b63738c3166621de7cf4600499a6a0d320e503f3362489aa68eb0aff5c8701dba39 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | d385bb81c154a82eda13a8e4ce617443 |
| SHA1 | 528cc4e852aa12805cfabeeafa205b91f6880021 |
| SHA256 | fe11e46dd05dc00a7582fa894af3e39ed1435849673def9b60dba04204c7b459 |
| SHA512 | a57dd8e5edd38bec132b6cfba78654b6b2a14935a23fb23c51763e1c3e10ea00a107b3a09491350cf4188e2d75c1c675fb27f5afc9fef01d7f823491ccdd687a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs.js
| MD5 | 03fce21b0c48410db68802b24d9c69e0 |
| SHA1 | ae1e93b4dd263610d721ec9ee71a07b2ab690f75 |
| SHA256 | c21889c51cbace0e1c0ce92ee90a39dece1c71a489ee9721a654eddac6f8afc2 |
| SHA512 | 6835acce30cc7a9cd81c8d54552bd51ea68b208aea94e9bce66be7c9c9b872017733e745abb7cab977697c1d80e4e092ebedb1f529cba19d76d5a50a11588f9f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 25f783977fe52b3e8b79d98a3ec0b625 |
| SHA1 | 2208a83d1127dd026b46338cee59a56643454f06 |
| SHA256 | 26f196f142d8736cbc1c4f3fc247533a56746a0b3c52f9993c7d156f107c8811 |
| SHA512 | 0d15de2889c2446cede6244ec9ec9368f058053a746af5e1cea5eddcc0f57052ccf1061472a2a0fbcf26802a88eb2f6451a675379343af7861465fe63a88440c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\crashes\store.json.mozlz4.tmp
| MD5 | a6338865eb252d0ef8fcf11fa9af3f0d |
| SHA1 | cecdd4c4dcae10c2ffc8eb938121b6231de48cd3 |
| SHA256 | 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965 |
| SHA512 | d950227ac83f4e8246d73f9f35c19e88ce65d0ca5f1ef8ccbb02ed6efc66b1b7e683e2ba0200279d7ca4b49831fd8c3ceb0584265b10accff2611ec1ca8c0c6c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\40371339ad31a7e6.customDestinations-ms
| MD5 | 9180b36a3bf281344c958cf8bcd1f415 |
| SHA1 | 436323b5b69378293dce34c9ed002b795979a001 |
| SHA256 | 2e0014fecf346fbb76e8c92086700f0c265715a6076667d209249cbf508b31c6 |
| SHA512 | 13ba75b0b0a16041cbbe096a0dfe6861562c6d2f9d260e8c7ed3078bf50686922675022ec949c9f70b3ed7c02768937bd219043331e0d56c4ef85d85540b7d94 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 8753c6608cd12bc8b6e9a34a47cfbd04 |
| SHA1 | 04ba340c9eb5988233bac35aba1457bd589bc18d |
| SHA256 | 27f100594f12551eb57a9c1cc9cab3e5e69c2c2b743294859f52b304a4450c6b |
| SHA512 | 022a201e42ec79b3cbd31bc1a60c8b630a1a7408b8b9d5b11572e0efc9d33ab61a007751e6882a45557ecffce2ac75419663f7e54dba61702c50f58130c1c2e0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 46833b1aef5eff70d68aa1335e78eb5e |
| SHA1 | c3a55a984dd051507531c61a47040c2440f119d7 |
| SHA256 | 9bd06fbed5ccc981a007a99eb43967f430f356d0a1d47fe882192bf0f1046a6e |
| SHA512 | 768c67188369670014efe4edbbdc071b6ec7fd5888410d694b32b6aad0215df04027d4fabf1dc50bda4eca997a845b68c15876bf1faccb4d5612e086614b93e3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | eb1f9c24e94cec0b3ed8e90210168814 |
