Malware Analysis Report

2025-06-16 00:55

Sample ID 241031-z7helasjgt
Target https://ytmp4.io/en11/
Tags
lumma defense_evasion discovery stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://ytmp4.io/en11/ was found to be: Known bad.

Malicious Activity Summary

lumma defense_evasion discovery stealer

Lumma family

Lumma Stealer, LummaC

Downloads MZ/PE file

Executes dropped EXE

Suspicious use of SetThreadContext

Drops file in Program Files directory

Subvert Trust Controls: Mark-of-the-Web Bypass

Browser Information Discovery

System Location Discovery: System Language Discovery

Program crash

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SetWindowsHookEx

Suspicious use of SendNotifyMessage

Uses Task Scheduler COM API

Uses Volume Shadow Copy WMI provider

Uses Volume Shadow Copy service COM API

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: LoadsDriver

Checks SCSI registry key(s)

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

NTFS ADS

Checks processor information in registry

Modifies registry class

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-31 21:21

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-31 21:21

Reported

2024-10-31 21:39

Platform

win10ltsc2021-20241023-en

Max time kernel

1050s

Max time network

1036s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://ytmp4.io/en11/

Signatures

Lumma Stealer, LummaC

stealer lumma

Lumma family

lumma

Downloads MZ/PE file

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\9fc2bfd2-7bb2-4f0d-ad02-60019e7c34a9.tmp C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20241031212140.pma C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File created C:\Users\Admin\Downloads\winrar-x64-701.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\winrar-x64-701(1).exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\AxoPac\AxoPac\AxoPac.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\AxoPac\AxoPac\AxoPac.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Launcher.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\AxoPac\AxoPac\AxoPac.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\AxoPac\AxoPac\AxoPac.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Launcher.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1669812756-2240353048-2660728061-1000\{A25F5480-C522-415C-B9E8-12C8D97A90F3} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\1 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 02000000030000000100000000000000ffffffff C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\1 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 020000000100000000000000ffffffff C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3\NodeSlot = "5" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3\MRUListEx = ffffffff C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 03000000020000000100000000000000ffffffff C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Downloads" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Version = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 02000000030000000100000000000000ffffffff C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\1 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616257" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1669812756-2240353048-2660728061-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 02000000030000000100000000000000ffffffff C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

NTFS ADS

Description Indicator Process Target
File created C:\Users\Admin\Downloads\winrar-x64-701(1).exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\AxoPac.rar:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\winrar-x64-701.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\rar-android-701.123.apk:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zG.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701(1).exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701(1).exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701(1).exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2860 wrote to memory of 4040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 4040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 2948 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 3924 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 3924 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2860 wrote to memory of 5064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://ytmp4.io/en11/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff9cf8146f8,0x7ff9cf814708,0x7ff9cf814718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2036 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2324 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3496 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x258,0x25c,0x260,0x108,0x264,0x7ff75b725460,0x7ff75b725470,0x7ff75b725480

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6224 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5900 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6632 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x308 0x300

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6076 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7792 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3684 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7524 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3716 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9472 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap10715:76:7zEvent31722

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8144 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9140 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s fdPHost

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9300 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8272 /prefetch:8

C:\Users\Admin\Downloads\Launcher.exe

"C:\Users\Admin\Downloads\Launcher.exe"

C:\Users\Admin\Downloads\Launcher.exe

"C:\Users\Admin\Downloads\Launcher.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 4680 -ip 4680

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4680 -s 588

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\UPL0ADER\" -ad -an -ai#7zMap32106:76:7zEvent24928

C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe

"C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe"

C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe

"C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 6016 -ip 6016

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 6016 -s 588

C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe

"C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe"

C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe

"C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 5264 -ip 5264

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5264 -s 596

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2020 -parentBuildID 20240401114208 -prefsHandle 1936 -prefMapHandle 1928 -prefsLen 23681 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8b156256-ced3-4e2e-927f-9fc4782aaffc} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2408 -parentBuildID 20240401114208 -prefsHandle 2400 -prefMapHandle 2388 -prefsLen 23717 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {99cd9fa5-8488-4300-a382-a4d314b6dc10} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2960 -childID 1 -isForBrowser -prefsHandle 2956 -prefMapHandle 2904 -prefsLen 23858 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {15d64c65-fc91-4df9-8d63-92264bcf5537} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3756 -childID 2 -isForBrowser -prefsHandle 3748 -prefMapHandle 3744 -prefsLen 29091 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d88e0e9-105b-42aa-bf8c-cf21f5e99116} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4888 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4904 -prefMapHandle 4900 -prefsLen 29198 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5e2b9711-a0b5-4d22-ba11-3e19723de485} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5228 -childID 3 -isForBrowser -prefsHandle 5224 -prefMapHandle 5216 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5635bc9f-39a6-4eb1-842c-ed250c6685ff} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5360 -childID 4 -isForBrowser -prefsHandle 5368 -prefMapHandle 5372 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {825c2be0-a00d-4309-bc04-9e24bf590649} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5552 -childID 5 -isForBrowser -prefsHandle 5560 -prefMapHandle 5564 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dd1b7663-de83-4d4f-adbf-aaa0584ccbcf} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6056 -childID 6 -isForBrowser -prefsHandle 6092 -prefMapHandle 6088 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f6deb7b0-2e25-43f9-ac6e-da827aa920e8} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6308 -childID 7 -isForBrowser -prefsHandle 6264 -prefMapHandle 6216 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ee15b01c-bb7b-45b6-9c3b-393e7fcb1639} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4456 -childID 8 -isForBrowser -prefsHandle 4468 -prefMapHandle 4464 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e7ff8396-c4dc-47ae-996d-a6c450c6dc65} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /7

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6700 -childID 9 -isForBrowser -prefsHandle 4708 -prefMapHandle 6696 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {39b00349-5f8b-4aa4-ae5f-5e81d7e01140} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1232 -childID 10 -isForBrowser -prefsHandle 6828 -prefMapHandle 2728 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ffc6f2be-e1d0-453d-b4fe-a0a6357b5c73} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Users\Admin\Downloads\winrar-x64-701.exe

"C:\Users\Admin\Downloads\winrar-x64-701.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6624 -childID 11 -isForBrowser -prefsHandle 7740 -prefMapHandle 4752 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b3f361c9-5cda-423c-ada8-ec78ab54e17c} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8604 -childID 12 -isForBrowser -prefsHandle 8600 -prefMapHandle 8548 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {599f00eb-c171-4b47-b11f-8802a58b9c7e} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8620 -childID 13 -isForBrowser -prefsHandle 8524 -prefMapHandle 8520 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e10fd4cc-1d48-4a58-9319-437f4ed3c4d5} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8556 -childID 14 -isForBrowser -prefsHandle 8964 -prefMapHandle 8800 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3af01556-5632-41c0-ac72-dda7a07db0ec} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8652 -childID 15 -isForBrowser -prefsHandle 8696 -prefMapHandle 8648 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {62b562df-4f0f-454e-9abc-39555c1516ed} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7908 -childID 16 -isForBrowser -prefsHandle 7920 -prefMapHandle 6256 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {600b9824-218d-46a7-82bb-453ca7dd9d7d} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4704 -childID 17 -isForBrowser -prefsHandle 6808 -prefMapHandle 6748 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {593368dc-2c42-4a7a-9aee-4970626c89af} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Users\Admin\Downloads\winrar-x64-701(1).exe

"C:\Users\Admin\Downloads\winrar-x64-701(1).exe"

C:\Windows\system32\werfault.exe

werfault.exe /h /shared Global\f43a5d5f41494d9bb0d12ae5a983bb4e /t 5076 /p 1792

C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe

"C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe"

C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe

"C:\Users\Admin\Desktop\UPL0ADER\Launcher.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 6300 -ip 6300

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 6300 -s 596

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9112 -childID 18 -isForBrowser -prefsHandle 2704 -prefMapHandle 9104 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {38898af0-fc88-40be-b836-3fda8967a1be} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8732 -childID 19 -isForBrowser -prefsHandle 6816 -prefMapHandle 2704 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8d60a1ca-c680-43a8-a174-b81aaea21d01} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7732 -parentBuildID 20240401114208 -prefsHandle 8736 -prefMapHandle 8900 -prefsLen 30573 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fcbe6b2c-df82-4550-820e-d551bfc77095} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7704 -parentBuildID 20240401114208 -sandboxingKind 1 -prefsHandle 6996 -prefMapHandle 9180 -prefsLen 30573 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4135b6f0-623b-47c5-a3cf-5c4199095af3} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7604 -childID 20 -isForBrowser -prefsHandle 9296 -prefMapHandle 9280 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5e68cabd-f33c-4e04-9f03-1e1e86ac82d2} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10084 -childID 21 -isForBrowser -prefsHandle 10092 -prefMapHandle 10068 -prefsLen 28038 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3df9e96a-de30-45a5-b0a7-5a7ef2e525fc} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x308 0x300

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9784 -childID 22 -isForBrowser -prefsHandle 7524 -prefMapHandle 8588 -prefsLen 28125 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c77b06e0-99d7-43ba-bd38-ec792d942986} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2224 -parentBuildID 20240401114208 -prefsHandle 3164 -prefMapHandle 4804 -prefsLen 30660 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {96301a0b-2873-4f31-a69d-0322a091cb4f} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3100 -childID 23 -isForBrowser -prefsHandle 9464 -prefMapHandle 9468 -prefsLen 28125 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8f7a7db0-79b1-4f3f-9d62-b07354a1507f} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7096 -childID 24 -isForBrowser -prefsHandle 2704 -prefMapHandle 9436 -prefsLen 28125 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bc6fcb83-5d56-415d-96a7-252e186d5c8b} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6684 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,11673205666094711808,13458273785625140726,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8184 /prefetch:1

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\AxoPac\" -ad -an -ai#7zMap11545:74:7zEvent13170

C:\Windows\system32\werfault.exe

werfault.exe /h /shared Global\54ded4eed1894df982f7bfcbe5234ab1 /t 6212 /p 6644

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7868 -childID 25 -isForBrowser -prefsHandle 8684 -prefMapHandle 7896 -prefsLen 28181 -prefMapSize 244658 -jsInitHandle 944 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {897b6858-695d-4fdd-a665-3419d1005c84} 6096 "\\.\pipe\gecko-crash-server-pipe.6096" tab

C:\Users\Admin\Desktop\AxoPac\AxoPac\AxoPac.exe

"C:\Users\Admin\Desktop\AxoPac\AxoPac\AxoPac.exe"

C:\Users\Admin\Desktop\AxoPac\AxoPac\AxoPac.exe

"C:\Users\Admin\Desktop\AxoPac\AxoPac\AxoPac.exe"

C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe

"C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"

C:\Users\Admin\Desktop\AxoPac\AxoPac\AxoPac.exe

"C:\Users\Admin\Desktop\AxoPac\AxoPac\AxoPac.exe"

