Malware Analysis Report

2025-08-10 22:35

Sample ID 240803-xklsdssblk
Target http://google.com
Tags
credential_access discovery stealer
score
9/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
9/10

Threat Level: Likely malicious

The file http://google.com was found to be: Likely malicious.

Malicious Activity Summary

credential_access discovery stealer

Credentials from Password Stores: Credentials from Web Browsers

Drops file in System32 directory

Drops file in Windows directory

Drops file in Program Files directory

Browser Information Discovery

Suspicious use of SetWindowsHookEx

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Checks processor information in registry

Modifies registry class

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

Modifies Internet Explorer settings

Suspicious behavior: MapViewOfSection

Uses Task Scheduler COM API

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-03 18:54

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-03 18:54

Reported

2024-08-03 19:26

Platform

win10-20240404-en

Max time kernel

1799s

Max time network

1685s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com

Signatures

Credentials from Password Stores: Credentials from Web Browsers

credential_access stealer

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
File opened for modification C:\Windows\Debug\ESE.TXT C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A

Browser Information Discovery

discovery

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\system32\browser_broker.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133671850018044013" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\ C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$vBulletin 3 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CacheLimit = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VendorId = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 880c8a61d7e5da01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionLow = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 296ac547d7e5da01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing\NewTabPage\ProcessingFlag = e0a3896cd7e5da01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\SignaturePolicy = 06000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 0d42dd47d7e5da01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Cookies\CacheLimit = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DXFeatureLevel = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\CIPolicyState = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Content C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CTLs C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData\RulesFileNextUpdateDate = "428873499" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\OneTimeCleanup = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\History\CachePrefix = "Visited:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = e5b1fe4dd7e5da01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{A8A88C49-5EB2-4990-A1A2-08760 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DeviceId = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\Extensions C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 1650a746d7e5da01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath\dummySetting = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-SubSysId = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\History\CacheLimit = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\LowMic C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionHigh = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\Certificates C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\ACGPolicyState = "6" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\ACGPolicyState = "8" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "395205405" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\MrtCache C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\ACGPolicyState = "8" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3104 wrote to memory of 4128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 4128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 3824 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 3824 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3104 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffecc329758,0x7ffecc329768,0x7ffecc329778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1632 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2004 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2108 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2660 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2668 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4428 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4736 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2936 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4872 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5024 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4848 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3180 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2512.0.1075115753\2027732649" -parentBuildID 20221007134813 -prefsHandle 1704 -prefMapHandle 1696 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb3482d8-832e-4104-92bc-ae4122233d51} 2512 "\\.\pipe\gecko-crash-server-pipe.2512" 1780 1b5516e1a58 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2512.1.620248497\1170920954" -parentBuildID 20221007134813 -prefsHandle 2124 -prefMapHandle 2120 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d213e41-d53c-49cd-a9cb-a3f2136be11b} 2512 "\\.\pipe\gecko-crash-server-pipe.2512" 2136 1b53f372558 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2512.2.132812807\1587640457" -childID 1 -isForBrowser -prefsHandle 2752 -prefMapHandle 2956 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1324 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e11db78b-8bb3-4694-aaa9-302560dbb112} 2512 "\\.\pipe\gecko-crash-server-pipe.2512" 2948 1b55579eb58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2512.3.1302377010\1296830722" -childID 2 -isForBrowser -prefsHandle 3404 -prefMapHandle 3372 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1324 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c0f10856-884b-4781-8f5d-28de76444536} 2512 "\\.\pipe\gecko-crash-server-pipe.2512" 3416 1b53f32d558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2512.4.927651818\311634380" -childID 3 -isForBrowser -prefsHandle 4272 -prefMapHandle 4268 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1324 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dddf444f-9544-43dd-acb6-28ddf1af6191} 2512 "\\.\pipe\gecko-crash-server-pipe.2512" 4284 1b557694358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2512.5.790896546\256938562" -childID 4 -isForBrowser -prefsHandle 4952 -prefMapHandle 4948 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1324 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {26d0800a-74c3-4417-bd06-56d8d8d1cfaf} 2512 "\\.\pipe\gecko-crash-server-pipe.2512" 4960 1b557cddc58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2512.6.921124760\1594291491" -childID 5 -isForBrowser -prefsHandle 5084 -prefMapHandle 5088 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1324 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3b183479-2aa0-4ab9-b4b0-ebef378e8faf} 2512 "\\.\pipe\gecko-crash-server-pipe.2512" 4976 1b557cde258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2512.7.1670081796\1791024407" -childID 6 -isForBrowser -prefsHandle 5280 -prefMapHandle 5284 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1324 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f81282c0-1db1-46e0-a2ae-74f74bc7b577} 2512 "\\.\pipe\gecko-crash-server-pipe.2512" 5272 1b5587ece58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5536.0.694488218\821026592" -parentBuildID 20221007134813 -prefsHandle 1648 -prefMapHandle 1636 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5db5a11e-dec0-4a26-868d-50712bb4ec73} 5536 "\\.\pipe\gecko-crash-server-pipe.5536" 1724 17d10df6558 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5536.1.374910546\1905117253" -parentBuildID 20221007134813 -prefsHandle 1904 -prefMapHandle 1900 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fcadb8af-d693-458b-b6cd-af8cd5cf720f} 5536 "\\.\pipe\gecko-crash-server-pipe.5536" 1916 17d10c3d058 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5536.2.371060909\63673827" -childID 1 -isForBrowser -prefsHandle 3112 -prefMapHandle 3108 -prefsLen 23735 -prefMapSize 230321 -jsInitHandle 1216 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {51ebe74c-8abb-445f-ae09-50632dd52ac4} 5536 "\\.\pipe\gecko-crash-server-pipe.5536" 3140 17d15b57258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5536.3.998625588\482358793" -childID 2 -isForBrowser -prefsHandle 3528 -prefMapHandle 3524 -prefsLen 23842 -prefMapSize 230321 -jsInitHandle 1216 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {513daffb-3976-46fd-a04c-59baeed40796} 5536 "\\.\pipe\gecko-crash-server-pipe.5536" 2976 17d16232558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5536.4.2095422038\188295272" -childID 3 -isForBrowser -prefsHandle 3804 -prefMapHandle 3800 -prefsLen 24924 -prefMapSize 230321 -jsInitHandle 1216 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fa6fe545-5a4a-4126-a3aa-f5e62ba99830} 5536 "\\.\pipe\gecko-crash-server-pipe.5536" 3368 17d1696eb58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5536.5.1405830178\531967127" -parentBuildID 20221007134813 -prefsHandle 4468 -prefMapHandle 3900 -prefsLen 30841 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f4305168-b803-4fe7-a9d5-f5b23888c79e} 5536 "\\.\pipe\gecko-crash-server-pipe.5536" 4456 17d18aae558 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5536.6.973740916\547372817" -childID 4 -isForBrowser -prefsHandle 5040 -prefMapHandle 4984 -prefsLen 31977 -prefMapSize 230321 -jsInitHandle 1216 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e440fd18-b196-4e51-9121-c444b979e112} 5536 "\\.\pipe\gecko-crash-server-pipe.5536" 3600 17d161e6b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5536.7.1212126823\571151579" -childID 5 -isForBrowser -prefsHandle 3216 -prefMapHandle 3204 -prefsLen 31977 -prefMapSize 230321 -jsInitHandle 1216 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a4000d0e-7cad-4413-a0e4-6145c97a16f4} 5536 "\\.\pipe\gecko-crash-server-pipe.5536" 3252 17d1696f758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5536.8.1008909442\836948738" -childID 6 -isForBrowser -prefsHandle 5248 -prefMapHandle 5252 -prefsLen 31977 -prefMapSize 230321 -jsInitHandle 1216 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c27cdd48-8a24-4f9a-a943-8fb4a02ae83c} 5536 "\\.\pipe\gecko-crash-server-pipe.5536" 5240 17d1950c958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5536.9.1518225131\1718473644" -childID 7 -isForBrowser -prefsHandle 5488 -prefMapHandle 5336 -prefsLen 32012 -prefMapSize 230321 -jsInitHandle 1216 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bf42a130-75aa-40d8-b0e2-169459852956} 5536 "\\.\pipe\gecko-crash-server-pipe.5536" 5508 17d7cf2e158 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=932 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2964 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2548 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5336 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5348 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5872 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=2508 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=1472 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5324 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5468 --field-trial-handle=1780,i,13444269948644301888,2850899910558102344,131072 /prefetch:8

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

C:\Windows\system32\browser_broker.exe

C:\Windows\system32\browser_broker.exe -Embedding

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
NL 142.250.102.102:80 google.com tcp
NL 142.250.102.102:80 google.com tcp
US 8.8.8.8:53 www.google.com udp
NL 142.250.27.99:443 www.google.com tcp
NL 142.250.27.99:443 www.google.com udp
US 8.8.8.8:53 102.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 99.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 95.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 94.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 94.102.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
N/A 127.0.0.1:49883 tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 166.188.117.34.in-addr.arpa udp
N/A 127.0.0.1:49889 tcp
US 8.8.8.8:53 122.28.160.35.in-addr.arpa udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
N/A 127.0.0.1:50078 tcp
N/A 127.0.0.1:50081 tcp
US 8.8.8.8:53 location.services.mozilla.com udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 216.72.190.35.in-addr.arpa udp
US 35.190.72.216:443 prod.classify-client.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 support.mozilla.org udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 prod.pocket.prod.cloudops.mozgcp.net udp
US 34.120.5.221:443 prod.pocket.prod.cloudops.mozgcp.net tcp
US 8.8.8.8:53 prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 221.5.120.34.in-addr.arpa udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 200.110.239.44.in-addr.arpa udp
US 8.8.8.8:53 37.158.120.34.in-addr.arpa udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 support.google.com udp
NL 142.250.102.101:443 support.google.com tcp
NL 142.250.102.101:443 support.google.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
US 8.8.8.8:53 play.google.com udp
NL 142.250.27.99:443 www.google.com udp
NL 142.250.102.101:443 play.google.com udp
NL 142.250.102.100:443 play.google.com tcp
NL 142.250.102.100:443 play.google.com tcp
NL 142.250.102.100:443 play.google.com tcp
NL 142.250.102.100:443 play.google.com tcp
NL 142.250.102.100:443 play.google.com tcp
NL 142.250.102.100:443 play.google.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 101.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 138.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 95.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 97.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 100.102.250.142.in-addr.arpa udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 109.116.69.13.in-addr.arpa udp
NL 142.250.27.99:443 www.google.com udp
US 8.8.8.8:53 developers.google.com udp
NL 142.250.102.138:443 developers.google.com udp
US 8.8.8.8:53 138.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 developerprofiles-pa.clients6.google.com udp
US 8.8.8.8:53 roblox.com udp
NL 128.116.21.3:443 roblox.com tcp
NL 128.116.21.3:443 roblox.com tcp
US 8.8.8.8:53 3.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
GB 128.116.119.4:443 www.roblox.com tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.134.25:443 static.rbxcdn.com tcp
GB 92.123.140.48:443 js.rbxcdn.com tcp
GB 92.123.140.48:443 js.rbxcdn.com tcp
GB 92.123.140.48:443 js.rbxcdn.com tcp
GB 92.123.140.48:443 js.rbxcdn.com tcp
GB 92.123.140.48:443 js.rbxcdn.com tcp
GB 92.123.140.48:443 js.rbxcdn.com tcp
US 8.8.8.8:53 beacons2.gvt2.com udp
DE 172.217.23.99:443 beacons2.gvt2.com tcp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 219.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 25.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 48.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 99.23.217.172.in-addr.arpa udp
DE 172.217.23.99:443 beacons2.gvt2.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
GB 128.116.119.4:443 www.roblox.com udp
GB 18.244.155.18:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com tcp
GB 128.116.119.4:443 apis.roblox.com tcp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 88.221.135.219:443 css.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
GB 88.221.135.232:443 images.rbxcdn.com tcp
GB 88.221.135.232:443 images.rbxcdn.com tcp
GB 88.221.135.232:443 images.rbxcdn.com tcp
GB 88.221.135.232:443 images.rbxcdn.com tcp
GB 88.221.135.232:443 images.rbxcdn.com tcp
GB 88.221.135.232:443 images.rbxcdn.com tcp
GB 18.244.155.18:443 roblox-api.arkoselabs.com udp
GB 128.116.119.4:443 auth.roblox.com udp
US 8.8.8.8:53 18.155.244.18.in-addr.arpa udp
US 8.8.8.8:53 6.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 232.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 95.100.245.144:443 www.microsoft.com tcp
GB 95.100.245.144:443 www.microsoft.com tcp
US 8.8.8.8:53 144.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 57.110.18.2.in-addr.arpa udp
US 8.8.8.8:53 microsoftedgetips.microsoft.com udp
US 40.64.128.234:443 microsoftedgetips.microsoft.com tcp
US 40.64.128.234:443 microsoftedgetips.microsoft.com tcp
GB 95.100.245.144:443 www.microsoft.com tcp
GB 95.100.245.144:443 www.microsoft.com tcp
US 8.8.8.8:53 234.128.64.40.in-addr.arpa udp
US 8.8.8.8:53 161.19.199.152.in-addr.arpa udp
US 8.8.8.8:53 ajax.aspnetcdn.com udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 152.199.19.160:443 ajax.aspnetcdn.com tcp
US 152.199.19.160:443 ajax.aspnetcdn.com tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
GB 88.221.135.25:443 www.bing.com tcp
GB 88.221.135.25:443 www.bing.com tcp
US 8.8.8.8:53 25.135.221.88.in-addr.arpa udp
GB 128.116.119.4:443 ecsv2.roblox.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp
NL 142.250.102.102:443 developers.google.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 142.250.68.227:443 beacons.gvt2.com tcp
US 142.250.68.227:443 beacons.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 227.68.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.69.250.142.in-addr.arpa udp
US 142.250.68.227:443 beacons.gvt2.com udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bb5197a388e5dfdd5b99e6e955aabc49
SHA1 930093a8c57a8c65bda015fce6fc4afdcc4f6a6b
SHA256 bc790b32ca8a06109ab76cd266d53960a02300ddb4178e69dcc31b2b4a4a3a44
SHA512 d4eb44eea232e898c52a4521cdf53a61cb17f7510cdb4649e9fc50e3b5beee0f5354427352e041794e78c25361c82d668eb9fe7490617bcd21261a1877ac9152

\??\pipe\crashpad_3104_IAIJHVGPPHKKWSCJ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 3e552d017d45f8fd93b94cfc86f842f2
SHA1 dbeebe83854328e2575ff67259e3fb6704b17a47
SHA256 27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6
SHA512 e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf041be366e38aeefbe9b6f17f06a852
SHA1 909b347313cf2106dacc3f9230220c83d86ec5d4
SHA256 698a5f68666f3d283aaf987f654a77906f88f8c74ca45bb059ed262e72a2e8f0
SHA512 c69b772e728f33e573d2566e2b7373fa4f3a64234c76ba0d1082406f17b7339b942877063beba6334ce79febd9257313b72bc5d947087994e63d8a39da0cea7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 779aa6fbde33b6d738a6044d8673d1c5
SHA1 ec93fd0079c838515e3d825830a32bc45bd79f82
SHA256 995ae6364a4262109717f6a05ddcd2d621eab6921eb8cf6717e0171c18939143
SHA512 5f973fcfd52e246a7747e10404e1be57760eda93908a16ec95f467181fd114448ce0980976caec3591eabc3000d120cc92b1b8f44ec1fe44a464453143d13184