| SHA1 | 9ced34d6b98061de860a20a05638341281855fc3 |
| SHA256 | 20ddb39a23f51172745d10a89a15af9a7e06e5095746ef0270807891bb3abb35 |
| SHA512 | 92c087c395e05d1ada30da772425373b292a7ea2997e002e4766157816aa977861e7f061f33a408ae43cc1216376d7dc2f838f6db98d67589579629bbe5be49e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\25070
| MD5 | 5505e36b5887ea6c8c5ea65245121ce5 |
| SHA1 | 47a47b5618c4cd839f36603591262c4fd30bf632 |
| SHA256 | 4e235be224c46ad146ce301ae1af6a04e2aa8b01b1254e2d02361a999da61056 |
| SHA512 | 381b56a051417a15e061a19eea633102d9f4576b36896a861e6d90f8ffb99f8929626b8cdcacc628be31406bd7294c5253e93fbfd6f505baf1d78c933d68334d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\23960
| MD5 | 94616bbccdb60ed2116a72fc217fb479 |
| SHA1 | 351d2a46b2e536cbff0613fa6b3dfb2aa111694e |
| SHA256 | cf16e0273e494404a16e30e9c872599819fc4f4831cd0e89ce0f0899cc1674d0 |
| SHA512 | bac3bccebe851b5d6b68cff8474c56f4f2476eda63ce0acdd8323e2ff2d63ce04705000450ee1bdbcf59817eab6b80d58e351db60dd69944de7bc42ea7c2e5b8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\20573
| MD5 | 20aa7ace7786c08770b3960eb72c2851 |
| SHA1 | ec6e6310504ad9cf0fc7a64d4d2a1ef3920e8687 |
| SHA256 | 18f92c85ea6a0e2772068c112eccb81f2e9ce8cdbb71526b180a437333ee9f5c |
| SHA512 | 74ac61f23288d1c9b7ec74d383a7e5d866e5d6e15641fade057bb8f36aec09f4447e7839b11e304520ef70c4e8dd1a17e5686317f84fb1b935de49885c2ff9b1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\20694
| MD5 | d57005e1332929bc40c238368176a71c |
| SHA1 | c8006c6a87e8c2874f50eb9b10690108032f759c |
| SHA256 | 657a4d676e57b9e1f09e9dc0337c58b31773fd669c426b223e76077d44a8d841 |
| SHA512 | 676eb987715458e95beb5ac30b998bbf85c5cfce64690bc7ff82f7b6b769e4327e9e397bdcffc9f737de65dc7a01ac9e5ec33a0becbbc7c7ef8234286276f2a3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\27337
| MD5 | 81d5520ccaca0ba477c5d7922add7c3c |
| SHA1 | 2993b3d44e1f23d69723e85227c44f4305341dbb |
| SHA256 | 755f71490ad1dc077b6cefcfd9af73bf827f78729a0dfea14c88e84874ce49df |
| SHA512 | 163cce0b3447c4c9a4232670b8d50f052e432795aab567ce5b56cb43e6c2eb74ff93d374b2921317cddf051d504181899b0a8ac8bd0addb3bb82f847debc0400 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\9674
| MD5 | 241340835b9b70cacaaf27ff3d815b4d |
| SHA1 | 81220d784ee375b7cfcfd96d04e8339639d71541 |
| SHA256 | e8ef091b33f6c803dda29a56620468a87f1d75573d7e47914effa394855aa48b |
| SHA512 | c039d963843bc351f6894ad464f682ae336f7b6626b0ad842c6c06d2ed52f4d19259d4168f2b55b7f0792093933fb7c417ee7fc4a1e26918d8c72f660cf7564d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\17273
| MD5 | 1ec6cf90dcfd361a85b57561b79201ac |
| SHA1 | d5ff4ba6bca349a3c6fa125e22647df4aa01de83 |
| SHA256 | 012412951b6672782497693e2e591573bd73a9facb8808ea65d5b35dbad77d48 |