C:\Users\Admin\Desktop\AxoPac\AxoPac\AxoPac.exe

"C:\Users\Admin\Desktop\AxoPac\AxoPac\AxoPac.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 ytmp4.io udp
US 172.67.176.246:443 ytmp4.io tcp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 172.165.69.228:443 nav.smartscreen.microsoft.com tcp
GB 172.165.69.228:443 nav.smartscreen.microsoft.com tcp
US 8.8.8.8:53 platform-api.sharethis.com udp
NL 18.239.94.121:443 platform-api.sharethis.com tcp
US 8.8.8.8:53 www.statcounter.com udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 246.176.67.172.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 104.20.95.138:443 www.statcounter.com tcp
US 8.8.8.8:53 data-edge.smartscreen.microsoft.com udp
GB 172.165.69.228:443 data-edge.smartscreen.microsoft.com tcp
GB 172.165.69.228:443 data-edge.smartscreen.microsoft.com tcp
GB 172.165.69.228:443 data-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 c.statcounter.com udp
US 8.8.8.8:53 l.sharethis.com udp
US 8.8.8.8:53 buttons-config.sharethis.com udp
IE 54.216.44.43:443 l.sharethis.com tcp
NL 18.239.94.56:443 buttons-config.sharethis.com tcp
US 8.8.8.8:53 count-server.sharethis.com udp
US 8.8.8.8:53 platform-cdn.sharethis.com udp
NL 18.239.36.17:443 count-server.sharethis.com tcp
NL 18.238.243.108:443 platform-cdn.sharethis.com tcp
NL 18.238.243.108:443 platform-cdn.sharethis.com tcp
NL 18.238.243.108:443 platform-cdn.sharethis.com tcp
NL 18.238.243.108:443 platform-cdn.sharethis.com tcp
NL 18.238.243.108:443 platform-cdn.sharethis.com tcp
NL 18.238.243.108:443 platform-cdn.sharethis.com tcp
US 8.8.8.8:53 228.69.165.172.in-addr.arpa udp
US 8.8.8.8:53 121.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 138.95.20.104.in-addr.arpa udp
US 8.8.8.8:53 83.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 43.44.216.54.in-addr.arpa udp
US 8.8.8.8:53 56.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 17.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 108.243.238.18.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 95.100.195.8:443 www.bing.com tcp
US 8.8.8.8:53 8.195.100.95.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
US 95.100.195.7:443 r.bing.com tcp
US 95.100.195.7:443 r.bing.com tcp
US 95.100.195.53:443 th.bing.com tcp
US 95.100.195.53:443 th.bing.com tcp
US 8.8.8.8:53 53.195.100.95.in-addr.arpa udp
US 8.8.8.8:53 7.195.100.95.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.64:443 login.microsoftonline.com tcp
US 8.8.8.8:53 64.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 71.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 95.100.195.53:443 th.bing.com tcp
US 8.8.8.8:53 assets.msn.com udp
GB 2.18.27.89:443 assets.msn.com tcp
US 8.8.8.8:53 89.27.18.2.in-addr.arpa udp
US 8.8.8.8:53 53.210.109.20.in-addr.arpa udp
US 8.8.8.8:53 241.42.69.40.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.212.206:443 www.youtube.com tcp
GB 216.58.212.206:443 www.youtube.com tcp
GB 216.58.212.206:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.200.54:443 i.ytimg.com tcp
US 8.8.8.8:53 accounts.google.com udp
BE 74.125.206.84:443 accounts.google.com tcp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 54.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 fd.api.iris.microsoft.com udp
BE 74.125.206.84:443 accounts.google.com udp
IE 20.223.36.55:443 fd.api.iris.microsoft.com tcp
US 8.8.8.8:53 x.urs.microsoft.com udp
GB 13.87.96.169:443 x.urs.microsoft.com tcp
US 8.8.8.8:53 84.206.125.74.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 169.96.87.13.in-addr.arpa udp
US 8.8.8.8:53 35.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.179.238:443 youtube.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 4.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 consent.youtube.com udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
GB 142.250.200.54:443 i.ytimg.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 rr4---sn-5hne6nsy.googlevideo.com udp
NL 172.217.132.105:443 rr4---sn-5hne6nsy.googlevideo.com tcp
NL 172.217.132.105:443 rr4---sn-5hne6nsy.googlevideo.com tcp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 105.132.217.172.in-addr.arpa udp
NL 172.217.132.105:443 rr4---sn-5hne6nsy.googlevideo.com tcp
NL 172.217.132.105:443 rr4---sn-5hne6nsy.googlevideo.com tcp
NL 172.217.132.105:443 rr4---sn-5hne6nsy.googlevideo.com tcp
NL 172.217.132.105:443 rr4---sn-5hne6nsy.googlevideo.com tcp
GB 142.250.179.238:443 youtube.com udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 suggestqueries-clients6.youtube.com udp
GB 142.250.187.206:443 suggestqueries-clients6.youtube.com tcp
GB 216.58.201.102:443 static.doubleclick.net tcp
GB 142.250.187.206:443 suggestqueries-clients6.youtube.com udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 102.201.58.216.in-addr.arpa udp
GB 142.250.187.206:443 suggestqueries-clients6.youtube.com udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 rr3---sn-5hneknee.googlevideo.com udp
NL 74.125.8.72:443 rr3---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.72:443 rr3---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.72:443 rr3---sn-5hneknee.googlevideo.com tcp
US 8.8.8.8:53 72.8.125.74.in-addr.arpa udp
GB 172.217.169.1:443 yt3.ggpht.com tcp
GB 172.217.169.1:443 yt3.ggpht.com tcp
GB 172.217.169.1:443 yt3.ggpht.com tcp
GB 172.217.169.1:443 yt3.ggpht.com tcp
GB 172.217.169.1:443 yt3.ggpht.com tcp
GB 172.217.169.1:443 yt3.ggpht.com tcp
GB 172.217.169.1:443 yt3.ggpht.com tcp
GB 172.217.169.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 1.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 rr2---sn-5hnekn7s.googlevideo.com udp
NL 74.125.100.39:443 rr2---sn-5hnekn7s.googlevideo.com tcp
NL 74.125.100.39:443 rr2---sn-5hnekn7s.googlevideo.com tcp
NL 74.125.100.39:443 rr2---sn-5hnekn7s.googlevideo.com udp
US 8.8.8.8:53 39.100.125.74.in-addr.arpa udp
GB 172.217.169.1:443 yt3.ggpht.com udp
US 8.8.8.8:53 rr5---sn-5hne6nzd.googlevideo.com udp
NL 74.125.100.234:443 rr5---sn-5hne6nzd.googlevideo.com udp
US 8.8.8.8:53 234.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr3---sn-5hnednss.googlevideo.com udp
NL 172.217.132.200:443 rr3---sn-5hnednss.googlevideo.com udp
US 8.8.8.8:53 200.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 rr1---sn-5hne6ns6.googlevideo.com udp
NL 209.85.226.102:443 rr1---sn-5hne6ns6.googlevideo.com udp
US 8.8.8.8:53 102.226.85.209.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 rr1---sn-5hne6n6l.googlevideo.com udp
NL 74.125.8.166:443 rr1---sn-5hne6n6l.googlevideo.com udp
US 8.8.8.8:53 rr5---sn-5hne6nz6.googlevideo.com udp
US 8.8.8.8:53 166.8.125.74.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
NL 74.125.100.202:443 rr5---sn-5hne6nz6.googlevideo.com udp
US 8.8.8.8:53 202.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 www.virustotal.com udp
US 74.125.34.46:443 www.virustotal.com tcp
US 74.125.34.46:443 www.virustotal.com tcp
US 8.8.8.8:53 www.recaptcha.net udp
GB 142.250.187.195:443 www.recaptcha.net tcp
US 8.8.8.8:53 46.34.125.74.in-addr.arpa udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 200.187.250.142.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 recaptcha.net udp
GB 142.250.200.3:443 recaptcha.net tcp
GB 142.250.200.3:443 recaptcha.net udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.179.228:443 www.google.com udp
US 74.125.34.46:443 www.virustotal.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 228.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 goo.su udp
US 104.21.38.221:80 goo.su tcp
US 104.21.38.221:80 goo.su tcp
US 104.21.38.221:443 goo.su tcp
US 8.8.8.8:53 counter.yadro.ru udp
US 8.8.8.8:53 top-fwz1.mail.ru udp
US 8.8.8.8:53 an.yandex.ru udp
US 8.8.8.8:53 st.top100.ru udp
RU 88.212.201.198:443 counter.yadro.ru tcp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
RU 77.88.21.90:443 an.yandex.ru tcp
DE 151.236.71.248:443 st.top100.ru tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
US 8.8.8.8:53 221.38.21.104.in-addr.arpa udp
US 8.8.8.8:53 kraken.rambler.ru udp
US 8.8.8.8:53 privacy-cs.mail.ru udp
RU 81.19.89.16:443 kraken.rambler.ru tcp
RU 81.19.89.16:443 kraken.rambler.ru tcp
RU 95.163.52.89:443 privacy-cs.mail.ru tcp
US 8.8.8.8:53 avatars.mds.yandex.net udp
US 8.8.8.8:53 yastatic.net udp
US 8.8.8.8:53 mc.yandex.ru udp
RU 178.154.131.217:443 yastatic.net tcp
US 8.8.8.8:53 ads.adfox.ru udp
RU 87.250.247.182:443 avatars.mds.yandex.net tcp
RU 87.250.250.119:443 mc.yandex.ru tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 77.88.21.179:443 ads.adfox.ru tcp
US 8.8.8.8:53 yandex.ru udp
RU 77.88.55.88:443 yandex.ru tcp
US 8.8.8.8:53 67.52.163.95.in-addr.arpa udp
US 8.8.8.8:53 90.21.88.77.in-addr.arpa udp
US 8.8.8.8:53 198.201.212.88.in-addr.arpa udp
US 8.8.8.8:53 16.89.19.81.in-addr.arpa udp
US 8.8.8.8:53 89.52.163.95.in-addr.arpa udp
US 8.8.8.8:53 217.131.154.178.in-addr.arpa udp
US 8.8.8.8:53 119.250.250.87.in-addr.arpa udp
US 8.8.8.8:53 182.247.250.87.in-addr.arpa udp
US 8.8.8.8:53 179.21.88.77.in-addr.arpa udp
US 8.8.8.8:53 88.55.88.77.in-addr.arpa udp
US 8.8.8.8:53 stun4.l.google.com udp
US 8.8.8.8:53 stun3.l.google.com udp
RU 87.250.250.119:443 mc.yandex.ru tcp
US 74.125.250.129:19302 stun3.l.google.com udp
US 74.125.250.129:19302 stun3.l.google.com udp
US 74.125.250.129:19302 stun3.l.google.com udp
US 8.8.8.8:53 favicon.yandex.net udp
RU 77.88.21.36:443 favicon.yandex.net tcp
US 8.8.8.8:53 mc.yandex.com udp
US 8.8.8.8:53 129.250.125.74.in-addr.arpa udp
US 8.8.8.8:53 36.21.88.77.in-addr.arpa udp
US 8.8.8.8:53 storage.mds.yandex.net udp
RU 213.180.204.158:443 storage.mds.yandex.net tcp
RU 213.180.204.158:443 storage.mds.yandex.net tcp
US 104.21.38.221:443 goo.su tcp
US 8.8.8.8:53 158.204.180.213.in-addr.arpa udp
RU 95.163.52.89:443 privacy-cs.mail.ru tcp
RU 95.163.52.89:443 privacy-cs.mail.ru tcp
US 8.8.8.8:53 ad.adriver.ru udp
RU 195.209.109.11:443 ad.adriver.ru tcp
US 8.8.8.8:53 11.109.209.195.in-addr.arpa udp
RU 77.88.55.88:443 yandex.ru tcp
US 8.8.8.8:53 pangolin.sbertech.ru udp
RU 178.248.232.237:443 pangolin.sbertech.ru tcp
RU 178.248.232.237:443 pangolin.sbertech.ru tcp
RU 178.248.232.237:443 pangolin.sbertech.ru tcp
RU 178.248.232.237:443 pangolin.sbertech.ru tcp
RU 178.248.232.237:443 pangolin.sbertech.ru tcp
RU 178.248.232.237:443 pangolin.sbertech.ru tcp
US 8.8.8.8:53 237.232.248.178.in-addr.arpa udp
US 8.8.8.8:53 www.mediafire.com udp
US 104.17.151.117:443 www.mediafire.com tcp
US 104.17.151.117:443 www.mediafire.com tcp
US 8.8.8.8:53 static.mediafire.com udp
GB 142.250.179.228:443 www.google.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 117.151.17.104.in-addr.arpa udp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 172.165.69.228:443 nav.smartscreen.microsoft.com tcp
GB 172.165.69.228:443 nav.smartscreen.microsoft.com tcp
US 8.8.8.8:53 cdn.amplitude.com udp
NL 18.239.18.117:443 cdn.amplitude.com tcp
US 8.8.8.8:53 connect.facebook.net udp
GB 163.70.151.21:443 connect.facebook.net tcp
US 8.8.8.8:53 translate.google.com udp
US 8.8.8.8:53 117.18.239.18.in-addr.arpa udp
GB 142.250.178.14:443 translate.google.com tcp
US 8.8.8.8:53 api.amplitude.com udp
US 35.155.173.66:443 api.amplitude.com tcp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 66.173.155.35.in-addr.arpa udp
US 8.8.8.8:53 translate.googleapis.com udp
GB 216.58.204.74:443 translate.googleapis.com tcp
GB 142.250.200.14:443 www.youtube.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
GB 216.58.204.67:443 www.google.co.uk tcp
BE 66.102.1.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 155.1.102.66.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
GB 216.58.204.74:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 8.8.8.8:53 btloader.com udp
US 104.21.42.32:443 the.gatekeeperconsent.com tcp
US 104.22.74.216:443 btloader.com tcp
US 8.8.8.8:53 www.ezojs.com udp
GB 142.250.178.14:443 translate.google.com udp
US 172.67.170.144:443 www.ezojs.com tcp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com tcp
US 8.8.8.8:53 ad-delivery.net udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 g.ezoic.net udp
FR 13.37.187.223:443 g.ezoic.net tcp
US 8.8.8.8:53 32.42.21.104.in-addr.arpa udp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 144.170.67.172.in-addr.arpa udp
US 8.8.8.8:53 38.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 186.199.67.172.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 8.8.8.8:53 go.ezodn.com udp
US 104.19.208.227:443 cdn.otnolatrnup.com tcp
US 172.67.142.121:443 go.ezodn.com tcp
US 172.67.142.121:443 go.ezodn.com tcp
US 172.67.142.121:443 go.ezodn.com tcp
US 8.8.8.8:53 www.mediafiredls.com udp
US 172.67.73.78:443 www.mediafiredls.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 g.ezodn.com udp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 otnolatrnup.com udp
US 8.8.8.8:53 bshr.ezodn.com udp
US 172.67.142.121:443 bshr.ezodn.com tcp
US 130.211.23.194:443 api.btloader.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 ad.crwdcntrl.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
NL 18.239.18.118:443 tags.crwdcntrl.net tcp
IE 34.255.252.80:443 bcp.crwdcntrl.net tcp
IE 54.194.72.83:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 223.187.37.13.in-addr.arpa udp
US 8.8.8.8:53 227.208.19.104.in-addr.arpa udp
US 8.8.8.8:53 121.142.67.172.in-addr.arpa udp
US 8.8.8.8:53 78.73.67.172.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 118.18.239.18.in-addr.arpa udp
US 8.8.8.8:53 83.72.194.54.in-addr.arpa udp
US 8.8.8.8:53 80.252.255.34.in-addr.arpa udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 crt.rootg2.amazontrust.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
NL 18.239.83.86:80 crt.rootg2.amazontrust.com tcp
NL 18.239.83.86:80 crt.rootg2.amazontrust.com tcp
NL 18.239.83.86:80 crt.rootg2.amazontrust.com tcp
US 8.8.8.8:53 86.83.239.18.in-addr.arpa udp
FR 13.37.187.223:443 g.ezoic.net tcp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 match.adsrvr.org udp
GB 87.248.114.11:443 ups.analytics.yahoo.com tcp
US 8.8.8.8:53 id.crwdcntrl.net udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 static.criteo.net udp
DE 141.95.98.64:443 id5-sync.com tcp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 35.71.131.137:443 match.adsrvr.org tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 34.120.133.55:443 api.rlcdn.com tcp
NL 79.127.227.46:443 id.a-mx.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 104.18.35.167:443 cdn-ima.33across.com tcp
US 8.8.8.8:53 07ef60c0e8a9383c2c3f04d8ec268df4.safeframe.googlesyndication.com udp
GB 216.58.213.1:443 07ef60c0e8a9383c2c3f04d8ec268df4.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 oajs.openx.net udp
US 8.8.8.8:53 c3.a-mo.net udp
US 34.120.135.53:443 oajs.openx.net tcp
US 8.8.8.8:53 dnacdn.net udp
NL 79.127.227.46:443 c3.a-mo.net tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
FR 178.250.7.13:443 dnacdn.net tcp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
NL 18.239.50.10:443 hb.yellowblue.io tcp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 34.120.135.53:443 oajs.openx.net udp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
DE 3.78.168.176:443 tlx.3lift.com tcp