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 21ff3c2b23fc3e74053f9a97f02fc90b
SHA1 d5e3b5d5941195a45bf5d8e349dc725980197b99
SHA256 912a58b8013090dc8bc1d2d9973076c629cb2e90c3afdacf08079fad13832745
SHA512 f0ee28f3434e1ff6631329b7321ea6e9308bb883e90cc64bdb0c04af0276105edf596130d7c4675f0bf6bc5fd8ea7dac6b6cb52253173d18a1addea9ff3b45a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7fc8cb0a73a71c235f5e1590d5b39ece
SHA1 898fd3c4b42bcc3cac3cf8ea46dfa6f130b66e6d
SHA256 bc79955f332232b2aa93c7a34aeae4768116a45e1c4b5a73ebab2245509c2f46
SHA512 f7b628b0629350157124c8780fe9d808cbc6d455e1f088a4a68a703b6e021b9b34f3551e449e8a96373ed09479d3372ed7a10ce2e141337be318868f17559782

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e4fe2fd59ffaa5b9b542f4717b046463
SHA1 4a7e526bb5102755547953ab24c793ee3d2b90cd
SHA256 53cbbae81820d6c9ef79792e5101d1a63b6a13f50bfa7187d16208e29a62f00d
SHA512 082f62b373c7cc15e8a93dbe877255f4329a90d4b1c06098482ed18365e77fff781a4e3f14f19f6452364f08882af24fa09b21a1dbd9b972d8a20036540b0c91

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\pending_pings\cbd9fc04-68c9-4d95-92d0-662d8b09dcb8

MD5 f17ed90ad27a9ec62e86f74d469c7b24
SHA1 619fe99b4a7185c0bb8795c39dfe14fce1ecf651
SHA256 5547fc1f86f915e5394c454b9ca2289176f7733eaaff6ee801d9eb99512e8831
SHA512 805c391e169a14ffaa4bf0ed9e02cc497a04445a831c51029b27582ad734eed204f1ae947c41a98704c71901851cd2b230aa133594e9da6ca15b685a23acf8dc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\pending_pings\8a52d98d-3188-4289-bed0-b5f664486aae

MD5 54e84e4907d36fcefe640f727c2eb6d5
SHA1 2f873ea57b69e6cbcc369a4ecfa1aec140e890d8
SHA256 7508f618a557338959cc7f4493503f598637af3a9d175cbba6196316bfe2d53f
SHA512 8d526f76502b2c6608f99c2277785512d69fe28c924046de1f007cd96ee3e624c11da0dbfe1e238278f80026cb607d60257b2cc706cf373b5c04af40c3e41a1b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\db\data.safe.bin

MD5 0da30ad3c50eacd65380ee86cc8cc648
SHA1 088b6ab35c392af0a4b13cc0f2a5e241dc91c8d3
SHA256 c22b2ca49351ac5fe2215360607898ff1e020308aee05e197994d5a84b0cb757
SHA512 a9f7f38911669ce901c38160cf829554fc9c59888518466ba6d0de04bdcfb4026a11c7c15252580057416abf5ec7f6c9124fc721ebde56299353af599d2cea8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cf122a265e0cd90a24c6fc57b27b2e3e
SHA1 d9790d8a80d112a37f3be2479c60deca42851b70
SHA256 33f74e195ac828314dcf487c911ca4e3087c257ed3aa6d23410db5c84aef7ebc
SHA512 935091b7474a01623363c3f37873e4a39f6e2bc895d620fc8d7b5ac0bf99fb234b500c7fbcf705238c20c9ebc308ef4e1c53ed360bf97640eea4f4fe3037863a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6573f2b07dfc2ce5a413b403501c9bc8
SHA1 ac97edd62fbf400169c2fc3e524f16ec1a1d5923
SHA256 c353efe562fd8caac524d502334988efe5e66b761b2b01aa7d42d0870281009d
SHA512 c7dc7d9e02cfd6111e051bd2be47f8b3d81168d6d4456699bb0d40ec81c75969f4829f9fef19ae90ca2b04954d39a50951072699eb11a035f0a9675003e01d8f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore-backups\recovery.jsonlz4

MD5 7b88b5301963bbcfaf2fbed361ebb10a
SHA1 1ee72f2a551a2f1c9659ae40efac7044eafaa024
SHA256 700ed3b8bdee78a94400696c0a565fdf090d29f5e984c06d3bc7272bcabcd1b9
SHA512 278b9901c06c5c85b4c03e08a3330fc0dd7182cbc3385fc56c9a5e13e8197781d1acd1b36cc1b6e6bc44583d187e8bf05bd48679f586341b9dbaa6e170b5061c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs.js

MD5 78d6cfc87cc44dc798d19168c4732b5a
SHA1 0124155bd7ee3d5bf1686ac83dc91d7bba49dac9
SHA256 3e1f0b3552808010cd245bf2b2f457395f282eb6f952e5fc4fddd3443a220ac7
SHA512 d054a1d26677551047d9df625a95df1cbb09f3ca90d046c8b287f8ab6a3dc34a21dfe03dfb6b38af1f890133d58070c5758ffcc5eae9c6b1a04fa697462691b2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore.jsonlz4

MD5 b8ddb0ff83459f6be2be17a27d32c800
SHA1 91978ebe40069753e6c7cd294a7304ab6113e0ed
SHA256 80687acda98b2bbd6ff1802a19ed1d054653771230c881bcfc0e1a267bf7f426
SHA512 fa62d0a2cb034d7284758e04241ed8f57fe6461901bacfb39e7b912a654d11e71498eb31962ff671e5163b101147a2c2c8652e22d71c436565dfb9eeab5d853b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 0ed2663971e8051b2bcb574926400fa8
SHA1 467756bf41c377bdb07c8be10d5391f1df1d80a7
SHA256 0c44c9887ebd30506041e4f483422673660df0b74c7468b0cab2c69bee1f4e8c
SHA512 e521f02d0a4dc70e3bb33747c5113c76f18f15b4370826ef13700c4f559c8b158ed1d8ef79d7d88794bfea61496a75d653237391f2f8b5e53d8574a21f113898

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 4f360ccca36347110a59fa98720b338e
SHA1 0806028e3dbdbe47b3c6e26bb381604a17fb334c
SHA256 47a3a0d79b4ec3b213a79f88585e927dd3288acdd3e4e1f7a933dd0154e5b1de
SHA512 2c2af2e368dc7b62a480a853c431099d3de1cbb2c7458c7056f17adf974ea9a498f42ea818150680024ae7e901bd468fc25930d6ed2102f47bf2c74b33fdc492

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionCheckpoints.json

MD5 948a7403e323297c6bb8a5c791b42866
SHA1 88a555717e8a4a33eccfb7d47a2a4aa31038f9c0
SHA256 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e
SHA512 17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\addonStartup.json.lz4

MD5 dfe3b31a92da177310be5c8d5822144f
SHA1 916c9fb06d027d609e096cad65567b308c296f82
SHA256 bad4e384a93ef73912df809d8716d96cfa3780e367aec88cfd5da4b06ad19af9
SHA512 e8aa17dba155f0327d11a37e6c261b2e6a046b78f1f4b4820b7f7e6dc1c1dd99fc33a87b5b34709ee14060c4e0569a521d159961d3b6b7ef573523597a43ad0a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\AlternateServices.txt

MD5 48b61fac9aca88f9bbd8aee471e225c4
SHA1 a0e03748b3231936cb6614ea51e455d33ea8c0ce
SHA256 66f045bec2dc2bc495933cc5dd96fdb5dc167c0cff2c21ff3e2abb776ca634e3
SHA512 0dec46b261dd4ab0c5461d53c8d7a9e6c9cbe8d59f500ee457519b4fcd0e7ea7321187735aa776a35a545b988123e9af0aeda8c81d7437b5c04386f2bbff9033

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\cert9.db

MD5 f55aa7af80a0ea1816cbb2dcdcbd5b1f
SHA1 25325a2cf5b639305f286357fd7ab5f49253233e
SHA256 29865f33bf17dd1b5107c8a0544d644d32a52bf501930f6633781531175a93f5
SHA512 6d9f0f4aaf7ab418c9e104156c759cbc5b678e64b8af7ad0f54bc542c414bf724329c18fe634ecabefcecf6f7b6102567cb462aa3cd56fcb2ed55d558cbfda73

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\SiteSecurityServiceState.txt

MD5 1605bc57a699bcd021b1417dfd2a0e06
SHA1 0920254eaa6669fbdd04da24b504e881cc0d21e7
SHA256 ed709714c3b2e23fda23191367b595f759d75ab8e222e9acc1e3a460f9e779c1
SHA512 9cc2cc7b6410cc83c2cf0af8921b9dfde067e2ad63317af6bd41592631a81650c45cea88a298bb4e627771acb79b54fd3ca82ed1e5eb261017d83eedd70c8396

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

MD5 caab4f1e7d8c71eac9a5f2b607a2e541
SHA1 9020ad8c9ffee8d7eba44ba9a9eb79abc7651097
SHA256 1d4b63c335beee5b9b6790f2fb9ca9740254a54e9d901aecfd1180438f38b0e2
SHA512 496c3377ca97ef63701b702d9d0bf4cdf4fde49295105844d789873b3224f940b2f9405e94586d46b07f4926b8655b333b05b3f7f4d78c9fbec8d6baa1c3b79c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\startupCache\urlCache.bin

MD5 5a3e1cca06569a3abad215db82b0b76c
SHA1 18ecdf820ea13771e7b56bdb6ef306f0c0c13334
SHA256 503d2ae1b9e57f6b33593b6013152cc3a6b60b7697366416192d205673bf481f
SHA512 fd2b7fc449db397f5a8c23484a369a5ab7ebded5f2e21a594fe7a5faa314f185453c31650fd6bba83a66c4405a50f49748c1e79bde3a0bc69bceb6d069d2a8e7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\startupCache\scriptCache.bin

MD5 7cde56d680626d91e7ef5d63e021fb1b
SHA1 7dbdf2170fc1b5d22ca166cd9bfe31a58d8e37af
SHA256 ef55bb79a5b48ca51f32141086e5820f3b7844340a7b0cb26391702dc75a026e
SHA512 5c7c8c80ff0b29a9cf7fb9bcb9427351295989880cf40440c09fda14c4a1226773cf6b8ae297b57e21499cdc57cb857c53663cd63fce130f7152b1c40cd06fbd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F

MD5 43d14dcb04beef6212850ffab56272f4
SHA1 e9917f9918cda92fa47ad4309a60ae7cbdf4998b
SHA256 1eba6f776ccb62a489655b031d84b7cd17f7071c5fd03a6f28c9da4fcadbd28c
SHA512 d397be0479280a51ddf826eeff1d4a193a8f65d69ce0b818fe6e905c29c2826d2ecd9c1c82f48acd30877e26a57a96d8ad1b8cf09c3d89c75557dff261409322

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495

MD5 4026d304bc8cf308ded9e88d39c4f447
SHA1 9fccf01eaf8a36331ff4033c06da73a0a1ee3785
SHA256 185694234fc54b772330241b00448647650fd3e4e72ebce231f97f053ea6daee
SHA512 d54cb6d79d18c0195c763d0bcaccf1179f6d808e1a8d41d79fc6f317347dcd846edbc775812314baab9f3061b1ddd33d4493377891e3f4ef515cb3285a3c58d7

C:\Users\Admin\Desktop\Old Firefox Data\c5nsco79.default-release\xulstore.json

MD5 05e1ddb4298be4c948c3ae839859c3e9
SHA1 ea9195602eeed8d06644026809e07b3ad29335e5
SHA256 1c2c5d5211674c3c8473e0589085499471399e53e9a85d7dd3b075fef6cbb6be
SHA512 3177b48cd0c877821419d7e5eb247a4c899bc37258994f22257ceaafefb316e6f5959faae02e380e432d7752f0218d45d56d6878c1e751d201d9fdb3ff98612e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\targeting.snapshot.json

MD5 aa0f1fa299e8f53441b289f0e0f87200
SHA1 57311381702108c86586da05a3020f39a5c08ba7
SHA256 11314019b7ecd582f89b74b2c98b6e8cd9c8647e8dd9814955f481f96d031620
SHA512 f45226291ca74f65a2b21a1ce0d55bbd04556227f965be4f86eaa505fc3cea96c6c40297c029f10f8dce6f702c7582a70e33be2b5baf444b821fe891d2d97e72

C:\Users\Admin\Desktop\Old Firefox Data\c5nsco79.default-release\storage\permanent\chrome\idb\2918063365piupsah.sqlite

MD5 04c288a1562d51d0bde6692d1a5a6982
SHA1 96cfa3f4b5f19d53145bf761d25c70c5db59b424
SHA256 9748504d46f56cda1857f8a159551c1d33e386b46b273b93aa210c65402be776
SHA512 2cb8bc9d58a6f0f4231c16b735b5ac834f4a66c25164945ea69c50e189bc0205c5354d9869cfe214d5b8a5defdc995851c527b0135938f4e480f6f9f426782b2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite

MD5 2aaf3c813025811a6eb7c82ef6cbaedc
SHA1 a4b6b3186159a11a4d5035a5c6593ebc68f96a07
SHA256 183f3f9020c5d009a48d9f60e691209d32342041f2919ebc75e71564a9b7019f
SHA512 021c89a477a2310599cc847c9917ce495ed73cd98bcf98692795a5727ff78548f0597d090c66bdb02cf7b391d8b1eb4091ebbf67b10d351a7ef3d68fee750557

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\protections.sqlite

MD5 deeced8825e857ead7ba3784966be7be
SHA1 e72a09807d97d0aeb8baedd537f2489306e25490
SHA256 b9f022442a1506e592bf51284091a8a7fe17580b165d07e70c06fd6827343a54
SHA512 01d303232d6481af322137b44fef6c2a584f0643c48bab2836f9fe3193207015da7f7514fe338500ae4469651e3d9618293858ae507e722198a249257677099e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\db\data.safe.bin

MD5 21981d71771290fa3842de8adaaba5a0
SHA1 7f4bd293daa17ecb9a3bee18294dfe0dc31d1336
SHA256 3e3f47c17ca6270b61fdfd3d1ebccb3d2ed05e992d2beb6d2bbbeb501001f84b
SHA512 36a2a108dd2e092843f50c6290a4b5993dd730c705b98c9b01d3ed7f455c5fd328527e15d3b3696f33b8b5da02c6e49ed7812e634bfcd7aac385b7f3c3ce0317

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs.js

MD5 01a3ba182d52364586a770717cc67c1a
SHA1 5e312b1f6d83d50de5151ecd429ffbc7ab1068e9
SHA256 062b978312620665b8e4a4baa9324fd7fa172b137eeba223d62cbd1422cbe44d
SHA512 91177a0b7a63a8c1b1b6745c5bfbf07f771b946de647b8b6d2b5a31f02601c360d6fd455336a0708fe73f2769be941b5465564652ad9026f42e21dfa0d4ec910

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\sessionCheckpoints.json.tmp

MD5 ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA1 b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a
SHA256 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
SHA512 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\sessionstore.jsonlz4

MD5 4fdb7f9a51ba177262d07d38c0238915
SHA1 f12c5a74467bf624164ac77ab7af517ce46ace8d
SHA256 a641f5701e0ccb2fc22a9f4323c96d899db4397fc08c63fc5de852d9aadca9d7
SHA512 fd0e72672b280e9f362cd8ba4a81c795fd741163020cd2c62a104c3f8e006883ac592951db85f364f3fece2d9af386f635b93ced301e12b4418e1e0a7fdd9c09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7b1c51f4575e1a0aa56652a5a59de3ba
SHA1 73f0095bac837fe8302a82c5d51858032d6df51f
SHA256 e5ba56427d3adf6392bb6009582786f5ecc6e80f1f2f8cf48554425958165970
SHA512 c459da116f7e830d164deb31e95d0a478b1bbb7e3ac6db39f097d3dd00ee05d49f12ab8a4019bb0a6ebe3422e921581ffcf485803fd80d145006df92c82c3f42