| SHA512 | ee02a4031c167730dbff1173b108d1271c3ed8de0b2a59b483f334f87e39faf877e1d8aaf5ee7865098c103b5c7cfddb16911249f58ed9a621c77cf05a6e12e9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 578c3f549e4339a50ca61038987ac3e4 |
| SHA1 | c1f7e1970e51a4fd076c3cb0eb22f7db62f4c632 |
| SHA256 | a3cd473984070f59641db31b2f899e17d5cadb85d86561fbd7f7e49219a46ea4 |
| SHA512 | 5e2482f636a6380564bc6ca647f9d5d0b914eee8dfa6efb8c8a9eed08e30d52777b20b17f3243aefbf1e5288be45bb4f077322cabb58fc537dfed668f6236a90 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\4DABAF7EFACD377F68614B900873860C74399618
| MD5 | 1ea39d2728032843e809cfe43b499ade |
| SHA1 | a084f3531bb97c406810ae39f2d82788c414817b |
| SHA256 | 531b321a4bc98d7d2d2fb1f42d94ec85de26c0aee1d52628ffe97f165b0caa78 |
| SHA512 | 1d1751e03a82353d1714782275f3cd5aa62774c3d2796b2f35a1a2bcf721648db1135bcbf3c1ee7cad2dbbd5bbf713f94ba9e61190e2cca9fff474ab567c934f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | b22651697d85a4d0651045c44e3826fe |
| SHA1 | d0e34e0d3f24096a8f94c00c173ea92e227924ca |
| SHA256 | 44acad625fb212f7518644bf58a0c5bdcdb239fb6935f5337ade865b3081d5c6 |
| SHA512 | a2b6800998f43a05f23b1f17e51115284d6fc483606f7172045f4c89e9c7bf9c880b116016b9f5dd379229d0af0d3b1b63cdb5082d077114de5e05c7f3dba46f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 36da1dd1d086133f1e72fc4857166950 |
| SHA1 | db30a7f25e690abb00727de267cd8344299f8685 |
| SHA256 | 415f390de6b1dcf495d494f2d42f02d249781d3c8eb9362913e7d21c028c9e6d |
| SHA512 | d209d92e94d1679d88a14664d51709d489657047edca1ebf44ea027036a5b0273aa5a23c1f25bd0e59c6d0b59e3d23ca62a15b4776e45856243fcaf265aeb7c3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | dd34a6e4f258827385777d605d708291 |
| SHA1 | 077f7f83282f28dec9c02039005dc6dc5683c31c |
| SHA256 | dee67cd8a1f6099f1b551edf0d8e89b389cad89d6cb5d2734f007ed62e06d5e3 |
| SHA512 | f210ca504dc95005c4f8ea8355ce86eff8fb4bd44e2cf0e88d649fc041b6d2c029a0b7d596361cd49264d51f7bc1b0bb8384424f9b28e188f8ff54b7725a09da |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 9956c4a3b8f6cb31ba5e1de427988e2d |
| SHA1 | c345d6b6039dbdbf680cb2e2de80b757bc59cd5f |
| SHA256 | c0d40b053c56615cda579c47841e35338067126f4f77555b2bdb859a378f4ead |
| SHA512 | f5ff444c66b933e9d2a31db21047a647fff9dbdfc37a68955bf0e101a59f676bc677b42ccfc511d5c4d27f74a27619481ea1beb7f6abdb52d85d4782969df669 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs.js
| MD5 | c74201230b7886539048d24fc5ca921a |
| SHA1 | a35f39a77af400c5cb9b1e20e4bf443533d5a09c |
| SHA256 | 4bf691e1b4f5001a4b4d39366b9cf652cef6e46948259d66ae67de33cb42815c |
| SHA512 | 6a7dc98f0d0d14a2ca1774f0f4fa658096cde9c22c3689799390bf2fb02df3312fa162fc36ae784ea3beffd07afeb3dfa25d0c5170a7716e3be5b04a267804fb |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs.js