IE 54.195.27.83:443 ap.lijit.com tcp
DE 51.89.9.252:443 onetag-sys.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
FR 163.5.194.32:443 prebid.a-mo.net tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 11.114.248.87.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 64.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 137.131.71.35.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 167.35.18.104.in-addr.arpa udp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 46.227.127.79.in-addr.arpa udp
US 8.8.8.8:53 1.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 53.135.120.34.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 10.50.239.18.in-addr.arpa udp
US 8.8.8.8:53 112.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 32.194.5.163.in-addr.arpa udp
US 8.8.8.8:53 252.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 176.168.78.3.in-addr.arpa udp
US 8.8.8.8:53 83.27.195.54.in-addr.arpa udp
US 8.8.8.8:53 download1503.mediafire.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
US 205.196.123.191:443 download1503.mediafire.com tcp
US 205.196.123.191:443 download1503.mediafire.com tcp
US 205.196.123.191:443 download1503.mediafire.com tcp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 35.244.159.8:443 google-bidout-d.openx.net tcp
US 8.8.8.8:53 65.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 191.123.196.205.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 104.19.208.227:80 otnolatrnup.com tcp
US 104.19.208.227:80 otnolatrnup.com tcp
US 8.8.8.8:53 woreppercomming.com udp
GB 142.250.180.1:443 cdn.ampproject.org udp
GB 54.230.10.77:443 woreppercomming.com tcp
US 8.8.8.8:53 www.chancial.com udp
US 172.67.141.135:443 www.chancial.com tcp
US 8.8.8.8:53 77.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 135.141.67.172.in-addr.arpa udp
US 8.8.8.8:53 check.analytics.rlcdn.com udp
NL 13.227.219.97:443 check.analytics.rlcdn.com tcp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
NL 185.235.87.87:443 gem.gbc.criteo.com tcp
NL 185.235.87.28:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 97.219.227.13.in-addr.arpa udp
US 8.8.8.8:53 87.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 28.87.235.185.in-addr.arpa udp
GB 216.58.204.74:443 translate-pa.googleapis.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.179.228:443 www.google.com udp
US 8.8.8.8:53 analytics.rlcdn.com udp
NL 18.239.69.99:443 analytics.rlcdn.com tcp
US 8.8.8.8:53 99.69.239.18.in-addr.arpa udp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 142.250.200.54:443 i.ytimg.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
GB 142.250.179.228:443 www.google.com udp
GB 216.58.204.67:443 www.google.co.uk udp
GB 142.250.200.3:443 recaptcha.net udp
GB 142.250.200.3:443 recaptcha.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
GB 142.250.179.228:443 www.google.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
GB 142.250.178.14:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 51.140.244.186:443 nav.smartscreen.microsoft.com tcp
US 8.8.8.8:53 186.244.140.51.in-addr.arpa udp
US 8.8.8.8:53 203.197.79.204.in-addr.arpa udp
N/A 239.255.255.250:3702 udp
N/A 239.255.255.250:3702 udp
US 8.8.8.8:53 c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa udp
US 8.8.8.8:53 www.virustotal.com udp
US 8.8.8.8:53 41.173.79.40.in-addr.arpa udp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 13.87.96.169:443 nav.smartscreen.microsoft.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
GB 142.250.179.226:443 googleads.g.doubleclick.net udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 g.ezoic.net udp
FR 13.37.187.223:443 g.ezoic.net tcp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 95.100.195.64:443 www.bing.com tcp
US 95.100.195.64:443 www.bing.com tcp
US 8.8.8.8:53 64.195.100.95.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
US 95.100.195.9:443 th.bing.com tcp
US 95.100.195.53:443 r.bing.com tcp
US 95.100.195.53:443 r.bing.com tcp
US 95.100.195.9:443 th.bing.com tcp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
GB 216.58.204.67:443 www.google.co.uk udp
GB 216.58.204.74:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 9.195.100.95.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 checkappexec.microsoft.com udp
GB 13.87.96.169:443 checkappexec.microsoft.com tcp
US 8.8.8.8:53 blowwyivot.cfd udp
US 8.8.8.8:53 mathcucom.sbs udp
US 8.8.8.8:53 allocatinow.sbs udp
US 8.8.8.8:53 enlargkiw.sbs udp
US 8.8.8.8:53 resinedyw.sbs udp
US 8.8.8.8:53 vennurviot.sbs udp
US 8.8.8.8:53 ehticsprocw.sbs udp
US 8.8.8.8:53 condifendteu.sbs udp
US 8.8.8.8:53 drawwyobstacw.sbs udp
US 8.8.8.8:53 steamcommunity.com udp
GB 23.214.143.155:443 steamcommunity.com tcp
US 8.8.8.8:53 villagedguy.cyou udp
US 104.21.32.196:443 villagedguy.cyou tcp
US 8.8.8.8:53 155.143.214.23.in-addr.arpa udp
US 8.8.8.8:53 blowwyivot.cfd udp
US 8.8.8.8:53 mathcucom.sbs udp
US 8.8.8.8:53 allocatinow.sbs udp
US 8.8.8.8:53 enlargkiw.sbs udp
US 8.8.8.8:53 resinedyw.sbs udp
US 8.8.8.8:53 vennurviot.sbs udp
US 8.8.8.8:53 ehticsprocw.sbs udp
US 8.8.8.8:53 condifendteu.sbs udp
US 8.8.8.8:53 drawwyobstacw.sbs udp
US 8.8.8.8:53 steamcommunity.com udp
GB 23.214.143.155:443 steamcommunity.com tcp
US 104.21.32.196:443 villagedguy.cyou tcp
GB 23.214.143.155:443 steamcommunity.com tcp
US 104.21.32.196:443 villagedguy.cyou tcp
N/A 127.0.0.1:55841 tcp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 firefox-api-proxy.cdn.mozilla.net udp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 140.230.185.54.in-addr.arpa udp
N/A 127.0.0.1:55850 tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 csp.withgoogle.com udp
GB 216.58.204.81:443 csp.withgoogle.com tcp
US 8.8.8.8:53 csp.withgoogle.com udp
US 8.8.8.8:53 csp.withgoogle.com udp
US 8.8.8.8:53 226.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 81.204.58.216.in-addr.arpa udp
GB 216.58.204.81:443 csp.withgoogle.com udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
GB 216.58.204.78:443 consent.google.com tcp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 consent.google.com udp
GB 216.58.204.78:443 consent.google.com udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.virustotal.com udp
US 74.125.34.46:443 www.virustotal.com tcp
US 8.8.8.8:53 ghs-svc-https-c46.ghs-ssl.googlehosted.com udp
US 8.8.8.8:53 ghs-svc-https-c46.ghs-ssl.googlehosted.com udp
US 74.125.34.46:443 ghs-svc-https-c46.ghs-ssl.googlehosted.com tcp
US 8.8.8.8:53 www.recaptcha.net udp
GB 142.250.187.195:443 www.recaptcha.net tcp
US 8.8.8.8:53 www.recaptcha.net udp
US 8.8.8.8:53 www.recaptcha.net udp
US 8.8.8.8:53 recaptcha.net udp
GB 142.250.200.3:443 recaptcha.net tcp
US 8.8.8.8:53 recaptcha.net udp
US 8.8.8.8:53 recaptcha.net udp
GB 142.250.200.3:443 recaptcha.net udp
GB 142.250.187.195:443 www.recaptcha.net udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 ghs-svc-https-c46.ghs-ssl.googlehosted.com udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 35.190.72.216:443 location.services.mozilla.com udp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 216.72.190.35.in-addr.arpa udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
DE 23.55.161.211:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 211.161.55.23.in-addr.arpa udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 142.250.200.14:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 142.250.200.14:443 redirector.gvt1.com udp
US 8.8.8.8:53 r2---sn-5hne6nzy.gvt1.com udp
NL 172.217.132.167:443 r2---sn-5hne6nzy.gvt1.com tcp
US 8.8.8.8:53 r2.sn-5hne6nzy.gvt1.com udp
US 8.8.8.8:53 r2.sn-5hne6nzy.gvt1.com udp
NL 172.217.132.167:443 r2.sn-5hne6nzy.gvt1.com udp
US 8.8.8.8:53 167.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 www.mozilla.org udp
GB 13.224.77.115:443 www.mozilla.org tcp
US 8.8.8.8:53 www.mozorg.moz.works udp
US 8.8.8.8:53 www.mozorg.moz.works udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 115.77.224.13.in-addr.arpa udp
US 8.8.8.8:53 id.google.com udp
GB 216.58.204.67:443 id.google.com tcp
US 8.8.8.8:53 id.google.com udp
US 8.8.8.8:53 id.google.com udp
GB 216.58.204.81:443 csp.withgoogle.com udp
GB 216.58.204.67:443 id.google.com udp
GB 172.217.16.238:443 www.youtube.com udp
US 8.8.8.8:53 www.rarlab.com udp
DE 51.195.68.162:443 www.rarlab.com tcp
US 8.8.8.8:53 www.rarlab.com udp
US 8.8.8.8:53 www.rarlab.com udp
DE 51.195.68.162:443 www.rarlab.com tcp
US 8.8.8.8:53 162.68.195.51.in-addr.arpa udp
DE 51.195.68.162:443 www.rarlab.com tcp
DE 51.195.68.162:443 www.rarlab.com tcp
US 8.8.8.8:53 www.rarlab.com udp
US 8.8.8.8:53 support.mozilla.org udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 download.cnet.com udp
US 151.101.1.91:443 download.cnet.com tcp
US 8.8.8.8:53 n.sni.global.fastly.net udp
US 8.8.8.8:53 n.sni.global.fastly.net udp
US 151.101.1.91:443 n.sni.global.fastly.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 assets.dwncdn.net udp
US 8.8.8.8:53 images.dwncdn.net udp
GB 142.250.180.4:443 www.google.com tcp
US 151.101.1.91:443 images.dwncdn.net tcp
US 8.8.8.8:53 cdn.cookielaw.org udp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
US 151.101.65.91:443 images.dwncdn.net tcp
US 8.8.8.8:53 swls.map.fastly.net udp
US 151.101.65.91:443 swls.map.fastly.net tcp
US 151.101.65.91:443 swls.map.fastly.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
US 8.8.8.8:53 swls.map.fastly.net udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 151.101.65.91:443 swls.map.fastly.net udp
US 151.101.1.91:443 swls.map.fastly.net udp
US 151.101.65.91:443 swls.map.fastly.net udp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 91.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 42.87.18.104.in-addr.arpa udp
US 8.8.8.8:53 203.70.239.18.in-addr.arpa udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 push-sdk.com udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 8.8.8.8:53 di-images.sftcdn.net udp
DE 23.88.8.125:443 push-sdk.com tcp
US 8.8.8.8:53 push-sdk.com udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 151.101.193.91:443 di-images.sftcdn.net tcp
US 151.101.193.91:443 di-images.sftcdn.net tcp
US 151.101.193.91:443 di-images.sftcdn.net tcp
US 151.101.193.91:443 di-images.sftcdn.net tcp
US 151.101.193.91:443 di-images.sftcdn.net tcp
US 8.8.8.8:53 push-sdk.com udp
US 151.101.193.91:443 di-images.sftcdn.net udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 uidsync.net udp
DE 157.90.33.68:443 uidsync.net tcp
DE 157.90.33.68:443 uidsync.net tcp
US 8.8.8.8:53 uidsync.net udp
US 8.8.8.8:53 uidsync.net udp
US 8.8.8.8:53 125.8.88.23.in-addr.arpa udp
US 8.8.8.8:53 91.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 68.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 partner.googleadservices.com udp
US 8.8.8.8:53 syndicatedsearch.goog udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 13.107.246.65:443 www.clarity.ms tcp
US 8.8.8.8:53 s-part-0037.t-0009.t-msedge.net udp
NL 18.239.83.58:443 sb.scorecardresearch.com tcp
US 8.8.8.8:53 sb.scorecardresearch.com udp
GB 172.217.16.226:443 partner.googleadservices.com tcp
US 8.8.8.8:53 partner.googleadservices.com udp
US 8.8.8.8:53 7b98788e4b00e2b23aec4de2e74b6373.safeframe.googlesyndication.com udp
US 8.8.8.8:53 cdn-ima.33across.com.cdn.cloudflare.net udp
US 8.8.8.8:53 syndicatedsearch.goog udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 s-part-0037.t-0009.t-msedge.net udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
GB 216.58.212.206:443 syndicatedsearch.goog tcp
GB 216.58.212.206:443 syndicatedsearch.goog tcp
US 172.64.152.89:443 cdn-ima.33across.com.cdn.cloudflare.net tcp
NL 18.239.18.33:443 tags.crwdcntrl.net tcp
US 8.8.8.8:53 partner.googleadservices.com udp
GB 216.58.213.1:443 7b98788e4b00e2b23aec4de2e74b6373.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 cdn-ima.33across.com.cdn.cloudflare.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 syndicatedsearch.goog udp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
GB 216.58.212.206:443 syndicatedsearch.goog udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.16.226:443 partner.googleadservices.com udp
GB 216.58.213.1:443 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 c.clarity.ms udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
IE 13.74.129.1:443 c.clarity.ms tcp
US 8.8.8.8:53 c-msn-com-nsatc.trafficmanager.net udp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
IE 52.49.89.142:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 c-msn-com-nsatc.trafficmanager.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 c.bing.com udp
US 8.8.8.8:53 b.clarity.ms udp
US 204.79.197.237:443 c.bing.com tcp
US 8.8.8.8:53 dual-a-0034.a-msedge.net udp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 dual-a-0034.a-msedge.net udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 65.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 58.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 33.18.239.18.in-addr.arpa udp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 142.89.49.52.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 168.129.153.4.in-addr.arpa udp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 8.8.8.8:53 cdn-content.ampproject.org udp
GB 142.250.180.1:443 cdn-content.ampproject.org udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 n.sni.global.fastly.net udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 151.101.65.91:443 di-images.sftcdn.net tcp
US 151.101.1.91:443 di-images.sftcdn.net tcp
US 151.101.193.91:443 di-images.sftcdn.net tcp
NL 18.239.70.203:443 d1ykf07e75w7ss.cloudfront.net tcp
US 8.8.8.8:53 091c83107cbefd81fdc6998e38fac60c.safeframe.googlesyndication.com udp
GB 216.58.213.1:443 091c83107cbefd81fdc6998e38fac60c.safeframe.googlesyndication.com tcp
GB 216.58.213.1:443 091c83107cbefd81fdc6998e38fac60c.safeframe.googlesyndication.com udp
US 8.8.8.8:53 c-msn-com-nsatc.trafficmanager.net udp
NL 18.239.83.58:443 sb.scorecardresearch.com tcp
US 13.107.246.65:443 s-part-0037.t-0009.t-msedge.net tcp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 93f2e2622ac6b40abc7a93315f8aa541.safeframe.googlesyndication.com udp
GB 216.58.213.1:443 93f2e2622ac6b40abc7a93315f8aa541.safeframe.googlesyndication.com tcp
GB 216.58.213.1:443 93f2e2622ac6b40abc7a93315f8aa541.safeframe.googlesyndication.com udp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
GB 142.250.180.1:443 cdn-content.ampproject.org tcp
US 8.8.8.8:53 prod.downloadnow.com udp
US 151.101.65.91:443 prod.downloadnow.com tcp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 blowwyivot.cfd udp
US 8.8.8.8:53 mathcucom.sbs udp
US 8.8.8.8:53 enlargkiw.sbs udp
US 8.8.8.8:53 resinedyw.sbs udp
US 8.8.8.8:53 vennurviot.sbs udp
US 8.8.8.8:53 condifendteu.sbs udp
US 8.8.8.8:53 drawwyobstacw.sbs udp
US 8.8.8.8:53 steamcommunity.com udp
GB 23.214.143.155:443 steamcommunity.com tcp
GB 142.250.180.1:443 cdn-content.ampproject.org udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 4.153.129.168:443 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com tcp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 216.58.204.67:443 id.google.com udp
GB 216.58.204.81:443 csp.withgoogle.com udp