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\prefs.js

MD5 eecf6d74e6d143d72529107927be8c99
SHA1 0fdca6b8817f2574d01c59f7d1f089157b9b0e26
SHA256 1a5258f445355f78ac72d6647d12fe9364b9bb29816c7cb79e5e3fa31efefc4b
SHA512 ab250451623c482b33efb63ccb6d0b58e018bff427a4b5aae711bb64801aa567dda8ab0a1a013a1e91d360a4703257183e0eab6c657be7ca5874266d91fb848d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\sessionCheckpoints.json.tmp

MD5 c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA1 5942cd6505fc8a9daba403b082067e1cdefdfbc4
SHA256 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
SHA512 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\datareporting\glean\pending_pings\ea421626-eff3-4268-823d-ef019a787912

MD5 5ba3793fab3d2bad3b4b64a613485ea2
SHA1 11cd09a8d7df8a76d93bc02182bb8dcdf3878fea
SHA256 7618f2d4f0fa3cce9ceb89840b8eb668c9810dafa516428737bdc2838c1f131e
SHA512 22b9b81f1d6f5a1d4f6970967f1fdf29f85bc194aba613127e890ce8908fcc1d6cf214416b726d5c11da9d6a714f17250956ef9dbbace0a2a628313e68dae354

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\datareporting\glean\pending_pings\cc975a5c-1fd0-4384-b02b-4deb20f6231b

MD5 a42ba25ee28d88249858288e2e2133b8
SHA1 fe005240d191fb407bfb379883b72cf4de8f66d1
SHA256 ec2f40f9928d10463cd02afb28e2e325a27f8fb3818243026f0c0f0e6c025620
SHA512 5bc8fc89f4967cdbbda010aefe54affbcdb4c669aef89928d8e4636e3e7405af221be8855da3469c3885eaf28d03850096771315989025d8995e28eb70aefe2b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\datareporting\glean\db\data.safe.bin

MD5 4ee4b71d64a1f1ad292b8b4569165d54
SHA1 3aa1dcdc57969db17fadd448c0ce7e23351c20d7
SHA256 ad36833f717be87f72c530c02c99b9bea592a8c2fdee9f22c410bc05e4e58b8f
SHA512 14f3ca5ba43ab6abe7e2f4b6952649360724030d0683195aae6aeb0f99e1838396a3430785c324a436f97d0b84c0860b3288369d8dd8aa566da2092e81fc1388

C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\update-config.json

MD5 7d1d7e1db5d8d862de24415d9ec9aca4
SHA1 f4cdc5511c299005e775dc602e611b9c67a97c78
SHA256 ffad3b0fb11fc38ea243bf3f73e27a6034860709b39bf251ef3eca53d4c3afda
SHA512 1688c6725a3607c7b80dfcd6a8bea787f31c21e3368b31cb84635b727675f426b969899a378bd960bd3f27866023163b5460e7c681ae1fcb62f7829b03456477

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\search.json.mozlz4

MD5 41d220d4783f67d2b57beec20c135229
SHA1 6e97765e77920b6010fac2cb4abf1e3cea106541
SHA256 5d1881e74d76b95bad59439bb5c7676258a4ae6b6d853074e93b5247cf1715dc
SHA512 dc30ddc4c8cfe598de5e24bc88cebbe4256fbb21a0b1db6c2ec15311053e7d8be6a93a0bcfcfd8a02543f8b9cf9b15a5840154b272a2df71d59d7dfd80984ac0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\extensions.json.tmp

MD5 ed06e18e815b1d6986aaa691310d2208
SHA1 bd7ac658fb3bec7e74335250eed004b0c4d39010
SHA256 c70aab6c06656a2f58d5f65327d1ab3afc2e271b4a5ce585684e65108033a58f
SHA512 c959419c461f3653567ffc4a536de83ae2631e78833c7d441435b0e4dd862ebdf2be012946038ddec94956163286209114e5d141dad4029fb09377100aa3990e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\prefs-1.js

MD5 626a379ab9b8c170c60045c0dbbc887a
SHA1 f46bc18cb8c058b56c2ceddcd663449da18577ab
SHA256 b46169538421d85e68decb91476e035b79b627cdb7268ee46445b261e2f526a6
SHA512 f0e5167b7f76c3fc844c6b1edebdd7f10badf45196f4c16cc7b8254dcfed257ba7b16c5fe137f48e0731252019df8b1c64a1b25be2bd3bfa7644f36a6ea3e0cb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\handlers.json

MD5 e7a65c5ead519a7b802f991353c26d3d
SHA1 34cc3c1cf9bd4912dba5fa422010934e46419fa3
SHA256 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2
SHA512 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\shield-preference-experiments.json

MD5 285cdefb3f582c224291f7a2530f3c4e
SHA1 f816c3e87aa007b6e6d31eb6a4618695a7d83439
SHA256 704d28223a4320a853df4a19d48c7015cf79d56a5317cc3475b6305fa43dcc05
SHA512 8f1decf1e4b5755fce8f165daae115f45d6890985c9c4bbb33a6f724cbfd26db75f6da06f9ef675de20fe755da9b7f55e5ee37124296a12a520a393da159bd58

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\activity-stream.discovery_stream.json.tmp

MD5 3b1269c7a468686e0aaf32fd887a05a0
SHA1 1ab5d0278c1c2207d7c94188c92d1693fe03de7b
SHA256 f2bba16c008303408c8ecab8fee20439529fc7ec6072e75749c97a8421f98ad7
SHA512 b2e8af126209c44d36db31edac1ecd06fdb531e8dd222569746a67483a116e095bebb8a6614dc6867b83ecd5283c9f4c34fe2fe87988375684b2a135f93575cb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\containers.json

MD5 94a3843fad8c45c48b0e07342df3dfdc
SHA1 d55b650208bda884d573afebd90830a3f4d7c201
SHA256 854ff2076f71097b030c302a1ea71d8e851d2920b9ff5fc8dc8f16c91ba95b72
SHA512 4d2a6b2a223ad81bb97195abb27685cf88453caf5769de154b373486d5245f02e0c0f664281d8e3bb33bfcdf1d6f7b3d9602303864d4e56481382adcb0b932db

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\prefs-1.js

MD5 e6a1a986967ad23b19b7b53169a73448
SHA1 9976db659d7f60e4ed767cad718b300798007efc
SHA256 ebcbeeb11f7f902c3b18b5c32bdff5206aa4eaad13337a41c7567c37808dec8f
SHA512 78d95f6d61b74ea85a87c1dea7c62392de05f9165268605ab545634d863f7092d3a3a9728e55112fd377b40a32bac54c181232d3ab0d46442a8e64769fad0666

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\sessionCheckpoints.json.tmp

MD5 d697506a1f021379dc22b5b326386e08
SHA1 2655077c1c71e08b3eaa6f4075acd3b46aaca262
SHA256 0a511f9c8b334d97d71561b1c798d5bbcc6a7bdb96a0296eba7486e14ac39b10
SHA512 a3acf19e177e4f25bc2da33cff31ffb3b860cde00b2e32f0c069c26ab1e20663234d01a7805324480c4378bb3636b30ab2ffc0af446c65ac1d605741480083cf

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\sessionCheckpoints.json.tmp

MD5 e6c20f53d6714067f2b49d0e9ba8030e
SHA1 f516dc1084cdd8302b3e7f7167b905e603b6f04f
SHA256 50a670fb78ff2712aae2c16d9499e01c15fddf24e229330d02a69b0527a38092
SHA512 462415b8295c1cdcac0a7cb16bb8a027ef36ae2ce0b061071074ac3209332a7eae71de843af4b96bbbd6158ca8fd5c18147bf9a79b8a7768a9a35edce8b784bf

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\sessionstore.jsonlz4

MD5 f88eca3602c8b763cf88207fc8f5d3b0
SHA1 e419ad8f6165952a3e183151628f7e97bdd1e941
SHA256 e72d1c90a163e2191daaded3f62175e749fe06df1021b47be047824b52bb5b0d
SHA512 2521371bd479621b4330b94ccb58b9c4994b9d97dc6d1e531f7e50544faac2003ff169131ad4e2194fed69f3539b4f258117b56cbdecbd01842d4143e473eab4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\sessionCheckpoints.json.tmp

MD5 99601438ae1349b653fcd00278943f90
SHA1 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9
SHA256 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a
SHA512 ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\favicons.sqlite

MD5 70bdaebccc9b6fe7dc9d169e8adcbe5c
SHA1 5fa6561a74418de7c7cab72ced4a4f27d09fa3c5
SHA256 d77c206a59fda92e0262f905b02f4d8767432c4b55aa99fd3ec5ea0f285cc9f3
SHA512 4533a0e05642f3645b2236ece43b6c2a5b24e7fcf040b05dc7ad7a0d5f78f4a91b466d740ab411ed7634090cf4e5594590b22ca9e68db1ce1ae579cfbd70d3c5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\cookies.sqlite

MD5 d367ddfda80fdcf578726bc3b0bc3e3c
SHA1 23fcd5e4e0e5e296bee7e5224a8404ecd92cf671
SHA256 0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0
SHA512 40e9239e3f084b4b981431817ca282feb986cf49227911bf3d68845baf2ee626b564c8fabe6e13b97e6eb214da1c02ca09a62bcf5e837900160cf479c104bf77

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0tw4mnf0.default-release-1722711476719\places.sqlite

MD5 f2b0e84464aa7042ff9d6ae4907b48d5
SHA1 6a8e49ad483f3d478ac95a56f1b16828e3b7cd69
SHA256 1f91d8d01d1909eb1cc61d0d4faa62452e22093c775cf11dfcaff0d83e26e96d
SHA512 b853d4f11f49831058c3e9f5ea00f6d9c15862fab86c58bbd62c2d6bee12c1217e36610206f24d2709e41bd5dfdcc124a80d6911e2be8f6dd7b1d5c437c42397

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 de5a646e1d17c3f5e66d438c0f95092f
SHA1 323424930dd2abb893015c70b13af18f34d7c697
SHA256 2723929d45d05f1a779e722e41ad50853b9932d618d1ea062d6049fc776ab1a5
SHA512 7ced54d7b6078e279395d499a00f71a0aa398261c39d3c84890b36eb2e6df1b64869d8de46879e4ae2cc627dd98fad254f9968586d8688df73891062670d2558

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1a0e3517ff6465557b40d1cc244a035a
SHA1 5fbf2292da0cabee35f96782529c01f2f3a8a33f
SHA256 49bcb335a2296fffbd046302150c89032569dca9ca1aa1188ac108fac8e9b018
SHA512 9c5c407f88266651bbed734ce85de2005818beb7a200a2097a225969c2aef7a4d12f3c42a044048539dcf539524f2875cbf10f2659792dc18a0285f41b991e81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 535364af80e9d9203228ee9c124fe4b8
SHA1 5d618bf349dc25180a8ff929b487a89ff67e8351
SHA256 9ecadb0e531a35a602e9803fc60dfd3d0a297ecaafd1dfc5d79853f43b497b93
SHA512 947823b74d47caf6c758e25207d1163f94833cfd200439214f5fc2538136bb43503c2d8417695c14226caaffbee848b35ed073987db41f57ff8f7515a3d497e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7936a81227354711ea56537d98dae6ba
SHA1 191d7e421133f3f3024fc84e359d59d9096acfe3
SHA256 88aad9947cda30bd521f7692a995173a5ce83ecec75ce1c09a90cc7002588adc
SHA512 19a3b4f4d321ccfab872cb8bc6fde679c75bb66d9a6db9730a4ed37baf3133b72b212153790a8ccf5debf07e8357a0f449f61e73601e012cebe69563cfcae677

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile\Extension Rules\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile\shared_proto_db\metadata\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

MD5 c594a826934b9505d591d0f7a7df80b7
SHA1 c04b8637e686f71f3fc46a29a86346ba9b04ae18
SHA256 e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610
SHA512 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 131cba534149980ff2a724d5a944ed8d
SHA1 8d7b459fbe496d4b5ade505863b97946d38ed57f
SHA256 e85f9558c8e97320c209bb5a453beb85d0b64f886090b777daf8b907a16befb0
SHA512 15f7407678e89e0b09d7b2260d7a6cd2df6d399e027e91012398be98e70cb826fac56edbde95019298250a695c9dfc0732ef577fb416d0196df3a52354699782

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 541d2397b49a8579cd94dfa1dfcc4097
SHA1 fbe2c512b1f640bfefe1a45b82a4804a345c8347
SHA256 30bf66235e2dd663bf49a7b104847af322c9a104aabc4b96104d85a88750a0e6
SHA512 557dccf9cb73fe3505af44f95e1abdba382a426732d1ae148edc0b653c4977a89eaefaaba80ed77444b97d96ec369287227c1a310bafbe0907d796954ce5246d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 75cddc98390223976ea20073eb1bf5a0
SHA1 904a3358634375db5f08a991e5c0c128dc00babf
SHA256 890cd72a7763912edf56bdd9309adafad84a10427c016e21bd7ec43003e43771
SHA512 1f5b2813dbfde13e2a112079a2dbf68d26b1705b28b779b1a8b2b261b0f9bdc9e735dde5181a7ad69e63c5aed1201f53e77c0e01db3639f984e10370b5161a83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e303948cda3cbc8bdbe99b71a7ea5c3b
SHA1 b098de380c0cc5686856f494a7cb29cfb04c198b
SHA256 9654e6603b4461158f6dead50565e6a23c27d4fa6b3c4ce2ce5d6a709b66bc66
SHA512 48198b9d92dad0b5edcfd996b3100f1a88c5b101c65e51adda68a72791393be324c65a18da6f246adf45d6f8d2e228351c64d97ee2b28ff6c5959ece8a36baab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 fe97577c05b4e7f5fe3c63f109d76947
SHA1 90b6275be11c8d35502da5093829bed276e85282
SHA256 b95f0203e3ec6234b55be04059b91bb0d827e7ec1bf40dc25d96ddc0f7a3e0a1
SHA512 1eabbfd5299470a1768b1f6ec99c87f5c6ab7698b3739097fa31927768e775819a6f375b3c31d1561f42873f2071e13986ac0cd0b262590fe1a512bd5ddcf4aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 3b402b805a9078883ad2b83404492390
SHA1 61719b04a84560e8099aafe32644a1df43042311
SHA256 7753e5f8b92bb6110102c0812237549caf38acf58657702d01052245157ebc6c
SHA512 5a724f8adf236e2d25dbec33d78cccb9ff0c1987f3cc39e1fd5552afc4ad21dd0196f7a2e7f006634df9ac82f0cfb251f1ab95d6afcf03c68a65781f706ec703

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59ecc7.TMP

MD5 3f53c37e05e48a63a5185c52596aa710
SHA1 9b931c9ca8e029da985a168f7b6d83f3725bf39d
SHA256 ff2bf0a34315e908d9c9a80f225025e47968faf7c200dcca2b650ba748fca70b
SHA512 20f99c6209fb6239104ce7fcae15926480584aac9af2da8d004b1fac5cd73d28fb2e512446a08204ab95b6a3443304804352b55125555f06bdd49d4192167bc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b3821a3cdb7e428fad0c337c6b86f4ab
SHA1 30eb74c6e200e10a0bc4b6a1559bf9c76f853d55
SHA256 f15320d2c4e15c840345acb45e183523c3a224611ad08987d97e1f65b6e69da4
SHA512 161318ea67bcb8ce35556cfb2ea0d2472c65d952593db5321f88b305213147ee0a4fec2139641ddc6341c9254d40d3f271f5ca866030635119f6490cef879383

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 484c0284cc2893e2b86c0832227d222c
SHA1 b92f5bb39f6c165bfec487e1d6e146e2a987b593
SHA256 f8e4f8816258584ca61d93795fe11a77893fa678bee4b8a343b70be673f1ce7a
SHA512 a93c4c868ea8c5c9e19003ae79a61a12a78557a88472c0373d0fe29242a62b9fe70da94da4c4158551cacbd92caade3e94dd160062aab96bfd03d1cf5fc708af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59fc67.TMP