| MD5 | fc0d0d78a020d08d9f342a80dd3ae8cf |
| SHA1 | e995300a1629b768e9eaba8e093415030cdb8b85 |
| SHA256 | f3a93d5dd894be458dacf9f5ddb754ddb73914470d566886f4239ce48701b18e |
| SHA512 | 8cfb6dc5949ffdbe9caf063e38b8f076d78103c5ad6ab1a5ac15566bf9cc92c25d43e4261134d1865b3c73a9577d25ce50c8120a2943ac21d411852332393707 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | abef5eb7b2bc0b174228909cff338759 |
| SHA1 | 77898724d3920dd6d8240cd84f681c26721fbd13 |
| SHA256 | e5ce4ecdaab32b27fe53da1c015248b542cd7250ff938fae04effdb30cf78588 |
| SHA512 | 6b61ef1281ce6b94790dc80c647c9a6e8a9447c020f0e7364205db37a9d991e5256d3272a713e1827985ca48d357eeea694ab829f861d1931ffab8614482294e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\32160
| MD5 | ed9090aebc052c8f104c090710b5c71b |
| SHA1 | 5d2068747e1048fff74fb748c1ae6a38b0932d3b |
| SHA256 | 137d8bdc1f5bf3533b3fb4e9e18a93b7eaaf796e86b561ccb9e5530a89e507fa |
| SHA512 | 7901a61baff42ce3581f5efff188594f6260c7185c7bca5999e0c61a52ae8510d6be17fbe7423d312f63fe183420e59bd9ef5352c712ec0cabc3d2dad8fb8921 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\6A97A7F0DD87D63CAFDFB2F74683A311A499D6E9
| MD5 | 62eadeafe87dcbb1ff68c3ee51799175 |
| SHA1 | b1fda1c663787b3db641ec6fd4e7c40e7449f9df |
| SHA256 | b45ad4b8e81a1dd4a6c12d6333dfed8e7552a4fed8a7c4239f07573887c8d32d |
| SHA512 | 434edd4e05ccce884b7cdadd62fbc0e4bbae76d4b7b01d2b7760a5a7a9dfc76e73360a9678a557273f0929008f29aeaa43ba39a0c19ff6cd02dbcc9762114b0c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 1a442380efa2975dac655f3c1bdce730 |
| SHA1 | 8e1112508e5d012a29a3ab62c2508d9175d4b2a0 |
| SHA256 | 5dc19b37f69fd60137295bf45b0cb831901e5a3e10bc35f71de7979efadc300e |
| SHA512 | 0a2eb7921556731a1ddcbb0b1bd2ce777b6e5336727229dfa634a0636486d66e6963bdcb2a1677bee53c634198e32a1390755c88c070ffa2ab56499a0a74c6b6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\thumbnails\dd6973e3f3e1d61ffc31af8f426b13c1.png
| MD5 | 0511ae9d312518fb68032d6535b5869a |
| SHA1 | c481a76e6ba4a2dbc4d8656d79e7b83431616439 |
| SHA256 | c41e2f559ed1740092188ae2ab647490489f9c495fa9b5219325322b113c687d |
| SHA512 | 54cf8f4999e0d50f298744b4255976205f580c5072fcf8c98912e8230e1f1fce5350b282ee92e5468dcff8cf295dc9fb963f316880e6db4e852aed066277b0d4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 5675afbf49b900f7dca3b4630f2e89f1 |
| SHA1 | b902b4770d5d34d2f994fa146af8082d118b04a2 |
| SHA256 | e52dd08a8b8885a62f40a5548f2eeaece3f40d4584f034cd37759846ee924af6 |
| SHA512 | 3b9cd368e049d393b4b1459e4a4a86ff491a20b18033edac3c6a1c71f74b3749daf46f8093b8e1411767baffb5f2fb81cd3ae384b7d9341011d345be01cde2e7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | a00e1fe8d52c7c9647f3ae9d28192a32 |
| SHA1 | bdcb8d7048ec6712d56175867478e079f049c08c |