US 8.8.8.8:53 2.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.180.14:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
GB 142.250.180.14:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.204.86:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.204.86:443 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
BE 108.177.15.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
BE 108.177.15.84:443 accounts.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 86.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 84.15.177.108.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.179.238:443 youtube.com tcp
US 8.8.8.8:53 youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.179.238:443 youtube.com udp
GB 172.217.16.238:443 youtube-ui.l.google.com tcp
GB 172.217.16.238:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
GB 172.217.16.238:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 consent.youtube.com udp
US 8.8.8.8:53 consent.youtube.com udp
US 8.8.8.8:53 consent.youtube.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 172.217.169.34:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 172.217.169.34:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 rr1---sn-q4fzenee.googlevideo.com udp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 8.8.8.8:53 rr1.sn-q4fzenee.googlevideo.com udp
US 8.8.8.8:53 rr1.sn-q4fzenee.googlevideo.com udp
US 8.8.8.8:53 rr1---sn-q4fzenee.googlevideo.com udp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 8.8.8.8:53 34.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 suggestqueries-clients6.youtube.com udp
GB 142.250.187.206:443 suggestqueries-clients6.youtube.com tcp
GB 142.250.187.206:443 suggestqueries-clients6.youtube.com tcp
US 8.8.8.8:53 suggestqueries-clients6.youtube.com udp
GB 142.250.179.238:443 youtube.com udp
US 8.8.8.8:53 suggestqueries-clients6.youtube.com udp
GB 142.250.187.206:443 suggestqueries-clients6.youtube.com udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.180.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.180.6:443 static.doubleclick.net udp
US 8.8.8.8:53 6.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
GB 216.58.204.65:443 lh5.googleusercontent.com tcp
US 8.8.8.8:53 googlehosted.l.googleusercontent.com udp
US 8.8.8.8:53 googlehosted.l.googleusercontent.com udp
GB 216.58.204.65:443 googlehosted.l.googleusercontent.com udp
US 8.8.8.8:53 65.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.187.225:443 yt3.ggpht.com tcp
US 8.8.8.8:53 photos-ugc.l.googleusercontent.com udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
GB 216.58.204.65:443 lh4.googleusercontent.com tcp
GB 142.250.187.225:443 yt3.ggpht.com tcp
GB 216.58.204.65:443 lh4.googleusercontent.com udp
GB 142.250.187.225:443 yt3.ggpht.com udp
US 8.8.8.8:53 225.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 lh6.googleusercontent.com udp
GB 216.58.204.65:443 lh6.googleusercontent.com tcp
GB 216.58.204.65:443 lh6.googleusercontent.com udp
GB 216.58.204.65:443 lh6.googleusercontent.com udp
GB 216.58.201.110:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 rr1---sn-5hneknes.googlevideo.com udp
NL 74.125.8.198:443 rr1---sn-5hneknes.googlevideo.com tcp
US 8.8.8.8:53 rr1.sn-5hneknes.googlevideo.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
GB 172.217.16.238:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 198.8.125.74.in-addr.arpa udp
NL 74.125.8.198:443 rr1---sn-5hneknes.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-5hneknes.googlevideo.com udp
NL 74.125.8.198:443 rr1---sn-5hneknes.googlevideo.com tcp
NL 74.125.8.198:443 rr1---sn-5hneknes.googlevideo.com udp
NL 74.125.8.198:443 rr1---sn-5hneknes.googlevideo.com tcp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 216.58.204.86:443 i.ytimg.com udp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 8.8.8.8:53 rr5---sn-q4fl6nss.googlevideo.com udp
US 172.217.131.170:443 rr5---sn-q4fl6nss.googlevideo.com tcp
US 172.217.131.170:443 rr5---sn-q4fl6nss.googlevideo.com tcp
US 8.8.8.8:53 rr5.sn-q4fl6nss.googlevideo.com udp
US 8.8.8.8:53 rr5.sn-q4fl6nss.googlevideo.com udp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 8.8.8.8:53 rr5---sn-q4fl6nss.googlevideo.com udp
US 172.217.131.170:443 rr5---sn-q4fl6nss.googlevideo.com tcp
US 172.217.131.170:443 rr5---sn-q4fl6nss.googlevideo.com tcp
US 8.8.8.8:53 170.131.217.172.in-addr.arpa udp
US 172.217.131.170:443 rr5---sn-q4fl6nss.googlevideo.com tcp
US 172.217.131.170:443 rr5---sn-q4fl6nss.googlevideo.com tcp
GB 172.217.16.238:443 youtube-ui.l.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 142.250.187.225:443 yt3.ggpht.com tcp
NL 74.125.8.198:443 rr1---sn-5hneknes.googlevideo.com tcp
US 8.8.8.8:53 www.mediafire.com udp
US 8.8.8.8:53 www.mediafire.com udp
US 104.17.150.117:443 www.mediafire.com tcp
US 8.8.8.8:53 www.mediafire.com udp
US 104.17.150.117:443 www.mediafire.com udp
US 8.8.8.8:53 static.mediafire.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 static.mediafire.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 104.17.150.117:443 static.mediafire.com tcp
US 104.17.150.117:443 static.mediafire.com tcp
US 104.17.150.117:443 static.mediafire.com tcp
US 104.17.150.117:443 static.mediafire.com tcp
US 104.17.150.117:443 static.mediafire.com tcp
GB 142.250.187.234:443 ajax.googleapis.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 static.mediafire.com udp
US 104.17.150.117:443 static.mediafire.com udp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.187.234:443 ajax.googleapis.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
GB 142.250.187.234:443 ajax.googleapis.com tcp
GB 142.250.187.234:443 ajax.googleapis.com tcp
US 8.8.8.8:53 cdn.amplitude.com udp
GB 142.250.187.234:443 ajax.googleapis.com tcp
GB 142.250.187.234:443 ajax.googleapis.com tcp
US 8.8.8.8:53 cdn.amplitude.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 translate.google.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 142.250.178.14:443 translate.google.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 142.250.178.14:443 www3.l.google.com udp
US 8.8.8.8:53 117.150.17.104.in-addr.arpa udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 translate.googleapis.com udp
GB 216.58.201.106:443 translate.googleapis.com tcp
US 8.8.8.8:53 translate.googleapis.com udp
US 8.8.8.8:53 translate.googleapis.com udp
GB 216.58.201.106:443 translate.googleapis.com udp
NL 18.239.18.99:443 cdn.amplitude.com tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 api.amplitude.com udp
US 34.211.64.123:443 api.amplitude.com tcp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 99.18.239.18.in-addr.arpa udp
GB 142.250.179.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 translate-pa.googleapis.com udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
GB 142.250.179.234:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
GB 216.58.204.67:443 www.google.co.uk tcp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 region1.analytics.google.com udp
GB 216.58.204.67:443 www.google.co.uk tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 216.58.204.67:443 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
BE 66.102.1.155:443 stats.g.doubleclick.net tcp
GB 163.70.151.35:443 star-mini.c10r.facebook.com udp
BE 66.102.1.155:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 123.64.211.34.in-addr.arpa udp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 www.ezojs.com udp
US 104.21.42.32:443 the.gatekeeperconsent.com tcp
US 8.8.8.8:53 btloader.com udp
US 172.67.170.144:443 www.ezojs.com tcp
US 8.8.8.8:53 www.ezojs.com.cdn.cloudflare.net udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 8.8.8.8:53 www.ezojs.com.cdn.cloudflare.net udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.21.42.32:443 the.gatekeeperconsent.com udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 172.67.170.144:443 www.ezojs.com.cdn.cloudflare.net udp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com tcp
US 104.17.150.117:443 static.mediafire.com udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 104.19.208.227:443 cdn.otnolatrnup.com tcp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 8.8.8.8:53 www.mediafiredls.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com udp
US 104.26.3.173:443 www.mediafiredls.com tcp
US 8.8.8.8:53 www.mediafiredls.com udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 www.mediafiredls.com udp
US 104.19.208.227:443 cdn.otnolatrnup.com udp
FR 13.37.187.223:443 g.ezoic.net tcp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 go.ezodn.com udp
US 8.8.8.8:53 go.ezodn.com udp
US 8.8.8.8:53 otnolatrnup.com udp
US 8.8.8.8:53 go.ezodn.com udp
US 104.18.159.164:443 otnolatrnup.com tcp
US 8.8.8.8:53 otnolatrnup.com udp
US 8.8.8.8:53 otnolatrnup.com udp
US 172.67.41.60:443 btloader.com tcp
US 172.67.142.121:443 go.ezodn.com tcp
US 172.67.142.121:443 go.ezodn.com tcp
US 172.67.142.121:443 go.ezodn.com tcp
US 8.8.8.8:53 ad-delivery.net udp
US 172.67.142.121:443 go.ezodn.com udp
GB 142.250.179.234:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 g.ezodn.com udp
US 104.18.159.164:443 otnolatrnup.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 g.ezodn.com udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 ad.crwdcntrl.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 g.ezodn.com udp
US 8.8.8.8:53 ad.crwdcntrl.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 172.67.69.19:443 ad-delivery.net tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 104.21.87.79:443 g.ezodn.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
NL 18.239.18.118:443 tags.crwdcntrl.net tcp
IE 52.208.115.114:443 bcp.crwdcntrl.net tcp
IE 63.34.182.190:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 ad.crwdcntrl.net udp
US 104.21.87.79:443 g.ezodn.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 api.btloader.com udp
US 130.211.23.194:443 api.btloader.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 download2343.mediafire.com udp
US 8.8.8.8:53 api.btloader.com udp
US 199.91.155.84:443 download2343.mediafire.com tcp
US 8.8.8.8:53 download2343.mediafire.com udp
US 8.8.8.8:53 173.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 164.159.18.104.in-addr.arpa udp
US 8.8.8.8:53 60.41.67.172.in-addr.arpa udp
US 8.8.8.8:53 19.69.67.172.in-addr.arpa udp
US 8.8.8.8:53 70.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 79.87.21.104.in-addr.arpa udp
US 8.8.8.8:53 114.115.208.52.in-addr.arpa udp
US 8.8.8.8:53 190.182.34.63.in-addr.arpa udp
US 8.8.8.8:53 download2343.mediafire.com udp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 84.155.91.199.in-addr.arpa udp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 4.153.129.168:443 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com tcp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 104.18.159.164:443 otnolatrnup.com tcp
US 8.8.8.8:53 bshr.ezodn.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 142.250.178.14:443 fundingchoicesmessages.google.com tcp
US 104.21.87.79:443 bshr.ezodn.com tcp
US 104.21.87.79:443 bshr.ezodn.com tcp
US 8.8.8.8:53 bshr.ezodn.com udp
US 8.8.8.8:53 bshr.ezodn.com udp
GB 142.250.178.14:443 fundingchoicesmessages.google.com udp
US 104.21.87.79:443 bshr.ezodn.com udp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 104.18.159.164:443 otnolatrnup.com udp
US 8.8.8.8:53 www.mediafire.com udp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 104.18.159.164:80 otnolatrnup.com tcp
US 8.8.8.8:53 woreppercomming.com udp
GB 54.230.10.67:443 woreppercomming.com tcp
US 8.8.8.8:53 woreppercomming.com udp
US 8.8.8.8:53 woreppercomming.com udp
US 8.8.8.8:53 www.chancial.com udp
US 172.67.141.135:443 www.chancial.com tcp
US 8.8.8.8:53 www.chancial.com udp
US 8.8.8.8:53 www.chancial.com udp
US 172.67.141.135:443 www.chancial.com udp
US 8.8.8.8:53 www.opera.com udp
DE 3.126.30.43:443 www.opera.com tcp
US 8.8.8.8:53 front-geo.production.opera-website.route53.opera.com udp
US 8.8.8.8:53 front-geo.production.opera-website.route53.opera.com udp
US 8.8.8.8:53 cdn-production-opera-website.operacdn.com udp
US 8.8.8.8:53 www.googleoptimize.com udp
FR 2.18.131.41:443 cdn-production-opera-website.operacdn.com tcp
FR 2.18.131.41:443 cdn-production-opera-website.operacdn.com tcp
FR 2.18.131.41:443 cdn-production-opera-website.operacdn.com tcp
FR 2.18.131.41:443 cdn-production-opera-website.operacdn.com tcp
FR 2.18.131.41:443 cdn-production-opera-website.operacdn.com tcp
FR 2.18.131.41:443 cdn-production-opera-website.operacdn.com tcp
US 8.8.8.8:53 e11604.dscf.akamaiedge.net udp
GB 216.58.201.110:443 www.googleoptimize.com tcp
US 8.8.8.8:53 www.googleoptimize.com udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 8.8.8.8:53 e11604.dscf.akamaiedge.net udp
US 8.8.8.8:53 www.googleoptimize.com udp
US 52.182.143.212:443 nw-umwatson.events.data.microsoft.com tcp
GB 216.58.201.110:443 www.googleoptimize.com udp
US 8.8.8.8:53 43.30.126.3.in-addr.arpa udp
US 8.8.8.8:53 41.131.18.2.in-addr.arpa udp
US 8.8.8.8:53 212.143.182.52.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 youtube-ui.l.google.com udp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 g.ezoic.net udp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 8.8.8.8:53 www.virustotal.com udp
US 8.8.8.8:53 ghs-svc-https-c46.ghs-ssl.googlehosted.com udp
US 74.125.34.46:443 ghs-svc-https-c46.ghs-ssl.googlehosted.com tcp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 8.8.8.8:53 ghs-svc-https-c46.ghs-ssl.googlehosted.com udp
US 173.194.141.198:443 rr1---sn-q4fzenee.googlevideo.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 4.153.129.168:443 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com tcp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 nhariutz.cyou udp
US 172.67.211.87:443 nhariutz.cyou tcp
US 8.8.8.8:53 seallysl.site udp
US 8.8.8.8:53 opposezmny.site udp
US 8.8.8.8:53 goalyfeastz.site udp
US 172.67.145.203:443 goalyfeastz.site tcp
US 8.8.8.8:53 contemteny.site udp
US 104.21.11.123:443 contemteny.site tcp
US 8.8.8.8:53 87.211.67.172.in-addr.arpa udp
US 8.8.8.8:53 203.145.67.172.in-addr.arpa udp
US 8.8.8.8:53 dilemmadu.site udp
US 104.21.59.84:443 dilemmadu.site tcp
US 8.8.8.8:53 authorisev.site udp
US 104.21.85.194:443 authorisev.site tcp
US 8.8.8.8:53 84.59.21.104.in-addr.arpa udp
US 8.8.8.8:53 123.11.21.104.in-addr.arpa udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 216.58.213.1:443 93f2e2622ac6b40abc7a93315f8aa541.safeframe.googlesyndication.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
GB 172.217.169.34:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
GB 172.217.16.238:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp
US 4.153.129.168:443 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com tcp
US 8.8.8.8:53 vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d9a93ee5221bd6f61ae818935430ccac
SHA1 f35db7fca9a0204cefc2aef07558802de13f9424
SHA256 a756ec37aec7cd908ea1338159800fd302481acfddad3b1701c399a765b7c968
SHA512 b47250fdd1dd86ad16843c3df5bed88146c29279143e20f51af51f5a8d9481ae655db675ca31801e98ab1b82b01cb87ae3c83b6e68af3f7835d3cfa83100ad44