MD5 872b5ae4398b4f93816ad0d78fe7130c
SHA1 152c7d33de51066e6a5d79292a34942077b3b98a
SHA256 7b634e38df6cdee16251aea868dbb6fc7e2434519c326c2ddd7d7b10492f91c0
SHA512 807b4061a64f3ebb7cc886a58545261303a72dad71824d5540781dc1e7bdbdf19515f36dbf348d665c2e35a3bead9d5c9f912f06c10032ccfbdb9426cf38e8b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db019426b5746c2aa173fcd8830ee863
SHA1 8a9a78b410a3c8cbf66c2031cd3847e56d466c64
SHA256 2be8d9aaae8df0c72119b14d465fc891de733880f697acf265d3a754936d6702
SHA512 d9f162b8d106397a8fc1e0741142b3c9b89c9c2389f323d926db7a32688e99988fcd6f871cf2387f0386694cc19386b3cd253dbf0d13ac662cc05940f922576a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\5ce50966647b163092d864b9f37d981f5bccd871\6444d738-03b5-4493-88f7-8da41a1337ec\index-dir\the-real-index~RFe5a009d.TMP

MD5 02199f3e1cbb014e5b89e746ddf359ad
SHA1 3fdd5bcc427e4f9ff5426cd9514c4c6fe0338d3c
SHA256 288b4e9391d346d47f681a7d0f861ebdfce16c85e72f7b59689090300b5a6b89
SHA512 f7f33854a51c4f292cf957dba95b832e7df479550e1f596e072f526a01eb01f849fe83d9c4446397e17261e790caba613c7f4131a04d29da7a4f7a77fb170cf9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\5ce50966647b163092d864b9f37d981f5bccd871\6444d738-03b5-4493-88f7-8da41a1337ec\index-dir\the-real-index

MD5 7a8239c2af8cbc2e8e3d0bf743b809ff
SHA1 f4c817dfd0812fa6cbc9e3f2b94fc3402a7a9ad6
SHA256 4cd8a478a02ed5116483e3b72ad2ff5dcf8c49806f02c1d34783c9242f01fe81
SHA512 519ded4c67ef203c923625d872ee2965d80f14b29e4334f7971259764addd91fae6099082759030293d998855b88f594a7e135c7eeb2898495d5c13a34d434b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\5ce50966647b163092d864b9f37d981f5bccd871\index.txt~RFe5a00cc.TMP

MD5 89584f7b7c956290eca2d9287a4acd9c
SHA1 9e58e9fdcd1d1ef0324f8b993aca178b14e8374c
SHA256 ada661edcc34561d158fafc8a6666f0d92297a2e74c96c60423a0e93a05d3c58
SHA512 851a146babd725e22c5c642bed99b50333a3730bc34b9b7f8f3572728900f911f9aeeff294f7502c06b28811f62e505ed69434115a8c82cb80f8ec5b6d03a83d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\5ce50966647b163092d864b9f37d981f5bccd871\index.txt

MD5 f7bc6ed9c2e05fa87bf50512bad4f8fd
SHA1 2375a0e5c748aa9efcd2272c99792967e98f0c93
SHA256 3cd0326c5e5ec32aa06cb1667c60d58d768cafbf7c09ea2f56fb8e5a167c5ee8
SHA512 4056f0c3c027e84b3456725feacc2797d051165f9a178891c4ef981ebb65c257a230a3aaf2683af4d66d881e09d885cdba54f1f20951a5e02fad1ccd3ddbf008

memory/4184-1382-0x00000230F6420000-0x00000230F6430000-memory.dmp

memory/4184-1366-0x00000230F6320000-0x00000230F6330000-memory.dmp

memory/4184-1401-0x00000230F3690000-0x00000230F3692000-memory.dmp

memory/2360-1421-0x0000021809440000-0x0000021809442000-memory.dmp

memory/2360-1424-0x0000021809470000-0x0000021809472000-memory.dmp

memory/2360-1426-0x0000021809490000-0x0000021809492000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 045c75a8a3c7d9c3a2f949e172098426
SHA1 9e030d52a736b49a906e43af3438fd682bc705de
SHA256 4ec3ccabdd4216b0fbdd40263da614fc51650fa549da3cf5a8c156725433e49c
SHA512 5e54e19f99e40f4b001a924ec501ec051d25fc9096e7637c43d4002f9236a250c35b628a6001279b29739a3a156c2379f85be11ad4b4fd1d9e6374f33aa8b6a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 038f1b7a6bf3d51cca50621c16536de6
SHA1 91e3e1a24a0f75f23b0c83aa8bd7928253ff36cd
SHA256 e84e3ec24327570bdf0092ff8ec2a4b2618179c7e9b4bc9cac7c51d1fb6d1347
SHA512 969de96cace301a3e8ffbec270fd1187b93cb8d2f8230f0099afbb49af1675711bd0cfea0f9fde7ebd6b0f27069b49ddb36d33e927db97b3870f5bd8411316aa

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04

MD5 c38589a6454eb9e11e541f3a7fead912
SHA1 ea2203b750eda76db43dc3e551635470ed4b4231
SHA256 ba88529fe5b9517b4585706a73d25f89da8f988de8fd244bc2fc53f2c418ece6
SHA512 73a53e77a46b84208e206119cea759dc02572b97866c4c8dc05824ef0d1ffcaa64b97bce700583ff2e0a3839c47ff7d7bf09b51ba7f68c47a4b915a33f994667

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04

MD5 b48ee254feb2ee41695c921bf8f649fc
SHA1 e18056e188e310663b81c2dfee8be50cda87d447
SHA256 9e4b4f38aa88ccdf62344051628bccfee6b2a9af25843f38883c19ba49a3d585
SHA512 3e0d121e037f61687c5acaae9616fbc5399902f54d82c483edd301d5edb8f715d58aefe187b202d149b1ce8ce73d932e93675696b1ae799b41cd713b6a423057

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e24244a461ddb205351ac4c667faf2b1
SHA1 a429760d53cbdac001a29a5e474a7ee7fed7bb36
SHA256 34d632e9bd89f4fe712b883b3a3df3c00cea0bbf8ab0858e26278b0a3bff0532
SHA512 ec1d3c35ef4f88aeef873b52338be97aa91ce22cfae66812a916b5205bf3fe7cd168bfcdd944d1efad09b4db7ad48af69361f28695a74d4a5c42881b8ffaa12f

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\E49JWOHD\edgecompatviewlist[1].xml

MD5 d4fc49dc14f63895d997fa4940f24378
SHA1 3efb1437a7c5e46034147cbbc8db017c69d02c31
SHA256 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1
SHA512 cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KCFQ0QY1\jquery-ui.min[1].js

MD5 dfe3ecf96456f8cafc12a7f48de6b8c8
SHA1 9927afbb31df93a76977a676a933b7e3696d61ba
SHA256 e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
SHA512 3d892ee75916931c6e8743a24078bc20dc1f0c455c11ef49601899080db51b421319d11453bb1c1214f2badb7af632b9f75bca2660613cc3fec9831de89f3c9d

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\64YXVWRC\jquery-3.6.4.min[1].js

MD5 641dd14370106e992d352166f5a07e99
SHA1 eda46747c71d38a880bee44f9a439c3858bb8f99
SHA256 a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
SHA512 a6e981b23351186aa43f32879dd64c6801be6e2af7ef8b0e472cccdeeba52d5d7894de4bcb292a364f1e11e525524077534338140a72687ada4fae62849843a5

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\919SXSMT\97af919[1].css

MD5 2f14e8a43e858e4db6544c3d5cd8118a
SHA1 fc7d4dd5fb68898710dd2893a22b0fdb8cd60241
SHA256 6da3a3745018357a84cc0eb515f9d47b700d3c4ee4e601686e6bb4416fee9e9f
SHA512 530b548b0c956dc52be044a43933a01177bf1028797beefdd64756265be882243f6fb0480e890153d069a43f740a67ebb86108a6ff9de5e00cfbc8d2cb1c3750

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\919SXSMT\b2275d2[1].css

MD5 49ecbb4cd113ad02747e5b6d66fb4bcb
SHA1 3eff6cb471dfc333d037c6941978337029f0dc63
SHA256 4b092ae13f5e3a0ba0be6ee7e2112debfb11627e7e345b3c89cab693b334c27c
SHA512 153ccd982f303c21682600a935b166341a9995403f5d794b20e385840362a11e0bff3380d7706f132b090d447b8c89e691e8124d468856ed7e9534904f6f71ca

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\919SXSMT\f94b2c3[1].css

MD5 31c073f2938b1eb6d7cf01f10cd6a052
SHA1 06ec291b65713fd19f762e9e8e2627a33cc26408
SHA256 7e474ddbf469476a2997e20981c91beaeb3fd8d88de64f6af4b5f39f4d94a090
SHA512 eadc4ba30e8d6eed31d8efb8cf457b83f85e60eb9cc59b92f1cf303ffbde0caaec8e0bf8ecff96e702b3cd130d95a2711e8b18ebfe362cda334f87ad6465e000

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\919SXSMT\3776b6a[1].js

MD5 0a3baa5fcd06dedd080842aa26a14690
SHA1 d7c49cafe77c260b3037e797d9013d3afc474e83
SHA256 2ab79382fedec87736306be77abbe6e95f7022ad5bc13a4d5a5ba00361de0f7a
SHA512 2bd8a28d860fb68002e2771e57898f0f37e024a8656bd7763f50f6f2707b32b1b2ba72e76b1566c880bffb6037db7da3329fddb1e8fc4ea3bd8be08b59d27169

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187

MD5 6850637670aaaf2a9d3f9891b4845dcf
SHA1 482ddf563d4740cdf9ef84202af39e2490579061
SHA256 48099d547017889371a1607b4662532e1e07abcdb2cc23c175f2c2a84bd7e032
SHA512 c75b8b6da1049667587c76c55c45f32e8277bb81ef3cd6c65dfd6e422bda52b9b3d6da5489d34ba03b331fb4782d9f086ae500043daeb7efc6bc575da442b5d5

memory/5092-1567-0x000001BD3E570000-0x000001BD3E572000-memory.dmp

memory/5092-1565-0x000001BD3E550000-0x000001BD3E552000-memory.dmp

memory/5092-1569-0x000001BD3E5F0000-0x000001BD3E5F2000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\X2NN8ELQ\4689d87[1].css

MD5 0b77beac44ac61354a4e40e9d9779dce
SHA1 19033f0cb1ad25782178242948ddb4dd84f03efd
SHA256 c7d6cbe0cc463ce50aba44a07c78d4a76c1d3fcb24e3db6a7d3fbaeaf49cd791
SHA512 db0c95a05dd50ba7d308ba884a28d476a8d34561072dc78025f7ce95be00c0be168a92c56a865ba06ab7aceb27a6ecc15996a65e430b4eb545b45aecdc477d14

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\X2NN8ELQ\0b89fbb[1].js

MD5 28fdbc0d64fb41bf36816f68e46e6eba
SHA1 1a82f5cb1d64c509cce8638a6182a7298e43aba6
SHA256 e4ab6536e9ea21b02e4ad18d5a92d463b0edad7126c3d522dc360731d26c4bb6
SHA512 f4547e88840c11837c554ee5c95b56003b7da6a34d1b6f09e0306d7b025bc8c87bc785837a988ccfbfbd7fa52afe977872342145f9a9a2a13b7cb2fb3d208af3

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\X2NN8ELQ\4370f02[1].js

MD5 b274e79748720444ccc043c55e931189
SHA1 6074e4e3227b7e3ba9c7cd650ff0d98bc5dec8d4
SHA256 5017f11bc887f10cfcf6de0396915a5bed805144855a1f8a09ba90a39cfdd9af
SHA512 132c9dc662b00f400ccbdeb28c69b1f263669eb95e75dd74b007993d552a909b254b7035f93a5aa8a94b5172b163c33b8a19e15f259e963750c2b3fab82a8983

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KCFQ0QY1\efb522b[1].js

MD5 571c843e51cadcaff2d1d5ff78e64c1a
SHA1 bbc99e7517624266fa5ad29e1a71d8002c7b4be1
SHA256 458194add06a9383f073d8b01715c6d73eb64d3bdb71718cd63a7b22f3028269
SHA512 7a37d92635a477042073711429fe016b43cd97e9785ca88840a574c2fd8505bba2b608e6d6b97272ae17722f14f67d6226243511121f996f6d5a5ad96be39604

memory/4184-1604-0x00000230FD150000-0x00000230FD151000-memory.dmp

memory/4184-1605-0x00000230FD160000-0x00000230FD161000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\KNK73TR6\favicon[1].png

MD5 9e3fe8db4c9f34d785a3064c7123a480
SHA1 0f77f9aa982c19665c642fa9b56b9b20c44983b6
SHA256 4d755ac02a070a1b4bb1b6f1c88ab493440109a8ac1e314aaced92f94cdc98e9
SHA512 20d8b416bd34f3d80a77305c6fcd597e9c2d92ab1db3f46ec5ac84f5cc6fb55dfcdccd03ffdc5d5de146d0add6d19064662ac3c83a852f3be8b8f650998828d1

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KCFQ0QY1\62fff21[1].js

MD5 a1ebd483c87a4faaebeebc9190ef42d3
SHA1 07458636bd15b9e0d26c2fc077573feb54a4d516
SHA256 710331a58573c3eed4e0efb529ea5dae2795a4e95d5faf6bc3565b5535a7706c
SHA512 9be678b3938f27667dd47d8f1793ec818d7b3de973bf30fbc1881d02af15871f10831433238a1835a4a82ac156f6ba203932c8cf25cb27eef7c88febb52fdbcf

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KCFQ0QY1\104302b[1].js

MD5 cc2aa84d9b96507c867ef2731035d6eb
SHA1 1c739ed61436c2b44fbba8c032b14658cfd43fb8
SHA256 7bf15f1d092164bd8eb22901ee2fed2a7f4b6c30d612ee9d42ae6339c1490c7b
SHA512 794d114499adfc82174fe0c0b982dffa9f69ca3e5607547a76c21e95d6f1512a363b17b9dc34519565eaccfda44bb9a45258a91117fbf24dec489204e21cb584

memory/2360-1634-0x000002181A820000-0x000002181A822000-memory.dmp

memory/2360-1636-0x000002181A830000-0x000002181A832000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile\Preferences

MD5 46744655cfadf256c0ffaebf4777e45d
SHA1 4478a19248fcbaffbacb85422c6dfa3ad3b0d7fe
SHA256 8c5a38890ebf6b29e17a3056816f05b7fa55f6d901ab619c6341b35a39e0f72a
SHA512 79eae24f16feaac246fd34804f52b69030c6c2a96714a0a59930c0341fd474df4d017d7384a8c7118db04880b6352d5fb2d0838938685a6be81309ec6baf836d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile\Preferences~RFe5a8f51.TMP

MD5 04b9c8ea954cd3543ad274671fe1c34a
SHA1 2d9ca49ba87a4d9d5a9cffab92a440bd4ff2a628
SHA256 70e0ff4d4801e02d7ad712a8435aa8c6861acf5d3a01176eb3e77d1697381aa5
SHA512 f43ea65dba0dd039037c660cd9df25dd06c4eb8f4b9cd17c9b1dbefeadced3b98943eebd0e7a404247a45a095d175a5cc733c2a1db3f0f54064ad0113cd257b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ab3fc8537ad279c7f2ffda1ad20544dc
SHA1 fa707b2802cd49544e02d488943bf27921e3946f
SHA256 4c08dfc2c9eb2b0499b213eec0021a6e20dcc235db746361189df2d09aab5c31
SHA512 991c2cd95870ef3dd4fe5f3feaebc90442218246426dfb3d7c2c961dea27e49c0d0ebe104aa72bd0449ccc19348ec14a0925ba81adccc103854a54df149a2dea

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\QPJYVL1L\suggestions[1].en-US