| SHA256 | 807d4ff4e810c72dfddbd297cd21f7f11516ab8f68581b42f02fa33aa83138bc |
| SHA512 | af0b4cd168e5c10910eddc9606fc70c492ea53908957143f1ca0dfcd1883c0420be0587a29d3c32173665338f3a7934ce047b99e3c10b6be2a2db21176807670 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 261ef3948a3445210b0aedb586a75ced |
| SHA1 | c93061eb49409586baf2a2fd56e4d7f14c8b327c |
| SHA256 | 3e055b57ef0099bd2963ca7b79d41b02c7a8c839bb7071a7a19c59a541c00018 |
| SHA512 | edc5a88d1af75b87bbf54e699cf0723ebf75dc894ec212664ce6d72f1080185206f3ea9ece335add13bf248a7d3fce38a1df8bf926510f6c3fecf983ef94c5a5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | f9826fd7516ae0752217182aa54b54d5 |
| SHA1 | 2e6d7db74f1f269412c098198c22a91c6a72c60c |
| SHA256 | 05be807c54bf04536bc47c9fbdd81ff9062e46920231c1c192452551a7a6fe71 |
| SHA512 | b0f6cdc11782f7754b437e1430af2dd38b54b1649b84b6297da0cd3951b568ad27829f8f279142c72b2860f0f63d34d53fddd82fb1e1594b1d413b565a5c6f85 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | a6d186f661efb298e600d3cfc899e303 |
| SHA1 | 0d489c1d99f36434819795fbf2c8d55d979fa95c |
| SHA256 | 376a417c3e0f58272e31cdfeaca9fb67d78fdb369eafaf8292fea4ffacadb2e6 |
| SHA512 | 21b57e7ffaca1db8ee70f0db0fe5d09735837fbdf0404459ebafa990634f0d57cc76014b1e4560ab99b4057858a7427400f4c3692631ab98b7ee74c3498b3d7e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 54e1be8bb8bbc4e2b97e412c2749588f |
| SHA1 | 56d0744e150925b68b4fa2527e8707e5e12b50c4 |
| SHA256 | a40df4187cfb2a30d8b7a0e632045a81ba280b096f45978e09ad832b8a9938be |
| SHA512 | 917edc23ca6a48089fa920bc47aeda2b373fde5b35ce3a4a1f874e09e1131a4ffafbdd15df0f910474bffd0761b3192cc984af5ea8783eba07bf5d29510bc815 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore.jsonlz4
| MD5 | 95361bb0554f63b966f6189425b656fc |
| SHA1 | 5414ad45786e5c9c9e6ff763adc24fa9eee49d67 |
| SHA256 | 5ee63849ba5c4045d8523d4dff83395c3b39dbcc55677ace47b320dbd6fdc189 |
| SHA512 | 89753509407e39b7fa1b50f77d20e34eb8e26568477e3603d08eb774875d126029bbf5b47553e72962607c6c505cc80127bb8ea31e0e2a50511d2f1576f43a31 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\places.sqlite
| MD5 | ebf1d473032986ffde600a2276796471 |
| SHA1 | b925ba7993df6553f411916ac7da73adf0e6eaf6 |
| SHA256 | 35ad32e3ffdb56cce638607228dae9f66e88a58eab43be15f7541ff78144df4b |
| SHA512 | b8d6e9d049b772bb8c3f6982b4ee2089b6f7504d8ea80e4df5bded812f3b303c84357c06a92b8399cc7a223c6abd1a44beb48d90f46043676b7c8f6b7b5f33b0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
| MD5 | 398d60e70723e2a57844769267188e29 |
| SHA1 | a14e9079f6ef817a3e7f83c00f26a74a85616e80 |
| SHA256 | b09ebb7841932647a6a5c10438e4cfc1f2f44854cc9430a14d722532caf30cae |
| SHA512 | 65315a14f49b341d3ee23c4c1fa6f948865bd141b0d46de343a94643dcc39907a43044628e1ce06e9325f38b404110aab8462fc0bebac3ebb5c15c738a9c131f |