\??\pipe\LOCAL\crashpad_2860_XCGFMIAHEUPZOAAH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

MD5 e5e3377341056643b0494b6842c0b544
SHA1 d53fd8e256ec9d5cef8ef5387872e544a2df9108
SHA256 e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25
SHA512 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b9fc751d5fa08ca574eba851a781b900
SHA1 963c71087bd9360fa4aa1f12e84128cd26597af4
SHA256 360b095e7721603c82e03afa392eb3c3df58e91a831195fc9683e528c2363bbb
SHA512 ecb8d509380f5e7fe96f14966a4d83305cd9a2292bf42dec349269f51176a293bda3273dfe5fba5a32a6209f411e28a7c2ab0d36454b75e155fc053974980757

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 f9055ea0f42cb1609ff65d5be99750dc
SHA1 6f3a884d348e9f58271ddb0cdf4ee0e29becadd4
SHA256 1cacba6574ba8cc5278c387d6465ff72ef63df4c29cfbec5c76fbaf285d92348
SHA512 b1937bc9598d584a02c5c7ac42b96ed6121f16fe2de2623b74bb9b2ca3559fc7aff11464f83a9e9e3002a1c74d4bb0ee8136b0746a5773f8f12f857a7b2b3cb4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b8e455008cd43f99bce976f3f8f8030b
SHA1 dea677e39979b61118af671181cf50b6ebd6a913
SHA256 478674d85154643503ce2779fe3be9fda519da62883251d4dd93dd229dbaddae
SHA512 c65ae0177eea70ca78972c5ddc2685e7fe75b1a0e52773fee04530a10df77e20d146f63cc3cb56622ce555c5a6a3b8fac14315d24a9a2e7374bd7969b7de96a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 05066b5b555e8ee768b8d6792749cf32
SHA1 52a6b85e295c7f4d4b3dabf5b95d64f416cfb402
SHA256 860e014613c8f7b2a7f2499c685e6298b0aeaec5f4997e7034ece240339e54db
SHA512 5e1689f4961eefd3ff6bae1927207e8ff5c5bae810059a07afdf94f2e5b6306b482d6506b45b0e78091df365e3a15b52dc1a3b1f7d460e38a6003f70b493de7b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 7c555bc2ba052526aaf35b0481551c80
SHA1 fdc43fe1259715c98b4ee64a0d7b07ebd28ea44f
SHA256 6fa0e59b9129d764bfa1588b07468a3d29dc0eae6e1e88154a68af41d34c8253
SHA512 7b7b9d1119467112ca9d2fb2bbacf3930b1f06747e987658238851cf94d38982c65a57d9d84122db41af1e263232fca4e83e89e6223381850963a3065fdd88c5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 60626f6d5fe08a51ee2a947ce01c7001
SHA1 c060f2c2d7f8b3fc5f9bdb1ec1e717e9be579d92
SHA256 ca945e33ab1498ae691dfd3a2f9cffc091dc5aea6b97f26c40676b55ce9debea
SHA512 a848d329106cbcee539f38926f7ff0b0c42375ac9b8624fb33ce6eda5765ee6fa9554f414bfdf7f39b24a9d9814e0108c8fbc131afc4693a5ea0e522e8dc9b75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6c5a6a619b700579cbbfa3f647758174
SHA1 05dfc0c1a837e498ef7d5d23cc4b34c4957d8d5b
SHA256 b8c27e91126b860682f3d2f98e0ce8b0be925ed8c546835d8dcb0581f8b8554d
SHA512 77e24f50bd4cb741c14157e08a15c04bc48f1b7c1f2647fe2b841cd95d7904e56bebb613f7ff035980b20b8f43d5f9fc373b96947774b26acfd6c97ed156e5c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 d3412a01d4c3df1df43f94ecd14a889a
SHA1 2900a987c87791c4b64d80e9ce8c8bd26b679c2f
SHA256 dd1511db0f7bf3dc835c2588c1fdd1976b6977ad7babe06380c21c63540919be
SHA512 7d216a9db336322310d7a6191ebac7d80fd4fa084413d0474f42b6eff3feb1baf3e1fb24172ea8abcb67d577f4e3aea2bc68fdb112205fc7592a311a18952f7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3d6065c4dad44e593de86a6999281f03
SHA1 6a4170ff5c4865300caf159d3c0148211f1c14ab
SHA256 07bf3c6a10f934f7e52166705a11c1a29e732abc769acb6bb5533b13d306e8c9
SHA512 5f17b94c8aadccaeea68673a478af5da4d7ea389764bccdc13cbce71e61df2780aef10884219e5f6d80ec746e5e58542eaee9497340d82c772bbaa297690d18f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2e9b629368432d8a61fb5958a9c1eeef
SHA1 70e4123d44077f871ea290896ceabf1ebfe434ca
SHA256 e406d6c65a74321a5c9ed01f3183c27415bedc8facc653e18cb8b7e612c8deaa
SHA512 be25f5d70cd45c320265e6ae0a13343c741c7437a65178238f1a111a1ebcec25c14d9e186554468e02780fec7efcaebd58bfa6e9788034d73af4d20f5ede4dde

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58269e.TMP

MD5 48e484fdb02d535bf5552cf27fc36651
SHA1 2a4890124c0bb5e6766df444d2e09517cda0312a
SHA256 014ad09a6529ead4af8ed2b94712ef37ff19431a771a05b3d61b42bc5e6822b5
SHA512 5485630d4b2ef3388c85ca94434b1e5d3255c77a2596860865bfd4c2ebedfd385254ead33fc7a23c32131be783ca6901b6f63996ca1bd94108ecbc1c29195874

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 e4fb9b839186660b1f729b8df8c994b4
SHA1 931792cd70ced4ad586f6329c30c294ebea1548e
SHA256 6838611c8ab6539005e11c84ca308158f89a51db57a62caf21faab48bf576177
SHA512 625436bb52cbd7df7ed03be05fea52c5d54b6cc15037d70c268d9598e648a22246db902b9c6f097ba8b18bd924f6ab17120736285d54dce13773237f1669853a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 fb2f02c107cee2b4f2286d528d23b94e
SHA1 d76d6b684b7cfbe340e61734a7c197cc672b1af3
SHA256 925dd883d5a2eb44cf1f75e8d71346b98f14c4412a0ea0c350672384a0e83e7a
SHA512 be51d371b79f4cc1f860706207d5978d18660bf1dc0ca6706d43ca0375843ec924aa4a8ed44867661a77e3ec85e278c559ab6f6946cba4f43daf3854b838bb82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 725d001661dffa8ff38dafe2f8045661
SHA1 48dfeb83775c701f8cbb6d1829690ed5ab8a7e11
SHA256 de837c00435f5f684273e280442971c4e281479b2117cdbf92f60c459320c404
SHA512 6f22cfedb25c8af061f159bd15f8424b97d79323f3959fed1761937e82313e7589c8991e7519e703fc319f5d9c5f292ef458f69568377883b26d9c10458e82b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 dbedcad6ab7cdacd94d14ebe7938a08b
SHA1 ac927bf437e68783d6c88c08c0ca77b9332b0d7a
SHA256 3c8c7e1211697f5152fee36f40de09614d2909debc48fc8339b6f6861daf2269
SHA512 7886f194232d52aaac7b0ffbc3f9125f5d2864266240533492130b87b7f0156d833beaddf0fab4b1f9fe73e890cbdcc23cb587b2a6d8991de77b1a31fdcd82fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 1ffb865904857f80ac8766c4888aa466
SHA1 b4abfcbd5f207698f796425b45336b19295696bd
SHA256 f7771275ae7413e978d4d4ac59711622a7293be3c3a7e7fd5052aeb122f81d0c
SHA512 e092e155957c589f99405d67fec79132a4751b029d3fa5acd8385e2f08286f81f18ad33e168dd7cdac2d445aaa4184b1abcee279db5b59669ad7fbc0938a29db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4c4c78d969e99fa428e7de18ed6c5c1c
SHA1 b8d367766c45ccfd158ac86cea14605fee97ec6b
SHA256 c43c31e7ccc778dee156211a27f8f68d8dc877ff6d29d3478460b5ede36ed475
SHA512 e111b224bd6ef68d31f101f03028c0ccf937d49fd107af218f73e6f21263f0aef417942f48c294b296294c9106117f727857cc2c2adcd5337e7df59b0269d4e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a62ffce19af0ccb8b35f7ed12ae51d1c
SHA1 da41e122f41091ee3cb58406327df6e89a2277a5
SHA256 410e03339b65f6dc86f75b78f1464103e33b4115cdf17c25abeb379778d1fdca
SHA512 32c982ccbf95076171cc3ab1a62343f1441a120ebe73d6b22693df5fa99ae6c7c4c8ffb8a63b0864580ce3df59c0078b154a46fc0f562fb7e9dd009a8daae266

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\097a6586-d0e4-411c-b596-abed24fa84a5\index-dir\the-real-index~RFe585f03.TMP

MD5 eb3d460e9af30b73d188cd2cef80356d
SHA1 0674656ec14a22734bd246bfd393b8679ef789ab
SHA256 a4a6900985c288e4eb5679662a8f6ed830e3b9b88172c6d1295d2ac278f902ae
SHA512 04dac40c20e09c69c2d565f798f2a3529897a90c4532a69c1674c637aa764192a9e13c332248306a623b6a50d50c365bef45c936852e5c5e97aadf927b0d0237

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\097a6586-d0e4-411c-b596-abed24fa84a5\index-dir\the-real-index

MD5 b4b2dcbf8b74781d64b3d034331e863b
SHA1 ded00c8b4f4341b56620e628fabda284fafa71d8
SHA256 4da4c5ab894f82686e5217deeaeb9918f5a8a0a8a660c951163e4d391238ab6b
SHA512 41d3ab536d589ef8408ab287458086fccf60780ac63976288705caed7de243f42f4c82f685ec3145e0b93a86b17d0bbb2fb37f5c892ace6e7eb4d7b59649334b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 954cae8cc4b49aafbb107b24f655de0c
SHA1 2345889b04bffa4f8a9bd8396cf7b38d3e6a0fdd
SHA256 7243bee8140751b078eda796b7b72b964f4d56edfd41b2d8e39f631d2c19d933
SHA512 c6263a0c08685a2f426382cb52d0e8cee9757591c8d9c5daee164b7c4a7e69d111ebf5729cfb428e263a6bb8389ed2a43bcfbb2e065a6d7cb3721c82cc4b7e96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e1ac7151cfd3777e160368eb7edec8f7
SHA1 e9ae5a3ca86ca3f6521d647f230aafccd12dd1a9
SHA256 4f85903f46054288f95835cda25412b1aefc7b1a0c991fdbfc899d585e24260e
SHA512 7bb8317e9c0e32a739e71d1dd3d493fbde525ec97b445c248b5770f1e6997713eee794676c011ed7c051d77a28c787648f814683896fac067667093b20c04844

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5764dd17-928f-45f0-9ebb-dd4bb7cbe3bd\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 76f787ab9a4d0e99c253ff3779243544
SHA1 42a9200b51a8d1af4793d2b346d0233f803ebebe
SHA256 d5e28869134e413cfd89e199cb5ece2d24fd5a9e3bd82fd9c2373177130b26ae
SHA512 82a3c588fbdee509c1b4331ad00b0022bfa4a1f7a7bfdda878136439bf6513fa0a93b989442ebf0fb3adbdf40aa3d31d61d1420553d325a5e4b408fac8dc81fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 6fcbc9d99553af671240cedbab34eb37
SHA1 5943dc3b0f7973986b6c4b0c29181ca59c28f04f
SHA256 d496c5d3fea7d1c80ea62964f46dffe3918f15d150631ea81a9c23a08259bd0b
SHA512 d61459f4f5ab5f29eed0f890ae7f596f2cd4cf182b214c4ec49ca969cc6fcd6e748482611226d4555b7255020d0995d66c3b1b4b977c0f254ddb839f22b4ec09

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 c13a4abe06af6a47d5e62517fcd4915b
SHA1 a2ae312b8e96890ae55f56c73e4e4c1afa96685c
SHA256 c0e700686718ba247defdde0846e7e45f7c2afe880e4ac520373094089cf2d36
SHA512 442b611fb1a9b330e15ef1c37ea42b1479861668a9e4233f27d6faa135ed8a20dbe9dc600cca519167897994cd03669dd2d980e3aca6f75bb3498be0917a3545

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 27d28e1ca9ba29c9692d527d8c9d5b38
SHA1 45470fd64bc00570d10b2baa537e82c4b6a177b5
SHA256 18eac61511697a508351592171e09505fa5fdd7eb1d4bd963a60aa493c15dd58
SHA512 8605fd6bbb6b714cafc33d05c02fe91f7b292013e53a84e15f4a1a75f5680f1b10d7abba900134860ad0f3b2d4f82a95b22caaad4f6421b5438ffa956ca22580

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 62648e6e3910199480832b555c8418a8
SHA1 870b6a7bb756b92f3499a20f3d3fea6b320b25ab
SHA256 8631d292e0c4e26adb84ef6a8635aac042ca4615b3fb2c610c66581093ccf274
SHA512 196bfbbd286b7567480513201df291e2295eaaa361ad77620a63fb97b2e657dcac50b34ddbda274a8070385d15359b58b8140f72e38e77ad78e01b543168c401

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 c516fc64c2ce2da54e42fa31bd5e663a
SHA1 91323242547fb20ba7c4751ba23469907dcf38e3
SHA256 23625b65966e0e7aee05db5af64384107139cfb3b23783e51e2d98bd6b7c8921
SHA512 69b802c19e43c72d0ba03b12ea31b9a4034073ef7cd9db7c6bf1ba649a927abc99ad08655c78bc9ce380a6ee48442533ad23ac44e2728252f040a20b598f7296

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5c0e788c974b6e76ca2c3d04397db8ce
SHA1 0601799f264d3ab625c021a8bbc2db5bacfbd19b
SHA256 436e4384f072d1b17d2581a19133efcacff6ee00df982fa0a628bf28f8bc9228
SHA512 d72a1fde2294776ea06d8c780d7c491370bb7a1799060cbd851c684b585bc91b908d8f46f435517f38eba5e3692e9d373e5f14fe010ff076fff67649f6362582

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0b6c8e0321ba76a61875dc91c7810423
SHA1 00937a55e1ae71ecc667e7f2c46a79a21b2f27e5
SHA256 6004e0b2098cf315230bfeae8c8a85650514359fd0e1d80908cad44142f1fa42
SHA512 71a627682477d16184a326c03d30bc9d19d315e4f14dd0fcc06914ccc8ebe6d451131173001869f2266265c3cdaa3d23808a0928a866dbb1020274d97c7c4725

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 3a3a7ffc78c765d0f1a1c77d074a1e14
SHA1 721149f242a0c7bd29b4536efaf3fdcd50da2f72
SHA256 6781848d544c5274403ecb874da75bbc333fcb203fd094f53d07eb1b96389940
SHA512 985221e5d0c2cc72a5df684f73a8f437e142f72c99547e918e9d5cb2b67b4e5b9bae65f7609a5bbae824f9730b1ebf70b614285c75ca2ad488d3218e2ccaa083