MD5 5a34cb996293fde2cb7a4ac89587393a
SHA1 3c96c993500690d1a77873cd62bc639b3a10653f
SHA256 c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad
SHA512 e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a68977687211a94e7d8925347c1584cf
SHA1 53bb70e731dd4069417d7113649c4baddcc38d05
SHA256 be2467a0ef0a6eb6d3c0fe3befd7686dc64adbb9c64ee243fc26f7d3bb54c154
SHA512 0db6a94828f87602937667c3280d32fe1d586773357599aa5412fa0fdb26871f3c440cfced86adaedb07ccc366be70352139aaad839ae3275dbff21a7b20aa27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 aee686c5d06b6e7593d312a0de5b7854
SHA1 6aa7cbc3473aa4d9f1ea63b691e3157dbd91eac8
SHA256 1798940d3fc749a6f1e33ba7863951c7fa70a070b9ac7a4ed3d2787255638698
SHA512 b161c73efc55043e1d3cdb50165be1311b2e1b195321e1f0bb45f281804a8aa93e5ff5011915480da9ec92904bd5136d693a84b6a92fb8fe0a781955bb39853a

Analysis: behavioral2

Detonation Overview

Submitted

2024-08-03 18:54

Reported

2024-08-03 19:17

Platform

win10v2004-20240802-en

Max time kernel

1220s

Max time network

1177s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files\Crashpad\metadata C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A
File opened for modification C:\Program Files\Crashpad\settings.dat C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A
File opened for modification C:\Program Files\Crashpad\metadata C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A
File opened for modification C:\Program Files\Crashpad\settings.dat C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A

Browser Information Discovery

discovery

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133671850042147771" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-945322488-2060912225-3527527000-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 932 wrote to memory of 3468 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3468 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3232 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 932 wrote to memory of 3156 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff77c9cc40,0x7fff77c9cc4c,0x7fff77c9cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1960,i,16936717918219234449,16405279637901794023,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1956 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1868,i,16936717918219234449,16405279637901794023,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2100 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2252,i,16936717918219234449,16405279637901794023,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2244 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3032,i,16936717918219234449,16405279637901794023,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3056 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3036,i,16936717918219234449,16405279637901794023,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3228 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3660,i,16936717918219234449,16405279637901794023,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4448 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4328,i,16936717918219234449,16405279637901794023,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3644 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4868,i,16936717918219234449,16405279637901794023,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4772 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff77b546f8,0x7fff77b54708,0x7fff77b54718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7fff77c9cc40,0x7fff77c9cc4c,0x7fff77c9cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1896,i,10234913402802614161,1410873790838589587,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1908 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2204,i,10234913402802614161,1410873790838589587,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2444 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2244,i,10234913402802614161,1410873790838589587,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2456 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3188,i,10234913402802614161,1410873790838589587,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3200 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3180,i,10234913402802614161,1410873790838589587,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3232 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4604,i,10234913402802614161,1410873790838589587,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4564 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4420,i,10234913402802614161,1410873790838589587,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4708 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4960,i,10234913402802614161,1410873790838589587,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4964 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4936,i,10234913402802614161,1410873790838589587,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4896 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5240,i,10234913402802614161,1410873790838589587,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5248 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x290,0x294,0x298,0x26c,0x29c,0x7ff6656c4698,0x7ff6656c46a4,0x7ff6656c46b0

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x284,0x288,0x28c,0x260,0x290,0x7ff6656c4698,0x7ff6656c46a4,0x7ff6656c46b0

C:\Program Files\Mozilla Firefox\private_browsing.exe

"C:\Program Files\Mozilla Firefox\private_browsing.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -private-window

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -private-window

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1984 -parentBuildID 20240401114208 -prefsHandle 1924 -prefMapHandle 1888 -prefsLen 23680 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {88a7a5d0-02a3-4939-8b0d-2f10e4fd2a90} 5056 "\\.\pipe\gecko-crash-server-pipe.5056" gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2412 -parentBuildID 20240401114208 -prefsHandle 2400 -prefMapHandle 2396 -prefsLen 23716 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2d669a03-3864-430c-aed5-4a8e1244d487} 5056 "\\.\pipe\gecko-crash-server-pipe.5056" socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2872 -childID 1 -isForBrowser -prefsHandle 3268 -prefMapHandle 3316 -prefsLen 24665 -prefMapSize 244658 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c0408a38-8ead-484e-8d7c-1eb60acee61b} 5056 "\\.\pipe\gecko-crash-server-pipe.5056" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4012 -childID 2 -isForBrowser -prefsHandle 3828 -prefMapHandle 3812 -prefsLen 29014 -prefMapSize 244658 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {317aa5a4-6f0e-4872-bb69-749d56dfd78b} 5056 "\\.\pipe\gecko-crash-server-pipe.5056" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4884 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4764 -prefMapHandle 4916 -prefsLen 29070 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {62a00816-8939-4f10-bbe2-16666505abf4} 5056 "\\.\pipe\gecko-crash-server-pipe.5056" utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5496 -childID 3 -isForBrowser -prefsHandle 5492 -prefMapHandle 5516 -prefsLen 27104 -prefMapSize 244658 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b6e064fd-6a4d-443b-9c92-87673739d872} 5056 "\\.\pipe\gecko-crash-server-pipe.5056" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5592 -childID 4 -isForBrowser -prefsHandle 5672 -prefMapHandle 5600 -prefsLen 27104 -prefMapSize 244658 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9b716c1-6b62-447f-b99a-bdfb4e8db440} 5056 "\\.\pipe\gecko-crash-server-pipe.5056" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5656 -childID 5 -isForBrowser -prefsHandle 5880 -prefMapHandle 5824 -prefsLen 27104 -prefMapSize 244658 -jsInitHandle 1328 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7ef37927-b8d6-4a85-b641-29db10113581} 5056 "\\.\pipe\gecko-crash-server-pipe.5056" tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault5046a3aah1881h40adh8c3fh79d2bdc006fc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff77b546f8,0x7fff77b54708,0x7fff77b54718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,5228013864906064721,17914137108921055904,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,4121465568576970689,2051309916408769784,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4864 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=864,i,10234913402802614161,1410873790838589587,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4888 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
NL 142.250.102.102:80 google.com tcp
NL 142.250.102.102:80 google.com tcp
NL 142.250.102.102:443 google.com tcp
US 8.8.8.8:53 www.google.com udp
NL 142.250.27.103:443 www.google.com udp
NL 142.250.27.103:443 www.google.com tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 95.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 102.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 103.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 94.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 94.102.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 2.36.159.162.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 101.58.20.217.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.102.100:443 google.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 100.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.27.105:443 www.google.com udp
NL 142.250.27.105:443 www.google.com tcp
US 8.8.8.8:53 105.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients3.google.com udp
NL 142.250.102.113:443 clients3.google.com tcp
US 8.8.8.8:53 lh5.googleusercontent.com udp
US 8.8.8.8:53 lh6.googleusercontent.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
NL 142.250.102.132:443 lh4.googleusercontent.com udp
NL 142.250.102.132:443 lh4.googleusercontent.com udp
US 8.8.8.8:53 clients2.google.com udp
NL 142.250.102.132:443 lh4.googleusercontent.com udp
NL 142.250.102.138:443 clients2.google.com udp
NL 142.250.102.132:443 lh4.googleusercontent.com udp
NL 142.250.102.138:443 clients2.google.com tcp
US 8.8.8.8:53 113.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 132.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 138.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 chrome.google.com udp
NL 142.250.27.101:443 chrome.google.com tcp
US 8.8.8.8:53 101.27.250.142.in-addr.arpa udp
N/A 127.0.0.1:49820 tcp
N/A 127.0.0.1:49827 tcp
US 8.8.8.8:53 spocs.getpocket.com udp
US 34.117.188.166:443 spocs.getpocket.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.117.188.166:443 prod.ads.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 support.mozilla.org udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 firefox-api-proxy.cdn.mozilla.net udp
US 8.8.8.8:53 firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net udp
US 34.149.97.1:443 firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 122.28.160.35.in-addr.arpa udp
US 8.8.8.8:53 cxcs.microsoft.net udp
GB 23.206.78.251:443 cxcs.microsoft.net tcp
GB 88.221.135.27:443 www.bing.com tcp
US 8.8.8.8:53 251.78.206.23.in-addr.arpa udp
US 8.8.8.8:53 27.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 213.143.182.52.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 3.69.250.142.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp

Files

\??\pipe\crashpad_932_NASJWDSUXKAPSOZX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 3e552d017d45f8fd93b94cfc86f842f2
SHA1 dbeebe83854328e2575ff67259e3fb6704b17a47
SHA256 27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6
SHA512 e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8c6ee7072935f221f7e9c222859c3087
SHA1 d5c33676d7f9b97a56b985d34f5470d1416954f2
SHA256 a595ac4b266b62d770b6f62e23af376f7c37029f6f99cad3f2ecbdc408503855
SHA512 cca47d81ab750c48f0c7108db9c37aa8157973849922cfe9e9e02ec6661abfa48e60586a14c60531ca2720296a216e5d6981a6adff32693fc70e7433cfa61318

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 12726bb4bbbd3138f43942f6c8f4c6f7
SHA1 abd05edbe8e70079dc00f7e1a69a625d0e3d067b
SHA256 aaba6cbd2d551e8bf77a7e9873fcb9bad8132d9412387810218ac7027a24e95c
SHA512 2d32cd1624b5740f710d929ae12ac8e249ea2da6888c749dfd26bdb66d9abe168f6fb300478e7c9ab5319f0d17219b416ca941c8e5af4c9cb75e0d2684ba055a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c039cf8006a1b7e2db197f20add4f23e
SHA1 6761ebc4fb4bb8cd4c76d6d832abe5e7c2ee3ccb
SHA256 1433aab555d0d7cb711619266341d1a98fdff938e611453b643c37b0b68ed687
SHA512 b896a7ea8bdc7eed26c8b183871b1d64409ec6116469fc586fa6e938c00a635e230e348e59962203a7225f37299bf1ad654770774fce1723ff07de5dfeef7224

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4d49ec5e0aff95adde2061ac6f1b2afa
SHA1 811675fc0be2e56041574e829cda1de9baf8b44a
SHA256 32ad2455bea01e0e9106516d800c2e918befb5ca1ecd415a7a4ce02c7590b749
SHA512 49323d5ba8c8f3373bcf8caa618ddd67419a4f1495ba980409937830815162910d61bfc7a2928bbd34c5b3a3ea141a6b26c10f6a7728fcbf299efbf84bf5332f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 14fa0df01528f0027577b662eeca3bc5
SHA1 d675393bdfa437e03f9d6c8dd7867ceed3f88f3c
SHA256 17d88342997e2140e292543fae3b15c9f8bb44dd988ee78f5f04f9e07d74688f
SHA512 8d4004b2ff876db0341ef0e3d21f52fea32441c574d0918bcc14f803b44803ea8c641a0a4396c9d8cf58446c3b92130d50405cd6bf7631474c1f7dcb895f790d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 192be80ca2043fba6cef39784a3277d9
SHA1 df0ad4002216cf21f3871a61fec9051ea153fc51
SHA256 f04a6aa34773cf318056010870d4e3a4bf59b319c17712af579421d50ae0d2a0
SHA512 a6b44ad0406ccd4339a45c9ee60369ed8aab8234372a73830b5d9baa860560bd5b2a339ad2dd7cf088c9cbcda299a17b8ccaaeeba6deac3f4503a10d6596c88b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf130ffb384a861cc9887b4be21e5d37
SHA1 dc0a9082dc743648072be30de1391ac0c0097239
SHA256 774e02683324ca227136eb6240be88f2874f7d7c10559d2041ac602692d97432
SHA512 58c0b4dcecc77ed95f3d1ab5413dd52e961ef6dc6d6b8151416803063108bd42056db0ab6d13c12d339830372f14c17681fd247461ad748ba5989175ddf50664

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4bde1d11227f7d48e3140b4661513e8a
SHA1 d938d54fbdef28eadec01fac84c078be0a6b384c
SHA256 8badd0b618c9341f3169ff4b45d27d87b87303a74af3a5df551afb20506370e4
SHA512 3450a7b0e3468fefcebda49bd502b3cf33a8ffe0957c43bb08978ffc3e35b79630d1548d5e7c1d8588db02a99cd2d71cecb245a28f604252558c6ad415aad110

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fa0112bc96098ab5cc559c3630e2f55a
SHA1 8836f9a5f572783d119d0aa3ac5391a64b3e6d8f
SHA256 caf1dca5221c88ec654057b5e15f3e038c017e76c26eb47939b8b2b121455b0b
SHA512 83731a71c4c449cc5aa4182f57cb9325eac1b7e35141dd1ec9cc43de1c9ab98354fc05abccca088b69e74e973689e11cc00aff127a754bcba0536cd6c889c5cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c8dd569ce7a062793ea9fc9a392df22d
SHA1 09579e96d7d2bbe7e7827f34ed11ddea04ab50e4
SHA256 f17d7f5b9c8358ee8cbc2b1ad852b6127fca3a6bd3394f20cd7b7147d0c68d14
SHA512 14499a049a598927dc85316a9e24008b1c0179f2f5d973878e6da411e595b25b2a406bb8607a9cd8153044a2b023c691471d790079a561041035d9d045228cdd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c5316f9793924b460bc674a8f6f36ba4
SHA1 63aa44a81baccf2aa5a57877b00251e097e1e051
SHA256 caaff65e2d58f4f6ca22c3b9aacd5971de76553fee8ab2ce370a55fcae9e354b
SHA512 2d6185394ef7386759553cf5555969f8b40a5bba4f044a6382efee37961e928a3783148b69177a87e612f677bc78de0b749e7de1e214f280cc6361bc11b886a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b76217c9823677aaace62375f030414b
SHA1 13400719b09bea564d88c4ba9335d6bbed430f18
SHA256 7e14f58186672fa020cb02ffdfe6af2618d03e1e8c3ee414c28dae300e0f76ee
SHA512 4ad71f9560e6158456b5990aa90f0586f45047d15f4701fbe595df5ceddac49d7de58e865f49220fe777e78bf34da5796adcd0211bb0f5dd17af1ce25295243d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e8a9d4dfb69f00afac563c3e25cc104f
SHA1 31cdd5ef05b55c4c64e9079db705cc340fce6133
SHA256 a7ed43f08b39686c8198c5a8d1a03fa0b9f4bc40c0da35bc8599deddb7fb24b0
SHA512 32585290ebbcc59375dcb689d11b05b3f9af7c53347324421133d9745c3af0b212157655546fe83661a6d6e0d485d4afb958b03b8df1689bd72e04bbbdc97f5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e87af5e71baaf53cff09028f93e8f4eb
SHA1 c67d63dbbc1e71640adaa77761001fb0d0730458
SHA256 98ac20c5ff5a7dddab7a96bea7067e0b968068b82d9c085bed1336c07551d906
SHA512 b8b706f2dcf00dca4de87678403e8475ae34b12ed09a60d63af1acf1e0da303153fad615314d7ee3ff5406d37a0289be5cf3e4bd8ca8e7ecd3b9d06c133eff63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4e39a78abd78f86a06b68a0e3945ed46
SHA1 eeb66f88a1dfcf452793889ee9dd152e655c6646
SHA256 6395dc40ed5a75040cc7b78af26b4f6fc8a3d0a127df4570113988e81cf17c03
SHA512 f3e22c4eae9dbef2b5cd47327b847f78098ae594cebc3b9aac5dcc4de8086a081213e9668dd61da6c241dfa769108e14e40aa77f8381dabaf6f6847c8431be21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 4614b6f158a87205235ca989c236aad5
SHA1 ca492b5487bacda14f3492b1e3feee76ef0d7ba5
SHA256 262d408a93f4f2373bfe9128b4c84e982e27a23d7baf2717f4734cb5cdf127fb
SHA512 f955e672ca2c2e0492ef636484e8706b904c21c80bd936853f5bb8c4a219ceeb19ec8db40964819794054871cb785dab74c0ccd6a6866154ff6c2978424b716a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 0446fcdd21b016db1f468971fb82a488
SHA1 726b91562bb75f80981f381e3c69d7d832c87c9d
SHA256 62c5dc18b25e758f3508582a7c58bb46b734a774d97fc0e8a20614235caa8222
SHA512 1df7c085042266959f1fe0aedc5f6d40ceba485b54159f51f0c38f17bb250b79ea941b735e1b6faf219f23fe8ab65ac4557f545519d52d5416b89ad0f9047a31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9b008261dda31857d68792b46af6dd6d
SHA1 e82dc88e2d1da2df7cb19d79a0346b9bb90d52b3
SHA256 9ac598d4f8170f7e475d84103aead9e3c23d5f2d292741a7f56a17bde8b6f7da
SHA512 78853091403a06beeec4998e2e3a4342111895ffd485f7f7cd367741a4883f7a25864cba00a6c86f27dc0c9ce9d04f08011ecc40c8ae9383d33274739ac39f10

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c4817c0704db97ec77b871ad1daedc7f
SHA1 4a11c8c9c5f80674bd9e485658241e8fc414f091
SHA256 3ac4890a207d8fd328d5b316d72b99f1cce470d8abb7725a4215d6e79821e1fc
SHA512 516c24508bfa8ecdf5ba22b78a2147b584ae5848008d3a8d6658d04d08fd17ae4249781b5d6188753eba042d454e1432cc7076a176d26f63dd669f8ac1094901

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 78f2dd3cf066275ae8bae1647a02ce02
SHA1 15c1fe4b1b8890438ddb642dfb956b407529ee39
SHA256 31008ce20836d6e1488ebc38dd8494081a2bdc121e466800cf7567392a3b3615
SHA512 c4b46801d14905195dee418cb7651503e26256ede78ab9c89dfd4e9c412136cc0fe1f45f036cfe61a9bed06038a0c2c08cf442e0bb74b34d9de8582885e17efb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8c35fdd49f8ea222f419f9c4000e4d92
SHA1 965d903d7a32af404444a08a38e422bce32b00b1
SHA256 182880b244828be7cb361aa2c056219774bd7d5b483d8f01c929aba182f3f081
SHA512 8c3b024aa494703576a951fd1b55d229e61a9dc78adc80d24da8c5ad9b1bceb47863c402e7a7eb2f0945ebe1c918a5d7c242cf8dc38b165a7b2a87aed5a99be8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 2c76afc5a2c5731743f37706c1fc87cf
SHA1 7e9b3c33b0e65d011882eae9d8224a3f2e30f7f6
SHA256 77fc781aa22f91c1beb606634a96088bfbbda95c1c2f08b679c281f2ffbb2dd6
SHA512 6cc81e2569857200dcd7f7c161536e9dd1fff4c9fb993fdc58c7f86b79b064713001de5d6af01136b4666439ce16532626559734549150408c8c101601ed8683

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

MD5 ae7e8793d73dfc92d8f62e1ffc31be07
SHA1 5bc25971ed013de3e0d1e00c937ba64005b01bdc
SHA256 cb47f58373f6a888291e428103329f850db775d98ee8ae90907de4c6bb8808aa
SHA512 97f0510ecc85023af029040df73d7b3230296d120d7caba8754b3b2990402a010fdd1215db5ec8fc833ab669ee912cd71d1e7984e5b35e70cac171e9f7cac339

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

MD5 7292aefdde9bc4a27d6e99690d1907ff
SHA1 f717b360f3a65afe95b421d02c478d9f69c7252d
SHA256 bddd97a36a0eb12292e9e0a1611003599a1ff29ff952c41f1dd5214751008d36
SHA512 24d940548ecfda14a66b1c48e27dd40e10074bc90f6251ec791e54aada9865ccf9da8b4fd45825e9723a8a5f29949c7a67a0440afb5bdd5847e3d45c197c9fd4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 e4b876ba0029b160946e236fccf18a00
SHA1 90a07a3def0df5337b15a5ffe6c5abf60da3118c
SHA256 7adb08ee41c6e6710e70d1bfce75b8163ed5a49dd2e1251b130d4bbc008c3592
SHA512 a4b6a36d2b623d0efc7eacd1b2a88344c13a702446b59d8e71a8c1e9411fb2636d3f3f9f18afddbaa56804d348dfcd6cdf22783b1d50c7aa679f24d9db6c0879

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

MD5 c778d12f5d28dac9d8de497fb3b8dc1c
SHA1 bd2a50a8cdc2c314ee47a65366ad6708a4ff32e8
SHA256 b67c3d484fac86cabb8ae88366814b96e526b9ee13749358d1b9eeaace5ea0ca
SHA512 750f2c91e06677bd95c00f0e6154cc433fa535b856d1e84308127977694296c7b7ad222cccba976cb9bc1f4e43c67e67a59e6849e57855c30885c7a949657ea7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\af8ad363-815e-459c-9b51-ef115f731954.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 66001f2ccf77f6f1f743b6698edbc6a4
SHA1 79281f12e966dc781be6f24c1951580c2855aeed
SHA256 71058e5d40810bd36e46def2069b1187a970373a4c784cfd320b924495130200
SHA512 6c4a6eb764669cbcfdea0d0d801e78b89a40bd2523c6cc06d32cb095e136c143a020ec040812117819b601c681f459b2f7d066f116760bfe0670474c4b3aaf4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13367185191633898

MD5 9659f696db8fad10bcbb8c66e3a20fe6
SHA1 72e807a206a7328fb53f90ffff0261d2df33762f
SHA256 3b8ca8e4845267ebf27785c8c7f03f3cb414d16db1142fe747c6488458165321
SHA512 5c2f93b09b2c029aea047386cae3c47ac0e19f9c339e97c292140756c5085530ce1d215c553110af506ecaca0d3a83b9dee6ab43a50cdcb4fa5fa454a6600df6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

MD5 c594a826934b9505d591d0f7a7df80b7
SHA1 c04b8637e686f71f3fc46a29a86346ba9b04ae18
SHA256 e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610
SHA512 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 5f563007a96b533fc614c77094406fc0
SHA1 037f730d485d4aca51a5cf7c883c2aa339026286
SHA256 8739090a8c5708b2a35fc24ced5b82a611c5858716a99652ffff4b9d61bae1c5
SHA512 a91725d9da0610d41a474b5f3b759300fd02ad5f1fe28f6cbe784353b7c119c229b2533731c010ee3d8206a0feae1db6b0d985d7423b3d9c7a1d35a1ff41d329

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 55c1dd8240457c56907255cd086a7bf3
SHA1 4cec7f24361ac554e8a521bb3b067973c68986f0
SHA256 f290f03028d8897ed18c6bcf59699a8d682706ffdcb617c10697872e7282c617
SHA512 9c2470a458b8ddd2e04a0ff0626e47dcd1baf3212538f5dcc4d7640d04707fc29f5e9ac91db5bb6622a5c50138930e3a80cfcb3cbd82a703232b603de61eedd1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 9604cbab1e75cc77aa1ae15ff6963a05
SHA1 8f3371a08cd925b6d62e2a24e601e0a115da4b26
SHA256 076225cf63aa712cbab8c4da3fa7812ca40f405d237dccc8abb066552099fc7e
SHA512 41409bf0c3410ace75e6d47b9d0f6009fc793cbe26bccb81faa370eee1108bb49480da715e2bba8928b76dfa3e064adfdd2af897cd68a6d26c6744c2101bb4a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 fc1d144a7aac502c24b1801230f54d87
SHA1 c6ed7ccb37344a35a0d90c0edc68b2b19593995f
SHA256 30dc2b42584176957d7dc2e80f85d4b8312e28dc4d40016f68df23285e7fd70d
SHA512 fd95891aa939ec3b5e5eff087d9242581f94e6a922d699f0714e1f3acb8b3a9a1d5cfb4473e0f2d2ead0859930819e5dcc6e95a7fa89f6d67305bfec75a34dae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

MD5 4c3a97f9810e0fb614cc2307c62d5e75
SHA1 5048c01f82c251d748ebf91d6309b2d459d904d7
SHA256 810f16694a742a101cf43eeddaaa47b370315edf21a4b6dbbd8045aeed8d5fd4
SHA512 ca19e7dba929dc2f0316a5ae009d5f4a520bf55a7caf463e8270224198f396e2d1ad8d077c732ebdb20e722199032b367247998c750080c07b8e1f9fb68efdfd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

MD5 cae2040b74e1b3ce277306d5339b15ed
SHA1 f9ba6f07cb3c588e1c910ae01f49275143cc928b
SHA256 5cef70264bdb038a96c0ce6ca5837d9e14b1b3d3dc0a5ce9c2a945ea5c00f33d
SHA512 0c1cb38f49ba7c2a480f6e50ef4a9cf58514fe031c04eef50dc8efbef8e6b4f4544e6889d0b69a418b7d5fcec4fb7ef092dea4eac88e4bc4abd4b6c61cd4b01e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

MD5 2550f1f5ce92621ba1cf432a130f2843
SHA1 d57866675fff37ebf5892fde56b5d8916290a582
SHA256 6ff5848d651f007c5b479369f4cb014ab4f32dcbf3aaaf1c06eb7439fb5bb143
SHA512 93ad115af016cf930b53c556bd4d7aaad72ff3d5a67c9f4a698128061420e7afcdbede8b9be97d74ed438c6bb1dcf0ac44b37dc8003aad930284f629b39e223f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log

MD5 b664925b6df134c5599cd61242e3a96f
SHA1 90de5f9cd9741689ae881c7dad662469af0b1e0c
SHA256 67d1e6b776e737537b4a9edd6ad21918c3b4a7d562c62022d50d254add930fd8
SHA512 0d50331e154f8e059eb59bc412d89fccac6ec27fd49c5c77a812e15ac693d8ef879184c9c01d550d5d61dc5651626ce49fb1ad70dc160032274fcc6ab2d63129

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

MD5 79e3724badba211845f6fdcf7875ef13
SHA1 7fb152d653fc9618315ef89e1979b363d0bc3370
SHA256 044adcb591276347ab3491c01407d7719abc3b6d2c86222cc9036bced87ef8db
SHA512 1922f964fbca26385b701fa258ce85855598023436df9904156056b0096d4a4eb9ec4f9f1ecb6c0ed1f6fefb97c3d5a2c73e6c47420a7f496ebf2d8d3959edc2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 c6b83d5d6cb23f5b3ae565de850f41e5
SHA1 1efeab672898baa4531544ccf02d5bc2db86cc02
SHA256 819207788b1d8c7ddb3db3fcba52f74e0b6c0af60aff23ce770ebcedd66cdd4c
SHA512 333fca5077fdaf4a43e9d88e76e1607a4aa44efeb36ee966aae5b0b45fcd2e85457a0ae13770be34c9b4b6fc4733dfcdf9fd1641a7cb14fa3a1b0ae80d29eb42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 6676329dd21aa3cb067b787508d87d60
SHA1 72ad1d6d6a17cb2df8d12e72c634e95d1f0bec41
SHA256 4f83402bc4347da30f9311eb76f77d0a57d92c8cbe1fa74728c3c98fb5895aa6
SHA512 38be0a82b0095abebd28df0b1b2251c98719ff89242ff32ab8325e2aa9f5e0f70861516367cbeed4356504502382ca50d8991902f4d3fbba73d69de436765d40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 343fd19a268dbcb5d5972d836a9b3cc3
SHA1 2175d08ee442dd37eb23c66091db828f7ad94b1b
SHA256 e5f2d31611338b0c68dbbfdd0abcbca5f9f301b5a0b916d6590e5b2cae2ec6a8
SHA512 e4d81d84d9bfa94cd15c0af2a21cf4a44fe98d628082ea8dee8ff37bd0f64b9dfed55d5fbb189e6b52e38ca20ddcc7b4be10394ed87efd9e65efe723440b299f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 ef48733031b712ca7027624fff3ab208
SHA1 da4f3812e6afc4b90d2185f4709dfbb6b47714fa
SHA256 c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99
SHA512 ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 22f36062d501445e233ebae30f6898c3
SHA1 3b610a88a78a7b975be2b0907bf9bb6726719ad3
SHA256 e640c66ba19308840ba9b1b43927595c97e9185e591e1d295866f0d4fecfba7d
SHA512 81aeddec22eea022689f7fb0a5c992c851a3d8dc9cd3116fb2f49d4069852763020504319c75ea5c55cdd533670bbd48b77b2759bd85488d03e88201e3c3cdb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3

MD5 2df35e6593b5f89eb49ebf22375514c8
SHA1 3a2bd92df9754f6707fc56c4b4ec6a0913e93411
SHA256 dd661655f7dfb74f58e4be0a35f2cff3d184d985514ddb255b8c735581b333dc
SHA512 c4e93595d1eb6041814423749b583037bc66c1ca6c157d9609b90dc13dada5a6be7dc2954739cdd62bdf20ea6f8029ce6dba0255681a7ca89b89627c377db9fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2

MD5 48f708a243db35226052b7dd8826ee3c
SHA1 8d01c1bf297d8345c458a5b2a4f3349200a29074
SHA256 578315dab8c623e8fdd6103506db6a433db27048fe4c00a26fc63b7d63d5e226
SHA512 939367e77d12bd48155af7bfabe1b95697ba9e95aac2c2485343a696a03157a967b544bec72df98ed218c1cc42594d8bc1061f98f8fa4843d8d5ebc7992ebb1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 86e259d0ac10507a78c2bca72e11c4cc
SHA1 fc0352c6751364a1dd7a5db22ea985ff5ce8aabd
SHA256 e1d1fd335811e69873aa1024c1910e286e9cd780292385733af8f505009bd8d9
SHA512 3dc87f8a8617237bc741182daab17d6df712011ced878e252be183b8b29680a22c97067d2cee5f5a3aa6c2ef89d57c9ef1f02ecbb537f85e4fbc7720f86e263b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

MD5 da34ff0f74f3bc3a324da1e2f1cf3882
SHA1 e67c46cebc6f3b29f31dc626868525729d4a464f
SHA256 b9f87f0b4ba3d01f741b849e1b9898a96b09498b3cbb1103a42187462e1bd401
SHA512 cbdd948b7e2e65f89986740e8f1ccdb4dcc6aa9e99947111a33821620dbb52c0e9f2bd1def5ad04b6cc1bafe524164a8f67c16173969c5c4f92741e18a3f43e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

MD5 59852fdb686bc133c0a6829839a43b86
SHA1 5a28376715791f776ed505dbd77bdf951d6b3f79
SHA256 5764b9a2f63dfcad0347111cea2e4632a7a842785db7e21c8af613853d38bbb9
SHA512 a9cbb20e7bb968aa3dabfe98c8d63d4d0c5bff3f5268bfa1a628c6ecaf93156ecbb32fac37abbe7d994bdbdadf31eed658e101d627b575cfd607e6c465414822

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

MD5 571274a3fec5de7a03f4a08371776aac
SHA1 ed0c51a80f9d7541c909440881175463b16b47b3
SHA256 115e3c750db8b4937b2df2c02fdf3924284790195ecc0bea9743b0045334a0ba
SHA512 b2e9de2bad3cd8a8cc53f13e79ba4fa19c18cbc0cf0dcde48905adfe3f9011df987c87253ab52a6d7184c758de501d5709780331632e0e085b9b8828aa988e5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

MD5 2bbebf49f4e0dcda43aebbd0a388a586
SHA1 f91a9c299dca9ee69aa6937a04f3797d9be17d93
SHA256 88604d5fc0238b135ea61d5e4e52a663b1e1370f74caeead58b5da004941e963
SHA512 9294e73b352e770fe73edc39aa95d51eb1e57e280b6e8c6e94577cf17863ea9633c4ece038606ce50fbf3f0b95666ec0a66f23f090ff57ee674b4480d1a50218