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58b205.TMP

MD5 8745a30345cd457d53ef4445b48df826
SHA1 e125eab288babb1b6eb9ca97af63d69b5af0f4d5
SHA256 bdccd22122c3d1981e2cc12495d66a11f395977bbcfc1a9f9802e3ca37599d61
SHA512 22e5badaec1cefe865f9729fd27e7c99a5ab00b72c3a926885d32f20bf1b452c066b22b7f43388b15af49c5c7156fe417284e995200cc979945551f085e90b26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 80e126b28551514a05a594c3a552d117
SHA1 a5234574b66743a175a67fa7642537a8e2320352
SHA256 6314102d7c5d22159fa3aa557bb9b612351789efb0beb38f8a6c5d0cf1d9295d
SHA512 638e679d2f9c897387cc9f303f7a957ed109f0822ea0e52926d178608e6b4a7c019cd6be09ea21f689938c751c0a423bb9806c9dce5dd90f00018335f8223b14

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5f80bc6e4ba375bcad3f6573acec44c0
SHA1 5694cf6cd786353489703f42c0991db768b71466
SHA256 2731444607734035bba50f1d8a45afa63a00a32cbd2f3a23c965def8cc171867
SHA512 7581f4e4701dada2398514ca038ed62e244f9f0416c50369c5e541c2e806f06598f1cc7fbeca16f6774cf82b9a7f0a7b70ea1ed3a22655a1212deda2d2395ab3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c6fb9f63-47ed-4021-a3b1-f3a1b82f3fa6\index-dir\the-real-index

MD5 0beee1a164b66bb6434773757124eee2
SHA1 cfdabd750fd3d8c6cb6519655b963baf9dc46f72
SHA256 b0d56047a6672bee2177c893e3451b2149d33810439bba03434a9207f3b87ed7
SHA512 51e9a7944de0efb65dcca90439d957cc012e2b3ef3d9d5e32e05dae28a723893424aff072394c153c06fe3ace5433529fa040844f3d1f24d605a6f9f0debf610

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c6fb9f63-47ed-4021-a3b1-f3a1b82f3fa6\index-dir\the-real-index~RFe58bd8e.TMP

MD5 ccc3b139adc814b3c02778e5191cf069
SHA1 169799843394114944bc6281fcf750c1d15cf811
SHA256 be7eb3aae2b1f4f843a08a6c7408435e5d74572214770aad7336dcb37d5490bd
SHA512 3d63f6afee8eabaff72b41453cec80c831da2d3afed28e551d75832ff4b5a65becdab039b1a1b62ec3d915b2563411b4b20fb14f2663775ad77e6219c156e786

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 712417f2693a5f163f1fdeebcfb1bc20
SHA1 4633c7cdc6990f4bf9a3fea446badc66c027cc8e
SHA256 47aaa98b6db98c12166f5c5d80ba0be695563d8adc4d7e611b3d6f1d0e4edc68
SHA512 2dedb20359fe89631b09315833a112251e2e1d62efe3358fac45c77ffdfed7afc04c11e35d23890197ccce97aff9ab3a9929b8de2bb829c03e7f635582588e96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a2f27a887547e1009daecf37e9153e96
SHA1 27b61089a92a9ec29e776f7136b8cc4771746ba6
SHA256 c3e14b37cc99e6e1a7f5b008235d18678cd95f6a7ae6b4dc00b77937423c7f3a
SHA512 616f31389884a95a9f99aedaf2d4e7745bb3d855b6cb10ebe538bc6f89e04a98119bafd60d7a8d3a7a34076b16e0f6970d3dc763aa237fd46c62f9100311f108

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 362908fcf862bc9dd6ab30e4208a9827
SHA1 fa2abae86ef728ba388de092c57e18f8fbe39f5e
SHA256 180b26d3d326b5e4a0afc2ddfe160bbd3ddd104769db2baf3d3a1b20f22f4fc5
SHA512 6448cefb75b9b674d4db5c7588c11c7b4037735e822c34a02b7741a5bfb30854f0206561dbdc87701bd005dea5046e345c6f3b48149e77de1f51894ab1292416

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe58e4fc.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c6fb9f63-47ed-4021-a3b1-f3a1b82f3fa6\ceef8fb853a0cb41_0

MD5 7a16b71787a4ad91b8c95f085de2bacb
SHA1 7ba4af584c13ac79ad7b71eebaa62279ee19fb47
SHA256 81da0b78753e8cf4d8c9a52bfad8c1983fda1567e50c1044853e2f7200a10cd7
SHA512 0464b238ab82537c0aad7eb7ffef39330f5092ba7daa54f9538c932cab4205c1b9b38fd63c9fd1ec81ff247c180d43a5602583a76069d892d87611833aea050c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 557a72c2fff4f25fafb73f09dd2fb3b6
SHA1 4bc6d54c2a4977948b01e6233483cd1f3e91fe94
SHA256 f48a3ab1af02a9f8096007315591a74aef552c5a31d895c2512a02ba67a7e24a
SHA512 1b8167dca7343637f4bbcb2112a75a50cac973148b2bbdfd0301f7405973141ddcecdc56b80991a9f69acc982b7d29cf639cf2b5f2b03d4011593aac83243bdf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 d184fafd758c0c9ff2d264c230fb0f18
SHA1 5a28ea145347a6b33550dbf35a851d3e854dcde1
SHA256 79ec09835122cf102d1eefa09ad5c467b3231c821f1f1d9fbc4f1b6f00ea823a
SHA512 1339d4aa69870ab3e05eb9eb27cdd3e9cc2926466ce84bc803768f2203c5687a8271d1fe0f283da2a2d637c2e1904abf7cfb985bed86183e3f29696fad67e011

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 053f68a722b31f7cecb52846990d6055
SHA1 b725e7ccf3b86ecd59899dec4a18dab695bf39c7
SHA256 3b691bde916bb34a69a2fe8e7b04d0fae3a825cfc175e164cc76b0d70f57c809
SHA512 9b791a219e3735edcdbb00f3b1f02aa302bc25ee668e6fdb97ff7bed81ec5cd7d6c4600754792e70a52e330f7b185640902aa0797ecd5352e400f0f99079a51a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b14da7f6cf727923a17690e02808e230
SHA1 46dd5ea58975c5a24c25973a40bcfc5210fa3ccd
SHA256 9c362b2e9237d8a8e069ed1b904a1bc9521d6a95cb1819f937693c5d8b69b717
SHA512 994923cc45b4a7d190952c1e2694e9842e0432fd53ae7691b501a63dae85f0edfc07cbc3b05ce254eacf4f5bf1fe7c9adb46794f312f0e6d31e31f240de84ac2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000058

MD5 e579aca9a74ae76669750d8879e16bf3
SHA1 0b8f462b46ec2b2dbaa728bea79d611411bae752
SHA256 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf
SHA512 df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6f5c45ca5bd4f042e82c55c1a7a334ee
SHA1 fb6cbe0abf7d3193016d67ce1ba061065a53cb72
SHA256 3ec0e9c24552fda0f0e979bd71d5f602cd6b00d76b7bf1b017740b62b1168143
SHA512 9c1dc212f4aee92f569ae1c8faa6a79237751258aff259ba389489016da5d9671a0aa7dfabbae9b3895784d7005b01f367562970c7ce17376c001c000aae04ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bb9d32c26a5d55594e5c72c1fabe92ae
SHA1 e2500163f7d8b5190267f0ea2026db3feca89048
SHA256 e6758a6eabdd5806ed094d395f1ee676953bfedf24bc8f3c88d5ed2aeaf0eb25
SHA512 484bc1de881dfc3b9c4c35cdaad40a143e45e24f0b2d854742e3cc481fe8213d4ffbe526795d07a6ce16761b57397706a82ca0e41fa4ffbf34f52a19ae302b90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\097a6586-d0e4-411c-b596-abed24fa84a5\index-dir\the-real-index

MD5 d4d23ad8d39678d336cc4b8df69fd403
SHA1 e93fab683dc03b100a7f161aa71275e55f7f7a5d
SHA256 68b3f2fa9ecacb606204149d7fd0555f5438e33c2c361054ef9c50b5cadabbb7
SHA512 ec1c9ecb234a45c3ca88f924f71f729cb74289590e3459f64cfe50db673054cb276f8143a2046707e20e7827e6280d5c0bb7a7281f0e6f6c4161e2f316f735dd

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 c2bedda8e675ade4bc6aebfed46fa0e1
SHA1 f4fda39e620c34b4d3f0d3e8936996df994a2cc1
SHA256 9d1bdaa2e497ef36d1c9d90b5d8d75db207732fd5b88e438708619d6ce431f41
SHA512 27a46fa99848cd9568a49ddb6519a62eb6c943328ce2aa405feea72de91a3b68df8b620c1b006cfd1e74c614ad84859f242018b2a6e0c9f03ac4a74720399756

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a707c7af228696018b8afef078550470
SHA1 f40e9df85bb548a428f9fcd55c6176d8a8ee279b
SHA256 a6e76ff77f2374df29efa3315f1667abff275fe11fd9f67cb553a2360d38d836
SHA512 0a8216b3af189acd209900ba8746048adb17623e1d223fae25bbf1d2e3cc0ec288b690f09a22965d841ce03481a8ad36ac926ef0f38633dcade48f92d81e2ab3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005d

MD5 8eff0b8045fd1959e117f85654ae7770
SHA1 227fee13ceb7c410b5c0bb8000258b6643cb6255
SHA256 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
SHA512 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 80cea90ed53dbf2b35eca507510a39c3
SHA1 eec4b620d41c84f688ad60e30d7fecfb53ada983
SHA256 13fe96bcc5e8a55161d2d84ebed57c2426251ed2205d9afcadb562b3ea712f9b
SHA512 00cd83c6279cfe11d504e3615f0aa7a9deda83870572dd51a70663cec5727645fdaee41ab4ff3d54c1a7994abcc8c5fe932ca7b7ce8e61fe5305cdc8623fde8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 986fc17e4211e7dbd16cc6ecce02fe11
SHA1 aee127015e9b0f3093af3c2f96e8ac7426022ff7
SHA256 09346f482cb59baa5d4467767dc437bb543ca93bea21d6f533e31d5a5e86f915
SHA512 aa33d47d1893e642e5f10516ae841912e6855d2b77977f07fad9e6bcc422586eba20a9636a672884192201c774a6f47cab45d44ebe676abf19c19a0a6b260dde

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b0a477e1516285e4cb85d247ca24bc75
SHA1 06a8a19349b4d61b9a0ef3b3e56776c5ed40dacf
SHA256 8d6e6c881f3797b185189fd6368f66413e0e16cf56153fc9c0df84cdd9eca492
SHA512 e0807c5771b69d227cefff4ce728f55bb4f380b9a2b0757bd76ee21a2390fd516db35466b1429ca2246d83aee3ff6997da89b61be36bd9ed39a70d896f119ce5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 7611c291df7729c3749cd3e11c164dc5
SHA1 41943408fbf741487df8c176f290a043eac47057
SHA256 62881c2fbc96e7f41d956a557412b6e2d0fb5687c26943495846a004e5b92762
SHA512 e8d65616cbe352f092c12235c18a79ea6e4e65c8e71a72c0d44d8aebc7311499bc21608577aceaacf59f7e338d2bb9175a1cdc6100f054fb67d1b4570f404d1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_goo.su_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 98dab982a7d58898ac075c73757b35b5
SHA1 1b8b9df30007fce8e8d82bb8b0b80d6073b7710e
SHA256 72f889dbad6291ad7d3276a7f00ca5e81a6d2e66eb13cc41456fb354101debb3
SHA512 d022e337fd79e769b02e3af15ab0a1380b5cb580a9b2723562d992111bbdb4d531729207773c79340fd76c51df8202bb81544874faf695db68c857624159debd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2485d37ec91792a8d2f0c75af18c0aaf
SHA1 3d634aac67d98cb424f4480c6601daaa8492ad6b
SHA256 0d3907a799580276186c4a859e8f51ba7808c2a2027686df94def02b8fc45c28
SHA512 abf55b067808f47774d30bf46ebf8d3300579d40327b48df06b7f74e7062ef28f767d2f9e1ef4bb967e2a1dbfada4d68aedef7b5d6b18d055a3451e9450b8f11

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000085

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 cedb1443fda5b884cd013ae61beac7ca
SHA1 9f1355c50520e30b1d489b21cb79af1787345722
SHA256 9a7fb42439665c86b00873f75ad1b48309f473cfc3d9316b5faf43d08bf18285
SHA512 d6ef5c3278f70fe8781545d1d76a72233b77cd698b610d992a4fe3ca61cee294d33db653c3fe63dc7a010d6e463e125a86b0d48b71d2dfc87824cfa9685e123b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 345c695015302594da8333d0eeb9c691
SHA1 e2ccea1b2e6472686461b0617f3eb33cf7920ea8
SHA256 13ee35a23c104bd9a4ad0e71b36ea1b7aa05673b84a8b9d65dfa970455891d33
SHA512 36148b167fbb96c119f64526fb971228e503920e8a4c58b74a754acdb634e0bea162bc821f42aa8c36320522df0cf327904b13d3177f238c958a1242b08d138f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b1b2954392608866c31c087cf0c3114c
SHA1 9fc99985717ff7f83f56c289968014d85677a6ec
SHA256 5925da410af3e47b19413cb1d649dfc1c3afdb371a636ded51a6ef57615975d8
SHA512 b0f01b4519d66c50e9595c830efae9d648c12e741beda5eab71e146495ace883a5a67fd1473ba6c3c720e46e5f59416b1f14084813cd79949680fe76a86ad70c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3cb3b88fcf7a9890aaaedd2d4256d2aa
SHA1 97740df907f16e8c46654d5b7f1fc7f8cb0641fb
SHA256 b695dc7ea81f29dd16558a2d8299faaa51a6cb8d153e6dd2adbfe89ac713a4ac
SHA512 188b496d795ac70454214961a275f834a2b7a560e196e08305753cdf12be07b3731fc08bc05a5dbfdb6b72a7c1a19a676ae83ab5b9bbc97a15ad341faafc99e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 04f1c54e976c281010aecc6cac7a29ca
SHA1 61a8db865db72bca964ba2fa01555797dfa33300
SHA256 0cc5027922a2a463c022c1fe5c80cc7489344679f7a106fddfa940cd6e34dd24
SHA512 063563c41df56c369c68b2bb417f35f13d1b3feedc587966f13185912bc04283d85565cbe0d7ce5c597159db8d6005b4478850787d2a3722afb77afb31537a26