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal

MD5 1c7f514471fb730e8cffa64df935f071
SHA1 ffc4424655d82643724fba9c674b87f9cd2451ca
SHA256 5e15f057530c851751b491cd33a3f077f03a5cb1d2822eca1131377fb1a24fb7
SHA512 be229fbf0e2e0712f9c7336d9ae07b26e3be6ee20f1e23d0325a2f60db307525c3d1c5b267092ac21e4351ab3715a20b549f60eb75f98a90a13116ee0ea12a15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager

MD5 f5899e30085e6ecafbe122746775894f
SHA1 c45d8d54164fc93a992ebd45062bd9d817ed73bd
SHA256 d1d9130974c82bc356cdbdd976326473efaa189bf1600b9f15b675dfcd3e346a
SHA512 11ba15343ed4d8825b3fff2592105d407c5b20cf1524cdc643c86266c427a81c7ab2957b6b021dbe8c7c347c67cf6af2aaf27547d0928292708446bc34c135ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

MD5 b66b5d9319c8ce9fc5a23b8c055e0ac3
SHA1 be23c976c4ca0c6454a14fcf78dbc9ba3b3d53e1
SHA256 5396001599e74771792fb078c562acec482ded5bd689675cff07961893d9feef
SHA512 35bd52a4944b6ad92a2a0505e021bd4ae71f0dec36079c09672fc7341550e683b1c53701774014bf11f30940ddb5dca6e93cf038b8c400d4c0a4e9b161768f6f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 775e7626dec1dd76d1e364e1d99ee51f
SHA1 84f2f38833dec4bb19014a99a36bf8e79725b885
SHA256 f62bdbe29d89f9f2a5c8433b438b418b2df38feceb9da1305b306e78a38c61bc
SHA512 191892959bb12f789cdd89e5bd18c7a26c0df74cf2efcee8180ede69edfd06c0e46949dc6d099b709d98e7fe9f77c8837b17b565ac882be9c78772245a7f4730

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7899ca36a62a4fd06142b4a8f8375c3a
SHA1 a63ed5b08907a4ea2c65d89a234821910eca8f40
SHA256 0d823581f0b5806433657a90fa6fecb2cf74b3a11cc5e324e4eb1f8fea10cec2
SHA512 6f55fb24536d154c6c92abaf0fc8fdb976f183ec9cdad287610baffb79677ecc1df2290f7a2d38fb78f76991e489e1433c44af8ebce2f28c8aafbf92f3ddd0b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ece53786a8bfd41554fa5ad4da32ae89
SHA1 d820bcde479f9816ae689a4ba1169496e532a63d
SHA256 4308ce52642f23e0459c9be9a50d488b03190fa728ac24d85625c0e794ac260e
SHA512 7f4e52f2ba69d05bd573b2fc615980d9b1e79c4c8d61a790fa2a86e79c9a0d19be3d1fd2303295d5bc70ef7e3238afdc645db6de10ea3568b6dbd8d9ddc7a780

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a73c123a97858846c57c6a751ee89a28
SHA1 1e2b31cc9aee25ae5d9324538985380656389d02
SHA256 bb57147dabaa4525c56ecc87ba3fbfd9a3817bd262c689009ee0b9d98fd8cdaa
SHA512 2fa2883e149deadd43e798bd28bc7c07d2d6c90109f394bfe8e70043e31f29a538b637803535a0d260ee5f979a2af1a5223bee0a0f461c348b4d36f508f2ad04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 04ad9a8ccb432464c93a2fb3e7d3f5d8
SHA1 507290c132f89dcd7d098ccf2531a8a61b57e5a4
SHA256 ed869f6ccbeb62147ce625e05bc24db2538f7181f561e83462cd3e545c253727
SHA512 273fba32443a61510c2fd4ab651a134059e20e7126a05947690c4d0a331d4402bd295aaa13a52a3fdd904dfad560dcf6ff3ae67f9ea86c4993b034ea327383e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 316a23ee12f284e1f98715602adc6302
SHA1 e2e09f134b06b058ea4ee2fb16bebf9a291dc204
SHA256 1a9b008326b8a63b73a997729dd89af3e96fbdb3a6128c908f4e4ee0f8d6c1bd
SHA512 4b97e0308b1a49d2a511fce514ab99bec188cd8a3d98754d8ef3e2e8c075241805cd7be44e0466d0a980ac2b53fb310bcfefe38910889d904a3c79a4257cdbf8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a62aafb1896308931b3a1dc05b86a0b2
SHA1 29dcf205576ffe3fdec389dbe849356e91852585
SHA256 a55a085d5816d6a80cb317ae98e61749ca529350b1862790482804652805d0bb
SHA512 60fb38cf4516dbfe05d806adec53312627d208c51dc6529b95afcf6d58891371b87e4071d4086af059604c95e250eea78266ec03e506c4376e82c8d4de54c27d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\lirn7gz7.default-release\activity-stream.discovery_stream.json.tmp

MD5 3c4ffb661f39d8f5ede2bd70600cd217
SHA1 88c58887a5a273246948cfc53ab73d14c500814d
SHA256 8486a994ab3dca4be07fa11c9fa1741f19d2a0bc56df5189e5f3c51fdd6900c8
SHA512 4dbdb1f8420d6c94d07bc5502b43820158f8b70a7d40834713f0e1f4c221f3a6e85960f751ea5c5da44fef1ef1c8caaf875d64dc41dd01d3c64970db174f67e2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lirn7gz7.default-release\datareporting\glean\pending_pings\ecd2f8ad-3cd8-4887-8fd2-ca08d516319c

MD5 fbedc65c46f8f0eb03d39d342ddf187d
SHA1 c8bf0be56f9a1b873c08fb42119c4ff6965ab4ee
SHA256 f3008e9f19ca900a5ec467d4ce42b86f36323faf8959a85a9a6d0337dd1f3f1a
SHA512 5f6153012d3c6a29fe9da38e934492accef93c870b7522d214b3449d882d84865876d2b2bd36cf237d75f3c07787cb8899fbed401ac8a39142cb22b733c75f01

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lirn7gz7.default-release\datareporting\glean\pending_pings\d477cdff-cc43-4137-b9b9-70059c1c426c

MD5 9646270aa6e592c1432ea985db101c83
SHA1 05fbe08c5123a1bafafa33d7e7f7080397a12b52
SHA256 289d825f1864add95f6d4c4fa29b7c0a3481d6a60b02016967fe811ef73ad6da
SHA512 fa3e42dfad08db03f2256ac1096ef1742d494f378809edaba755c0120d5f55ffe4b23c088e4baba77e7f5818aff9828b7009cda816dad376ab84802ce5b694d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lirn7gz7.default-release\datareporting\glean\pending_pings\da819448-da02-4eee-8603-32e44c0afda1

MD5 6323c9f2d15f35e57d45de4a0e313b86
SHA1 b782edae8c78e75322818cfd12e4d658cf3e244a
SHA256 11bc1d10546500a6b568d5425e6d3ab6b56b7ccd276c61bb81dc6bc7a28ec962
SHA512 6c872aa22ec021c717361ae1aa21357c512600502c73fca05035d2adb3bf943417afebe399f5d8bdd6d735c0629d21e65f29085b8de225b3a912e53614fbdb2c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lirn7gz7.default-release\datareporting\glean\db\data.safe.tmp

MD5 a830bee8abf5e8abbcbc1e1ad0415d62
SHA1 7bbab507a823940bb4d031d5645b563d727d2163
SHA256 2d8412f89b29cead256b96b70c476499c781393594e113aee3accf34bfa6893e
SHA512 51e6f2c75a9dedac4179e8909ab4aa127e762cc402a1e24d85d38c204c33440d3b89dc66047cbb456cc7f25cb0b4f4c771f49593d88331b14d4bc68d5290657e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lirn7gz7.default-release\prefs.js

MD5 818e8424004f1fb99d16940595c0fb9a
SHA1 e23fbd06265aabfddf592365dfbb2ef525a5ea5e
SHA256 942d1afdc2cf64eb8bcd9c967a383bedf476051bb39d0432d2401d5693cbe5d3
SHA512 61e0ec0f705dbe08f923075bfad7ccec95c3735671c62572aa9080471b201d28285dca358c577b2619ec7bc74b3ccbc9be7c207658f1a4b47ff2e3a6f035071b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lirn7gz7.default-release\prefs.js

MD5 e8765bb4e9a2297d4c1cb09ab630feb4
SHA1 4b36e30e452ae0eb38a87c5c960c82deefc691d8
SHA256 5006e40eba9627f06e57945df52eae52d2ba132f5990887458beb1639b11601c
SHA512 d3552bcdf642e06073794fcfaae9b7f15291b46a112a45f429314dad9099e11ad2740135d6e42e895acac03ebc3010573990adbb2902a43233ad223c297272e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 c24571af4b33308aa26898e227f0ecfc
SHA1 1bf2d149f4a9b53a68826df2ff52a5ddb7d664b9
SHA256 8cce4ca60b3eedf83df670550f90d7249e2eab38ca24a4f7813aba0c3189c64a
SHA512 15d321c6b736005d9e1c90b461fab45693decd5c94224f466b2e78855d69a264093d8aec616488dac0379b5f4e3fbbece44163a88cf2bec76d10323180f21a22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 92a9085eb598cf0d38da54ac6f7c57e7
SHA1 0ad35b160ec1025f567920a49215176d14171d6c
SHA256 42eae479301e42885ddaaccddd7d8881e1a32276a9a6e85c30b2b50906fce641
SHA512 4462658ed0a5256326a507ee7245f99de8d53eb0f1ef3782335b7326d08dda6fc3c327b194ec22371cd94d32ba61124f83dce9842e42c8c216e25c8d7bb80e5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 54d973bdca4e7e9623987bc076a0ba50
SHA1 c93c5a7970eb855afcd47b18d0cfe3cf9e2db0b4
SHA256 2b8e6ea3623b0083bdc28965796e10bf4d7be704fa3b21a91d4125c8f05cd5df
SHA512 b7b6c97b54187977e2bbe52a6c68108f653e15a44202ceaf17b072ff63468f06be0fe5c072e049cea57724adc9efa1d89e41c76ded4445c89cf7ad233551135f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 931fa9bbdeed9e1c5dca8f3dbe388816
SHA1 c5d3923b5791cdd5a57df8ebfe3b62791f0f9900
SHA256 1c8870810cd2b085c2490b8519e8eb870bcde75a7ea327c80a34f81b3cdd31dd
SHA512 93baf4469a1fbded6e03b1bdd3de5ca8f0811daed230176e4fbec818170d5f19750331ff1bbb662720b96e9b71006883ce97d323c3d769fdd556d5bfb78f3451

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1f363b6ce05ccad3f5d26af2d7162a59
SHA1 5c2aeb37fe34826ab4cf015cc1073220b929b4af
SHA256 c4470d1a0bd6f8379125a0fa3aa401a78bf93b636861be0706d2f8a66b890892
SHA512 d885b3ff92469c7ed70f169bb3e6eedc414be5c595bab8b86fe35d116653d9fec0236eecdffcb9dfdba32df76ff91ca0ccf57827053eb9a6d339a1aa35288149

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6285bfb2bcdfa8272d067c088f72930f
SHA1 ec28969cd5be01483af10faaac51d383046bdcf6
SHA256 b4994e43589cc7b8e2bb4258519cb46515b0f792663cb611f3fdbbc9089eda23
SHA512 a969edff87ca5c00af2634f77f5ed8867901644bc279c6d3cc862c990613f9ed103f42e34b19b1baf8b9b3df7b11a56d7f67a4d0c7af7c829e0e6e550a31ef73

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 352490b4566d8e7de405febfaee129b6
SHA1 7e6a5faa85d449d20b0abd8f32be39239ec6b439
SHA256 9680acb0b0fa152abca2636c868725e239bd51834b2d913969f1d983ce54847d
SHA512 0b809a76f2048b9981ec46a5172159f6727901961818551e71309c5adaadfb3f9aa429d713e196e9dfdacb1f0ddee988d0b9ca93928802c3323d2f4304b6fdc5

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a7e2d7fc7bfe47346c78d579127003e
SHA1 352d6a0b28ea6c31c33603fe89bf28f02b231200
SHA256 84c06a8d80c514cd59bed490de4e2dbd3a5e5f32b29722073fd5def853f134b5
SHA512 05265f5646c3dcc9bfbec362cd88883c114a33ed9fda537ac46491f876f2bd1b273dda9768af87012e1fd819b8ef8d326a7a3a2a7dcd79a1fabab25aab330da2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4fa4e56747e44891d9adbb10a6be5c1a
SHA1 d23124a69348e8dc75ec890a3a6ed8864c667745
SHA256 e5567ebf92e5cdf6d30cca6ea97386211bbb844a0fc892aaf1aedacf97ed9f14
SHA512 58cd62f5b0839822b0dd4479b7c93db577e295b4af2665effa89a33937786faa26cc445af90709eeaa7ad9a84646591b4c82a1eca102c22fd09e77d5504aaf3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b5c363ccb329258a6b0758f6a4395258
SHA1 f2d699d3713bc9739b1ca106f0b0306cc1662002
SHA256 1d66e764811cae34ec8d02d9b56cfca50e1cd92278e6254aa8ce75ad12b713a2
SHA512 8e92b8ad8d9a133201c697208f2ae890a8f1afb2887a0dcd40497eacc915bb707839fddcd7146b7167e010fffc242d43c3205eaa2e1371ad771a8f2dd0fdf36f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5d695ce98c62cd58b19960bc00fe8686
SHA1 e223cf4b09a76a256cd9742110d07a8abebd7be0
SHA256 254234d3bda0a8328b35510a01108858151d8db8fdb97573a293a052081017e1
SHA512 2995ab02fa3f3b7ad6b41b6e29ec8f87a0b880e74d12becf376f36a6c0c27f39c87e6d8b7be83f0af70d406396dac96dfb9c698175ef69ee02b2d94e0e883d8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3d59c9067fcb6a4117e81bf17e5110e8
SHA1 e3a99ea19b9435caac4a2b4c26514acd7475fae7
SHA256 6081e2a6f5e131df2408d90df5d0ebe625173d6708139bbc504aa05812df0316
SHA512 eba70c5dfc0f50967ee1d18e54e0d131954e2a65dcab530cf6fc720787f3dca05cb38061c082917353b3ad85af701f7bab2a25866cdaaa2d69691b9aaa217603

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 070e0e570bbf52664c82394d387e0077
SHA1 37aa84e974a3aa697c564059f43b8dad242dff1a
SHA256 cd8c2e4a9621d8465f23528a3a38c03b93fbebf5f067711fe9e76dd407f69df9
SHA512 2a1da658c82e8278769d0bcf20c8d458db01db752f45696ef4c34fccc1caae7b0f1e412cbe48831894e3046e0566f883d99fbf10db3090d7587d37299e48737d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6d4f7b0e6a70e85bd28dcf67b49df311
SHA1 20dda834c80723384f5f04687f08cfb85cbafb4d
SHA256 01ecbe2dd741fe381a664472e2fb1ea1c2add17126ada862502816496ec2bd54
SHA512 ab50124676a716770b110437c90ebef63775fcab426e8094008fbf6d2f4c0114cd657529232eaaf0d518e1ff41344f8608e1d9aaf7e0d184c67c70810f3c4ecf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 79e0d0eca288945faac711336f5dd526
SHA1 d047c4d970843a0ddb2f9ea085be05e685533372
SHA256 aa90979632a42d15d5228448c035276dd72583cdc4ec949cad7ad876a500610c
SHA512 1eeb3fdea28ccc74eb2d1420d3d237afa793fd9ef7bdab77bb78998f1ac7132d57bfeca05c2b5c299b77a2251fbad2645e3cae7a0e6d1d90c6e35f94c3a164bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 56eefe1bc242ede3dccbe32bc896207f
SHA1 db4c978a5f63446101b0faa7503fc091268e8858
SHA256 fcfb5b8fd1cf76c572e7a77fc78aed670ddf5976d23f323bacd3a8dcfe727771
SHA512 536e0d56a054e82ab0dfab0d79dbfd1a120b938fc8046e0cd3e6846258fcf6e9271ecce2b8ecf52f7ef442ba69494a9339aea810250cf3e46a9a7d3add3255e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 65f25cc22103f8b6271d3e9fda2fdff2
SHA1 d18a4f48e9f7513112423049101415ed7cd89b6b
SHA256 53660e23cea4d2d2e0244dab0fc9b5791ffc6db5fae154ee8383911a7bb6bce6
SHA512 cef700bde9d09443df2f99400f649baf64bfd2a3524b7a733ffb71fe2c45cd1716452c6146ef4008962cd6e38da2106c784a47c7e70b2ae4261ba619476ae089

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ca741408ae2fc2762b14500840c23e71
SHA1 d51fb015d5e0ce021524b44f585eb3f4996850b6
SHA256 c1cd67509bf1c4b323a1e73671ff2e75c27cc7eb39c6fcfefbb9db2313272768
SHA512 2fd3e29c4c4261fb23d6ee5d57b0cd162893c03755b3b153a8c7be88b471412b623c9bfdfc55d9ddb7ba9394515f6002f6ca68936b8722d007c89a55ac4941c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a433a36b74aee90e42aa64fc0dee623
SHA1 730c9a6a0663e092f4f13984a58491d4ebf13506
SHA256 d0e56675b0f5fb9de33c39af8459f2ab1fb5e3f55db200ff9c996e0f04d86f55
SHA512 75061ca8883da0832ce3b1971fecb2f6438c5ecf69572e84c619a77560c881e345df9261d60dd7aae430a0077728372dbbec61a84289dd951d66cfb0ce602e34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1f73b2fc1b23115fb68e6f730277593
SHA1 1eaf928c535936df3a9a9c22ab6bd03930fca4dd
SHA256 24079691bcd3e1766fffb538737b723e07d1078fe95085bc349686443a60faf9
SHA512 658288bc7518e92cb61c661155a3a540659b05c74968f111e2ab106bc7efa33a626a547ce22182356007e1add0ee530e57f96d65ee0cac1f9d7a09ed7b181cae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cb936f534442b288dd114f44248c1367
SHA1 82e5bf55131af630e509fd0c7619fd2d2687ab30
SHA256 10e2e2048dfa8eb0e0c5f5d6bbeb53a276dab72c235ef0f252d84fa258ef5642
SHA512 5b51be6ed053f7ca6549cf858077b699817f0acef7b414eb6e0bf72b2ed3d3e4ef6ab7560729000d0eb5783940b7f63bf9cdc52145a81100482b206280b5bb1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7b27074c3f3688cd1addeb08b0164d67
SHA1 1eedc025f6494b7103bc26992eba615e0377438a
SHA256 81cd7681f27b106ad48922d5b3c97ccfd708cef8a0b328883d3c6015932a180e
SHA512 8022425966512adf2fa17aa0ce4690fd5dc820b8017bb224c3aae58ebbe6cfeb7e3d1ac6733649c7ecf8e71a10900b8453102094d83548e0be7b20dabaaba5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0e389679dd72cf4ce5654ba610a224ca
SHA1 b1a60bde3e9c3ec94154b32b3d074d883ba72819
SHA256 94134f254ddcb9dc31f6efeb7996bf9892e7deb1c9eed0e9fb872d182ba1050f
SHA512 bff275f5f23c19c382a16454217e58f3dce87b7de20972e3ea157d4db5f0c6df1027c14adf75e2e6846371c99914747f6ffe2fa22433c8a959903cb55ed7d727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 551d8ba4b417b7b6662c0cdd560c82c4
SHA1 991e4091c5f18bbbdb757aaf0ad5afa6a3671274
SHA256 d6f230882097ac3375379f71c5c1d9ff14583bc2df162900ebead23911dd722a
SHA512 4fb3cd8b11e4747dcf0e2baf316d29d6279853ac37e1cc2d1c9043e6c05bdcaee68c640e73780b913d7d29c28e88ba6f5c6b98d9e7a1a7fff93ddbf53f4b732c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 460b9ff9a493f317cf5e472b878ef7a4
SHA1 7ee84c389ba1747f3bca7090db0627c846d9dc39
SHA256 5e7bfa84f9c80bc5e65b28764f0d7d2b6eed01e95932cdd0b5144f0a2c9f2eca
SHA512 d88946a8742e117bee3ea21cf1e72315066e83bc3a4940bc6d6e63aae3acbb3c58deeed1faa160bc5f7ee732f51052cefa8c32a05dabf9fa91e09c289de147fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b1146f8b96b934c720f699b4eff2265a
SHA1 8791fde918eb8f6635ca32df441bf0f0d159eecc
SHA256 13713e7f9c19d06535427ea6ce8b4caf00cf43118cd15e64d53810cf97325df8
SHA512 60c1eef27cd0e102467797929ea16561c6836e23e0bac80c6eddb17305f8508063920ffec8ccf354e39f13d571735fa5da8bec86358807a1b8056a51ffdca897

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 586067f43d3fbc82f7e32a899a9103bb
SHA1 c58e4ab7e32c09a3e8ef0550eb9cefe54d9b8140
SHA256 856c074458bacd8f14e846dc8b955ae7aee5879f76dc7a85cada1f0cc198ad34
SHA512 2466dc041174b3c24b6e8562356d798d775330c58cbe704b0eab092a0c5f02c5592c763afb5d9a00c879f4929e8af14108ce4ad122daf0683cff34aa32feeca6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea625f243969db4493a442e19b4f6799
SHA1 6c877fbe8ab473ba7afaa6a50b11d0ada4ae184a
SHA256 5339f7d0e95029c4591aed2c598fc2d29b1b64fb3df01228b8af6534dc614761
SHA512 db1e85b73d1708cce16c97329e8a19cf284c85783150ecdf2c552a7c5ce548e4edfca08cfe6f5f398c369f9a4592c9c1062da3bc168e4568b70cd76e6469db40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1f01035623809326fb3afcd39d14278a
SHA1 1fd46deb6b664789b645ba9344c01cf69b7d1d67
SHA256 2b88caa3874adc0b9fae11f162caf06a63fc542aaddb41e912cdabb3a613be60
SHA512 0e613443a2a5ea9e0d75d86edcb1b090e6df9bb1ff67d4188ee53d02f02d9288189cd55776bee6767c7e121875c97690c35ba0f9d97e51c488c9c32c71b75126

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a7e806e1332f3b721ea517ef0ac6cfb4
SHA1 f0a7e1137689bcde2071542701737e6b9edc67db
SHA256 c5ff2728708c0e87451d047ca9e218ace91eeea81b767b7992978a456efd87a0
SHA512 fe438cd20c318c468cc64c520af7f1cdca6984223763c29ab4023b36c41c6b00996d44917e74faf7f3c5c188fdd26cdfeeefe9a004dba9c2f6646d8fa59703f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9484ab29094f7c27747c978db8e3ddac
SHA1 3fabe839be26d61ef4a4c3baf962d7b83b1ddfe7
SHA256 0b4a131aa68e61898f1f3285a4828e2983bb3cd1066e677b74dd522da94b45f7
SHA512 222e1a3b265e24c2c0817af679b4d9a31a48e557244316a1900163a7392e4033a74cf6727d9c37e948f62a3384eadabe3a65295f5f8876a126dbf45112010b0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4cb818c5c1c903dd5724290c423db327
SHA1 678fc76cd10a75b81a878853eda9cb38c932db9e
SHA256 2c8b8ed6e7659f4c477b27bd0565a60d9fe5a234c288ceecd0d770ce31794f7d
SHA512 9947d150c9ee62e1984162a2a988a4cad1132ff5a22d6f357ad8fddbb55e40b15d63c8824d38cc24d333be5c89878cd125f7cb153050ae316289011cffe260d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d81a5e30d1acd140fa06550c459fd833
SHA1 4da300f38aa0d0d9903afe3f39f0320ad0912a98
SHA256 77b6d22288f3423a5f9dd3962a551dd9bc78d440261d28c8c2abe9422b614916
SHA512 c375298abd578b7741fa28baaff33474b902ad5a31cc182ea4b0e6cadb2f89eb1ee66a5e599b729a8f991dba8562dab342c53d7065508ee8e2f83d515658c0a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 29b81da048cb726ff9947cb669448bb2
SHA1 d2eff06013d6a4194a142df9398f7e75aa1f6cff
SHA256 499042334c0a8b0e9ed35aa7b2057d8edba9a2e87b4dba3190131784feac5038
SHA512 896984c6d9a093ccd3c5bb53bffa489166a4b64e553824196c7e6281d43e34b7073f21a4b6a90466fe836783dd7a60baef18f0130ee58cc8d0f52a69bc35a42c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e0955ed41efc895e150be8032637a056
SHA1 fc38f03eca806f6c8d54bff4f84732a0d7df3c03
SHA256 eba05feb3d45de18201ea2c9b2a5afa32aed31d4275edc79ff1ff0a096465d6c
SHA512 ecbfe46d4e42bb6062d5be7f7b67427bf3ba75edb60e0fcb4b7f2352dc0a8f421bcb3ce805ed38d34306558dfad04e3612b6be84445bdf285116bd9786f1b4af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f81aaf970bb70c3c7ea3df547afe1978
SHA1 19109ada107551a886439f5116307197fbdcaa3f
SHA256 bc8004e7a8797958d3c7dbcf4e017bbbdef380b4ac0828faaa605ebd919c00e9
SHA512 e7ffa864280bbd2cb6f093d8aa755622aa43e136d99f8d16534fbc5d0a12d4f364bdc2d696c529214ed233e0f82a8f5fee599bae74062b72859ab616759bab42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ac7a7d4cd04cf49322f6d39833a5fbc4
SHA1 016be41a3166d13ebb15adfa25ecb65fcda3ce2c
SHA256 931ccab0b62abb682ff967e61d49315b523f029e3a179e104be658c0970e5af9
SHA512 fb525b4cc45500c3676d39bc8b58c5f94b0e591d41ccce678ba70b9c3cc83366831482da755ba9097ea698c3a137e3657534c4f4005022eaf2d89e5356978c7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e7be31b60313db7cbdb16881a2afaee8
SHA1 78b5ef2cc53c4dbcc1cda7653f8cadfa546f4960
SHA256 a2f3881e6183dbf9c49101c6217d59d8d6fb6f5122e18d0b985fb7d63ab5d2c7
SHA512 469e90bd4288434f8b28d346cac978e0dac4f23b80c3671d281b4843e9c559224156cbdaa1ac696d50d1609a49621a0e9aaac305e624162d5f2c6e37e9777f96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 19a6c433ff05cff862166575ff49e34d
SHA1 767a160a16af61b9890b1437393636b891d71e38
SHA256 60f54871d1fbd247780f4755ed16f76347ad511d1dca34203e807bd2eecfd08b
SHA512 9e64d9ce46e45c961b4f250769cc60ab1910421109b050cc5814543167dfafde6af47156fbfc57471de54f772ff017180ee51165c6738fb79d384c0f9e8d9dac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 506e03cc906760e4a38294f20f481b8a
SHA1 6f5843fe11430582926e09c0f5c51403a1c9fbf6
SHA256 e3b5cd70e31d3a1eb9db4f3117ecd05ee2ea23c78f6fadfd67ffd1c253337b74
SHA512 5bb94261e5683332b2cade41579c4885f464acbc8302aaaa50e0d4ff5b441fcb9be95de935485e236f126510166d56490578f94bddce9532f810cd82d4bf65b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 58a5334e3c6c124dec5d7a838b1850e8
SHA1 8b3e9fe4a223dbd11731848a5bee3c608dd55ea2
SHA256 a33563b1fddf46b6d6fc0dbe31650c4ce4654b7463b8fba5a5c1dc5b638c7260
SHA512 ef7d0bf9978011dd08a07c23657052a9f545b4f24ac0d8f9a5cacba913298f13bc7f8e86aa62355e9599e54630bff13fa5ecb83c1e6caf4c2dee494ff5f7b6bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7fb57d34879837762f173f9a02a19178
SHA1 b3629cd0747353212d4ad9df009dfec11f3105de
SHA256 c3268f9e45d220b36e1739d7bbf46b7472ef89ab8c24e15ddcf810442471933c
SHA512 612acc414a861a4e1761352118d5aa7f1dabb57fafdbc645388319c8250480359ad7b636b020d081adb0d1164fbebd57b1a547256f15e5c45d115d2e55a6900f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 781083f8729e8156567d6903ba3d86b1
SHA1 2d98a223b8b8537800498cfaadb1c4c20bb6dd39
SHA256 e3136cf37ed96f6fd5eac70936eee8baf5964e5778afc4894e2f864567fdc0bf
SHA512 4a5322aa0e16ca46331d43d95d0f40cadcaf192d4606389127fb2aca9225eaf129130672b1bd0a4d336f2ff2eaed6e2a7cac5c797f37a61270ab1862608ff741

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 bb17cb3118a9ca382a817773855098c6
SHA1 35890bc2e939d86b9740fd724a7eaa75814b3d82
SHA256 242f7ff49fadc6c1b85fdf9aef9377e4d9a47c7f75efccf4d4cc80a197a2a1c6
SHA512 90270cc0472652289bb8e51d1a71b18eaba63400a4d10b14ea61b8b4c66298119d8d9966bad85db6bb1bf669f6b1e3c08827f8ea43f14990b8c54a07871be6df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 031225da7e9e27a6e64ec3cc459d1b51
SHA1 1787450c7f041662fb055cb02bac95919b0040dd
SHA256 944f4dcaf8327866d53036b816ce1cc52c0ff247cff7479fccba0fb797eb692d
SHA512 1ca0bacfb929a06c6a8fd90f41f07120d0874a038aa5bb76a20ea01c03d8ed83f63005c1d68cdc0fed32f4fb6409f156ae34d7bbd8084dd91283bd21c278d065

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 21059e50ce2f526c9a503d016ab1ae85
SHA1 52f9ade152a914ef6d498cdf21fe0cd79fdf474d
SHA256 899caa2cfbceaf514c927dd9e8a14ec8c3795ee523bb9fd56c1cda2ca80194e4
SHA512 0431825b6bd792fc6e19162e996c814750408dfef5cc302bab581f6859edfa0ced15da91b05cdf546984e27be59a62a90feb8c6e8175fa18670155fdbcb79f92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 71466b80714569a44cc544c7b496f2b8
SHA1 5560adb5f00dce494e37e704e6d6c2212370506f
SHA256 920383ae05324211472d5bd5e977d79c35d7f105c271c905da23370b3f3c6be8
SHA512 39195032ea2ffb681ce2f0a6d422a79c0d605bf90e11df412e0ac89eb27274f7e386d682cf0d2baf4afb5da95dba6049201fe149f056c9c30b13b81ca98d19c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bc81f8f4ba51460556ae54dc932fea75
SHA1 71a8c59bc692234b8cd9b5b165f25a7186457be0
SHA256 68a28ae782c1bfdc4a86a12bd4c88a30dc1620d7a594f01a950711930ce15e35
SHA512 23e585bc72d806c29eca65411a731637f1dd85e49a94cef12930e4e7c1a240bf2ac1234542e8cb603c744b3cd4d3332aed8d8147b427273bb9a9781f3a3442c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1e058eafbcedb805af77255f17f46405
SHA1 eba64669d2b4c1e0861a46366a92f4ce6d6b60f8
SHA256 0035aedcea65a37161b37331b3a45d3bb506314e8395979e88026e26bcb4c064
SHA512 50f7a74eda1f24f78fc981b784f3df4bf513e19aba7582788d2a8814a2208c230213e57d9895aaf6649ba2746d3bd9c45d4ac20ea942a8823509c5426241c621