C:\Users\Admin\Downloads\UPL0ADER.7z

MD5 e434eb96d086a24fbab8460e334b455b
SHA1 158cd7f1fc2673457a3a953127c41291187f7308
SHA256 91c0a5ffa615a7c62e7ca40a1038c65ecf8076301d2d0835c1909a30d7f858b2
SHA512 2fb734047316b6e51b238f75a943584d29f4f291c427054dbaff2d7daabb8c0c331c209e4510f07cda7db236c6fd4f106f570a4f5b6a9aafb531beacd85773ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 11589e80a00fbadfea2ead3cd52d8493
SHA1 decd460deb8ad68e12969ba88ec5d1ecb3fef5c3
SHA256 70ea28fb8712e9a415edac5c8226d7c51de686a6e505f767e45b7353aed68114
SHA512 9a582a23b44aa076fc1d8b5dc8ca608962ab5fc200c47a1ebe22ab07421956386f77ad61234613ee146ce51d5730765d37260f85b01899b978f3f326cd5dce4d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1a02bd05-3805-49bb-8615-38eda95135ad.tmp

MD5 e26b0c26f28dd4d57889558fed372997
SHA1 0e2c1ba1eaba4055f6e79c7febf11fa8a2835f1b
SHA256 592fd357e62425086c0238336c4a291d391c485dd31e26457d6721c69f4f2c9a
SHA512 84d20937d1fecbe4b05254ee8c6d902d92d2570eac43cf6770682438b2bb6ad3a14e64ebce1c748c4865c92b1aa8f6dd04137335a6b5c5bc7fbed567bd92b42d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 2b5fe9b60f9e5c4653369e97b672cb5f
SHA1 3ff94b3138ebcc063475f82f15155f713b905ded
SHA256 d837137d033d84a0dc8415dbd8d7a28bea7e97b4d437e2b9213119b8a8188057
SHA512 3f7ef09a4768339b9eadc7d49f449a8e8a9f7635adfa99257a73bf71080fa6ad49c65a6a3e3d9e026b4c5b91cbee78c40a44c8eaa4812d154737f0e813a29b56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 16f2969766233ef79c1d0892bef9cf3e
SHA1 1b4767446fa3965d0a3d00534f05eb9809bd5a58
SHA256 3102f06a3927a5bf4e19c83814add9d70575ef639f2ca6762a9197de25c86505
SHA512 2581c96d6e00199b67b668975aa5c91ee72de1ce33dcdb627682dcbc56fd6988be948d0c7bfa39effa42ccd8d0a6ccc02a109476d7abc012bf3f90acc5436187

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a1

MD5 6b04ab52540bdc8a646d6e42255a6c4b
SHA1 4cdfc59b5b62dafa3b20d23a165716b5218aa646
SHA256 33353d2328ea91f6abf5fb5c5f3899853dcc724a993b9086cab92d880da99f4d
SHA512 4f3b417c77c65936486388b618a7c047c84fb2e2dd8a470f7fe4ffec1ad6699d02fa9c1bbd551414eef0f2e6747a9ee59ca87198b20f9f4a9a01394ae69fa730

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a2

MD5 c03ff64e7985603de96e7f84ec7dd438
SHA1 dfc067c6cb07b81281561fdfe995aca09c18d0e9
SHA256 0db8e9f0a185bd5dd2ec4259db0a0e89363afa953069f5238a0537671de6f526
SHA512 bb0fd94c5a8944a99f792f336bb8a840f23f6f0f1cb9661b156511a9984f0bb6c96baf05b7c1cf0efb83f43a224ecea52740432e3cfc85e0799428765eefb692

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1d379c79-df87-4598-bf9d-bd7b43c2e2b9.tmp

MD5 e7e093921342457f702abb1d04f6d661
SHA1 eb66e3f90b1feed03344bb7dc8a8cf3785b69314
SHA256 51a2dcee430c98c6ca7908d079ad4dec98c88886e59be4b4e29aca3f1033323b
SHA512 610452764b697ddcccf40e4845bd42a91f6cfcdb080a8be5db35586c6c36f3658df9eccf0f8d654a0fff648b18e89808d0218edf8983202ce6184726fde197e1

C:\Users\Admin\Downloads\Launcher.exe

MD5 ac9256d19b11fd835e417b47f8cba655
SHA1 f1a946272d2197b9745aca1888f56a6719bea714
SHA256 9a55cf8d08bfb4668d4cf06b4938f034e3f097801ca756d2b4880d7b7e61b4a2
SHA512 2b8ab74fecc747dfdb1190578ec41ef47dae0aa9719bf8eb9ed867e00d348a40a3a314937001589ea6cb078fe8359597709540b997767b9aa2a4aa60bb50140e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056

MD5 503766d5e5838b4fcadf8c3f72e43605
SHA1 6c8b2fa17150d77929b7dc183d8363f12ff81f59
SHA256 c53b8a39416067f4d70c21be02ca9c84724b1c525d34e7910482b64d8e301cf9
SHA512 5ead599ae1410a5c0e09ee73d0fdf8e8a75864ab6ce12f0777b2938fd54df62993767249f5121af97aa629d8f7c5eae182214b6f67117476e1e2b9a72f34e0b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 43b482397225e8bab2258bf30ddad03e
SHA1 71440f0be389aac6999c514cbf81a83f007fc74d
SHA256 afe791f78a3bdbba3261ac54b29caedc38078194f9a1878b1b371871299564ad
SHA512 7c677433f0f70a2499084174e97e557aec60464843dde196f5dd565eb3c5107c52312390a174a51407f0ee892901c76be11a96246d78fd1faa8a5f745231c558

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d2fb26d2e392501a42618d5692e1dce1
SHA1 a63230096de5ff619f216a8f223ef255fdc127fd
SHA256 f7e068389737ffd0cf70ab164fd6ba9e9524369b9ecc72996e2496778e5c38fe
SHA512 5de134b1a9adf740b5180b260274b22e0c9e861ece7ada713ff955cb22e4702fd3870d986554d80b0d6c32227cd04fd8836354c092b54223312d0e141d9f425b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 4a1778a3911a95212d9c93a5418ac2cc
SHA1 8ef66a99ec852a486814d2956bcb56d34e3ac027
SHA256 9ccb853cd0ed77916a69e53ae229217335205f31619970b88317081db8728da6
SHA512 bbcdf6f5845b1fd5a11035b8b7bb1adfb733fb7cd77e8f1fd30758481370de71f93b0ac6504a9e14a58e2d358812c1dc9c4047e09a1e4420cda6de55a02524b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a6

MD5 6b5c5bc3ac6e12eaa80c654e675f72df
SHA1 9e7124ce24650bc44dc734b5dc4356a245763845
SHA256 d1d3f1ebec67cc7dc38ae8a3d46a48f76f39755bf7d78eb1d5f20e0608c40b81
SHA512 66bd618ca40261040b17d36e6ad6611d8180984fd7120ccda0dfe26d18b786dbf018a93576ebafe00d3ce86d1476589c7af314d1d608b843e502cb481a561348

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e84be8154aa978d5cddccdc8312e8821
SHA1 759db3ba3d61d27be5cb209d82fc3d99dd68e1f5
SHA256 2fdfd7d2799c35a9e3a87d4c2ceb8a6eeaa336fe6e7fea9df992c98b00d361d8
SHA512 e0503b1b56cf5c23811d3e6d555e9391438d37c53acc67a500ea8b02c7f3fefe97adca4b8aed444991e5c04b4e87e3eaa2ec8e7b16d0c4113a3be9fe050ad41c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4593f6505ece9104ccb22e8eb238407d
SHA1 7cda764fa6f4da6db2e2560f6dd71c81aee52dbc
SHA256 471e7715a97f0b93d65ef7939a5d701945d1b59d07fdf7efbc36b5197622a235
SHA512 a4205ed93b6ffeb3e1f88381ae69a300410c9cac7359e05a56250cf84ac00158372748f7833d05db4f829c6ab3b5805c5e8c7a7f9969243364d13e1e37b8c805

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4b4a47dbdef91b3a_0

MD5 40116ace7655bdc34c9e6b1aa42f3584
SHA1 77947f744c6903d426f35e922db6ab0f558c6f3d
SHA256 9e50e04b104b177baa6da9032e5445a9793f382d8ce633a92b51edb47df38810
SHA512 15516602566fd4b2a7d48afe06f35c318ca4ef3af604bf18fa36830175936d6ccc4db943dd10918c4190d30a66dfa8b78b503c3f846654d5fb7fdc088dbad526

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cf1ec5a30587b0b5639d4ca7f63bd4db
SHA1 2dcc81119fe44a578000683dd72782eb589e9332
SHA256 0dfd4d2a08ef11a001937436b12ab0d5188a9017e9570d01e5097a35b8ed3494
SHA512 e01c5428fea2cca249437b54b158545472f020738a08320694b3f86fa4763bb9c4d4d81fc3d3766ef452e0a7a2d652d0199aea5233642c9f15610c19fca45bbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b428df6490510d3922a4577bc9c0d063
SHA1 91498241ac133f1e3c2aac5c22cbe2bf7017abbb
SHA256 f24301b5f47ef551d752dfc47c9febd79fd2df039f42b92e9ec4da5432fdd25f
SHA512 3b0da9ee84c2c717c3356a761f28f89797ec179b1cd8080ba9b94ac525279e197079b8d72d9f0ff49f75d3f7930eafa6b52cd61790c036ba5691bb2429d2bbe6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 2b8b36c8b56df668c635a204c351f747
SHA1 1ce31b09b73fd11cff825f6636c976b02dd1c4be
SHA256 8213d1b8d433418f51380b5e6963211191c7340f24345c348c75f38c4e1196eb
SHA512 7c2af8ecf2f00c84927baf8d40a950c83e9dd3a1f401683616e70551a1031f8c0e993edcf4fa12a970ac2aa319a99e75ff331dc31871d55c146ebdbc3d5cf7bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

MD5 e3d3cb2a9598ff03964f733e26f42dc7
SHA1 e993ccd44f35c4f8ef35dd85fe0ff07aa8f24e60
SHA256 6ef63b9d1324d6f80e8fe072e5a93c79eb9c09bea1f0430023419eb4d8348c69
SHA512 f3df496d1212e4b514463e945773ecb2b34da24c8b084002dca14b8023f5516a204f085b2be29bea31cd0bb624cc951e96ee2b27cb8d07a2db1312801f5505e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f

MD5 c53dd63235d481dd90673527c48bd94f
SHA1 bde75df21773bc40a8b4f90b2ff60e453b4a17bd
SHA256 f27c95f603805c7550a91c14c0a4412a5588e365c514c1b1a82adabdaf9dff6c
SHA512 fa3aff30e508d8089ec22c5ede52bdefbd50819f8df831be2f985c83d36a7629732ace7e1fc2c66f02f1ea81785ced5a7ae1af4fbee1ac03b12c886c58bdb9ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d

MD5 48743a670fa866d07b162f046726b2ec
SHA1 5f180be674c56c4519f531f0796b5b958c20127c
SHA256 9d436fc2f3d4ec40a0e3ae981b315036ac944d2347995d37c27b059db59ce966
SHA512 cbeb13a3ab5e6cd811bc64a14304f389d56de091db12618d62fc223de96e686545393eda1fde83ffea24468ff77953054b25a4a7a87ae2d9f61283c3ec46f69f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050

MD5 971b5e45dec43690655a65f2a6c295bc
SHA1 88ecdfb6148c22c8c84afc378bce1d347cf55617
SHA256 4681a3c80bbed0e490f4ca3e6c0f10c3308d38afce91788b93b1dc0f94674d11
SHA512 312975ad26860b3fc2e92fa9b738e54d464c9306b712ac29b2f01c43284249833fe3b324dadbf0b6ae803033a18d2140502f04c72a253290115f4932a9f01fbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051

MD5 959417b6da80521c9978331ea1a05e74
SHA1 4be10390173d0776bb4cf75a9376427e1121d8ec
SHA256 617d60bec28ccf01696d811c4486881506cc770fb5bf2c1c50582999508ccb0d
SHA512 1f7484b5346779ce86311caf3e367d48c0cdcb5e7d57d0a9288702772eaa424d7abd1de032c4c60a6b1c4a483bda62fee328b4e6ee20efa31bc725bb68ab5220

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

MD5 e1db7746ac66a8e2a253af2770ee4a83
SHA1 5b5ca494a5ad55aebf7839202c0143d5d72207f3
SHA256 67abd0fe650fb538bd99398329b0a6b7715f1261a9dd8836796a815907868b3a
SHA512 6b0960cee981395dd4e641291ab44d81fa7640de5dddda731e6e5c78847c397aa87138611818844e0ba9230fe08ed8c9e558d0b5e58c323837e95d9989ed6b89

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\236168d2388f2118_0

MD5 b2de220563ac747dc6c61c93d5bef013
SHA1 dffa4b31d617ea6e757665f4b5b33642d1de3cfd
SHA256 9f5a668a1dd4953b6c4818b8d6634d48671cd61038e023a1679a86dc7b3fa5cc
SHA512 cc46caf99312749c3fd719a5e9c4205c22ab61e4fe0c113bd5528dd2c59ded5e1778d8e014bacb56840f76dc21ba1ad8c84a8fcac0926b68030ae20f73f35cbf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5da0d7444415238d_0

MD5 98bffcc045d789c62991a17a7662364e
SHA1 8f0d1e2348e20d54eba51d82c6bd6f97f0b1f0e6
SHA256 c586411bfca603435901e9e52406cc638260e8bd697db28d2554c4a110205088
SHA512 9e3b0c30f320c33f92a7decdec40af18dfc17fa49e63197d458d5c27a0129e9dbcf61956bca06339daf0ce5cb5302148b07437cbbc2f0bd705d63eca305ae17c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054

MD5 35a46116980c974751122a331d47fd84
SHA1 cd6e9014e38596c681641a27706124b5b69f86fc
SHA256 ccab92b9bfa43457f743cd83e454bcc63a768deb352fbad2d06d718eb2815a66
SHA512 aa4f484d3ca65525d5613243797d7e025e552dbd4e68bd9887d88d32fc6928c13dd7a47e8f97c77436924478d451445fa121d1bc1958a0ba94a2a05159345048

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057

MD5 e905a9be581b8c837c48020af6c606a0
SHA1 e00c1833f1c65b812094c149b314800350f54685
SHA256 58180e3cba5a736e1875c690b3a756dabc7ee19960f4c66a692d42e5679c13d0
SHA512 bcaf31fab00b69fc58aef04efc77c1e3786cd46e294b67ae862eb6e9d29fa4515e884ba6e105907d1e50593ad8220ddcda428125cae5118383a9bb6ceae2549b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059

MD5 53436aca8627a49f4deaaa44dc9e3c05
SHA1 0bc0c675480d94ec7e8609dda6227f88c5d08d2c
SHA256 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
SHA512 6655e0426eb0c78a7cb4d4216a3af7a6edd50aba8c92316608b1f79b8fc15f895cba9314beb7a35400228786e2a78a33e8c03322da04e0da94c2f109241547e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a

MD5 21894931796cd6b921b959ab2c91f411
SHA1 9a5236066ecea3800d2b17572b7725c98a0029cb
SHA256 0b698b2fe63dc0e9174c4616de60a256050d168bcb752f51b3517f7946570708
SHA512 3f3d159dc57417ba65bbe4f57386094364818cec63e7078c811fa25a717ce0ffcff8e1ebecbb0cbe81089bb80e8f1e3f808a2480b774dfe21efb86bbe3f9f78e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_1

MD5 3e9985450d273fcaf755ec2373f012c4
SHA1 267076b4d8887577d299276f753f91d8b4aed1fb
SHA256 797e4d6f38ac78da296f55cd555aee4f64847c4d81435306391cbe32194b67c4
SHA512 b8bee14f1207ecfe8263ae0e817a288a3513106c450d153f679d6ef9f4f20ee36a42154655d3006707e963b64bc4254c495a87f02fbe4fc5ab4953cdeecf2b11

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ebddef37c3a5054af50e338917e5a969
SHA1 c3c7bb71a10549efd083fff6338b6c69007dda4a
SHA256 319a6295c610d133e2380e1e2416c5c7b29214b0c6c4d9bc09906c79778c64c4
SHA512 3d336c7741bdcf5c0e2dbb7b56127aa3aa20ea7f46215e5dfc67de6ac610aa6ac2d12c352006276ebb6bdc3d4e449377ab55d469f48e85efcbbd3f5add88b5bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 2227a244ca78dc817e80e78e42e231d7
SHA1 56caeba318e983c74838795fb3c4d9ac0fb4b336
SHA256 e9d7b93bae57eebd7019ac0f5f82bac734b7ac3534d1fa9bdba6b1fc2f093a24
SHA512 624cc23d4a18185ae96941cf8a35d342e048476b0384f0595ec1f273e19163ca49b17b14760628eb9da9a5f5519d4671544669fb08985c4945faf663faf92e12

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 55a93dd8c17e1019c87980a74c65cb1b
SHA1 4b99f1784b2bb2b2cc0e78b88c5d25858ff01c5d
SHA256 4925dd477b8abf082cb81e636f8d2c76f34d7864947114fc9f1db0e68b5a9009
SHA512 f9ade542c593067dbcd13ed94da1ba17a84782575355396db8fd7c28aa70a3120d0c0a22d3ca3d2f0774c1dcb06b9319e243b36001c618c92e0af25cb9c8e46b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 382066c45c0bcd0dec5403492274c6b5
SHA1 df8fe723405dc8a94a503216df23e1d67277cc1e
SHA256 9bd0ba67f98ec609bf06f7abdb3483dc954616295ec54cffe473019970498cba
SHA512 6f5496afbfc8cbbcba42569466e6a230b81d7793b3130bf10f4ce9100d2b69727ad3c7daa6e490abe3196ec7fe6e1a5b7b3c590329de6bfb9fce8fd724a715ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052

MD5 8e6b39360141f3aeaefcb262fc874b96
SHA1 a9a3e9eb1647dcdfac99c2305a4b287ddde82d7e
SHA256 628de99ab67e91f3fd81238a0305f0a97bd2b4d1266a8e24f9c2fe6b931b4556
SHA512 89192d1322d48d0bdedfffafaaa06e7db3cdefd94a2742551374c88f7ede9241d5c5e57be122c2a1216710f23a36a6c65f028d6f541a745525309b5effdcae9b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 32f646bff65c879c847c9f26b50640c8
SHA1 cafbd9ed0f5e0123817df0fdf2b0de2e36c23a01
SHA256 a84c05c5b99b0c6605b53777b7408b9a405f0180521a5f5c0763d8a2a6d46228
SHA512 d4cf7a3664857ccbc6dec2723c5da31386127e396964dab768cbff99de4260b33ed8700f96fa90780992b2ed355e6366417fe85c2a2b03199f527a8353ae66dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 112ba98b9d10da1b0c0cc9858460674b
SHA1 0b4332fd0f25a19181bcf8275a478a93a4896ba7
SHA256 6df791c17ad41d2c44f9579bcf6d82d1e00798725da0653503f4f48b05ac070e
SHA512 1618f5a3bc48cce669994e33ce84eb589db5a360c54653fa649d1441818cebaad77c78efe87b821bc77dbc14db6db2c796ac2ce1d5932ec02f68f8e5fb5e926d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 87385375712dfb6a64450e09ee1e30ec
SHA1 248452651f038ac3eeabb5c5df6339605a258cf3
SHA256 f4a3693207803f69c4918d1140ee66ecad30d78552b4daff998404b502e96777
SHA512 af8389f43c226bec21e38fb931dff89a306a9dbba3122b18d13fe822c5ee78c8f28fd2a5856d762b027ad40c639c0b4d372e7070cff7e48ed75e20dfa4b89ee0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

MD5 89588bb9d1ad6d1c362f596f36fb9c81
SHA1 14df226ccaad848481f0dc0a64f69f6ece7f22e3
SHA256 ec7e86cdbd04610bc585d648515b5c88acf415a4a62b6837c5f3f85dd5d987d7
SHA512 af7f4fd6aca00620c96df343d52b86a80ff7646e5e3d30fddacfaa8e0a0bc83d0da753c446889b6d9b6f4129429fb59ce4e8c54a145bf964747587547dd63c15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 6397ba9980ad68b92277929245b4ec4f
SHA1 47c9527509235f9790766851bd890a9966641fa7
SHA256 d9e73845b8a5784e0c4fc71308ea095a29fc2f677b0eda050c9c7dfbb1525602
SHA512 715cab0c1f2cf236c17ae17afeb1976568298c3dca76fcc3ed5e154f30348da13be900e37764db1bdd00528b66692c0f3d95708611e150451a0113d7526bf944

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 540f2cdda0ba02aefea413408222fad8
SHA1 9558f91c7b18e9622802da70d317a5d3df903b17
SHA256 4006c715b8696217bd1e1b4b323db197a5f031462a8f5f809d8aa5aef865c851
SHA512 782e4cd1e486e9eebd469f341f211404bb09a1199d73cf0c1fda4225c6b2221d1a5849f06b2044fc4c9beaf51cb13175b45d85cd536ffcf9ae3dc1d996909a46

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 adb9d9947e523296fe920a09ee4335ab
SHA1 4c14758759af79e9b7a1c56af6eda06ff44ec98c
SHA256 3466bdd26bd9c4e1b76a8e77d0aec7ffa7b5d31f8ea2fce943a15b1310de68fc
SHA512 172e5070647dab29d407f6574db3483516fc2cb47dfd46f6d741a5ab551e7999b6ce2c807b4dd4f5a55fc03aebc583f3e8a3b759a58cf9ec95e74217791f8958

memory/1136-3280-0x0000000000400000-0x0000000000462000-memory.dmp

memory/1136-3282-0x0000000000400000-0x0000000000462000-memory.dmp

memory/1136-3283-0x0000000000400000-0x0000000000462000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7bb64e7d54a1f4fd8f1adeaf53c7690f
SHA1 f587704a7246c77c52ba1d5f4db912ab40bd7547
SHA256 cb60ba26c14a02d88a242b98af8593c46bc5d5e2e0fad839a356354ba9b7faef
SHA512 6e43fdda8f91a63fb9709b7622aee057b24aa3a412057f17009fa07c25a263fcae8cf6efb4b516ce4732bc220626bba3134decd5ead533bdfb0a7cfbb40b73a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 58cd6f70cde96a3f3943fbe9ce3acd3c
SHA1 7ed7acb8b6768868b824bb7482bd673c9da23622
SHA256 afc9e86772f8be0c2282cd49336f140d590f247ac1a7430f9fe5cd2f50efad8c
SHA512 ca4a2688b445e8abd5435ca6a4d37c19aa0974c2d546543c43d86c54f4f950a70fddfb3ea5d3686f253eb6d3d4ede1927db9b79597d0bc39ef39ec7d6e4f7e36

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0697fc1ba44e2112694def5c3ea191e1
SHA1 2b0630e61ed82f27d5e4972f9915107bfcd704da
SHA256 abfb8fc0c9b8930c3b0f3ef1ae7846028aad8061c098043cbe871498779c6d13
SHA512 95d7ebbe9042166750cc35619d006bdd76c199267b7ab42fadb6792012d4d632ce0d7365beaaaeb633a290ec31a4523378b80744872905ed893b508cf23bed13

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\datareporting\glean\pending_pings\bda3ff56-ee1e-4aeb-a4b4-cf8af8e99468

MD5 45e78eee7908e3837f22eb89e32a8c88
SHA1 2469e661040409a583790a4be102d91aff4db2a9
SHA256 70220c7fbd9aa0331891c524d09426c31f6dcf6c95df7252c89fada7128862a9
SHA512 288f3f18cfeed10507ce679d4bd64da133d629e9bfa027b714dc351c0641624365f20332056c47b6a4af85eeb048a9be13325c9015caea5746d2c0b4c0fb31fd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\datareporting\glean\pending_pings\9dca569f-542e-4dd5-bd1d-9d8786052031

MD5 2e1a6208efd6a8b88a8c7fa47d578576
SHA1 3a5f5eac02dec2425ca8ba4ef47f0be8254fbf1e
SHA256 441dfb447bd0d54e14f05c024cb9d61206841892fa354b575f8c0c20cad51980
SHA512 4ac9c9e5aecfb4e0bd2ff10e11f1200ebf9cab1b7b2ffe3bc1aa72437084dc42db29eb9cd923801cd21103fa17c7008a29e9373d725ff60b75cc5bad7decb12b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\datareporting\glean\pending_pings\50141e28-ca21-4703-8c3e-e25cb280a34f

MD5 26b2c8b407b90af4efb106d9d5d6f971
SHA1 7b2e92f4bb556526ad22fa7ed85473695cce784e
SHA256 c4f041c621b332bc314c512d3dc291e5e8f706932fb252bbf16645ea2fc236c8
SHA512 7aedd37f399cfad970c44edf368c02062f395e4e66216e3a664108afd93c25bc8bbff3adc33b5c27dfe5b08d87822222a8402372bd4ab5085d73fd3da9d01447

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\datareporting\glean\db\data.safe.tmp

MD5 41890ae37f290642019639dcdceb8928
SHA1 7efbbc2d88758d722114853ed72ce005c5bb855b
SHA256 000daebd03b78d525f7ec1e9ebfbfe9f450e8ef76256f814fa8c7662c639f5dd
SHA512 e859a598390e1fff3e76f27cdad160ec3df403a3d18591bbb634523049bf4b35ec7737c0976c71bb4c7fb7037c6d3729878344240c7e08f3686018e9aef268a3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\datareporting\glean\db\data.safe.tmp

MD5 46a74a16c26cfa9f6384dc6d4d86cb6a
SHA1 7b133b7e5cbc5085d14a57a8f63ce54b87d895a2
SHA256 8997e30948dd43fc740d4d0c3837d4aae954617b8d5e380eaa44530edf262cf1
SHA512 b7ebb56d0e16af87446593330ac1b8865d5631eaa5fe4d4aea60104d9e20138f0715fc5de6b773c882dbbde8e400587651ca7a29db6063d6bdaf0aeb853cf476

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\activity-stream.discovery_stream.json

MD5 1b624a08a501ae6700074967109fd63a
SHA1 1180c0cf5d75ba0460b9eeb23e4f98165063061c
SHA256 6f2c3144b97f6d79fabd4024b042ce165a3b1335828dcce8ace92e62874d657b
SHA512 930488e811b1d71f85a8fcb1f99d1c6e27683d140cd6a886573c2c13f3a59f52a549ef749712cf3dc3c4ea25a4cae54c595ae6e805a924d1f640fa5c01b618d4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\datareporting\glean\db\data.safe.tmp

MD5 0b20a46c719bdd91d4ca4d58681ec272
SHA1 b68bae13e1f007835dccc82380019dbece181ce6
SHA256 88bf58aabae8ea1aac88d42f5f066a2623577e037ef119c0f143ca0b2d678bcf
SHA512 93d9c21167f3d476322c335a623129f49919fab20976bf8049248eea5e1b72494db1de3fe4738eb5fe1ca220260687cf2973c9ff34e1fed8b8fc1db73c4da925

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\prefs.js

MD5 bf53d6a05cb02919a74c24436e2da5fe
SHA1 fc72b9b69679b6aea1638d2d009bb2a47abbb386
SHA256 70d8e702c86545860a28ef63a47db87510610c05beb6cea64153ba45bf8f6c8c
SHA512 2afdee0e8f4de23db8f2e70c1cee1660c1aa7634c2d0c8d7e849bf817f9bbd5dd99ead8615c7e5d5806ada24d23f0acdc8435ef8049e82a5ebd45589925f769f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\AlternateServices.bin

MD5 374416b84aa79758ab23a39d0139365d
SHA1 b0293a88b2301d27eecee32271b843337638a7d1
SHA256 1266754c16e0751f90ab1ce3ae190eaeee9293bf84bcfe8200f6c687a37789ad
SHA512 587e9e59bc29186228b967d0747036bef0f66bcc2de4fb0225b3c19a47092c917c8a9a6d688e20828476004ccd63c5c3ad81874e705bc941371063054c6f58be

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.virustotal.com\cache\morgue\58\{3e38d624-212b-41e9-b00c-a89ba530733a}.final

MD5 fa27a47c59fcdce20b1db8d294bb2870
SHA1 d05361a91e67d1be56a98f1e10216a35db6fdebd
SHA256 d4b3b7aafcbc749a593d8eb9c9066d1a026b05950c36966571a26a4179a57751
SHA512 a8623a694046ba408fffb57d7a9199f764af6df9600111d8b683dc5b8e0ebeccdd905ad5e11beef8e419c7d6c2922d61d938e790ac5b6476fd63e90b622582ba

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\prefs.js

MD5 357adb0c83b581ca79dca43c5562fe11
SHA1 a1fa4be930b124a8b846a8f4e8894bd1361abf96
SHA256 42614e96b7c63921e53bb3e48b35960796501de7731e3f55104bddd79d449993
SHA512 5290d1182abe5db31f11363a8d0adcd291d24e8704ec395279f9a845ed4eb22d079933f91e2e96234bfbfa6227b4ed3b64adbba95443661c8563e2de10af5202

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 e0677251bf7df8f8058c67b6015ebb3a
SHA1 cc03737d6e918763f8707135a1c1ec92541c0788
SHA256 0d8c0e9f47b1ab5649d5960e5038ae7ca44fcdc3b73755467ef171ba42a9ae3d
SHA512 f3f45a19acc5d809b0461aa7063f3c4648bdffd3836d06b722da9563269466cbd12018f356efa6467220486bb4d3c5d9948f54376f1f2b3ea3b0ab62af74c143

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\prefs-1.js

MD5 6eade10cda0e0b9abfc09021b8d7b35f
SHA1 0bbb78b0bae5b85128926ba6b0443abbbba3a93e
SHA256 75b4fb0e50e29bfe7dd3ff3c2e261b19a61b952f3ad1166ee360eabff871a22a
SHA512 1be7f688aa1a57fd5b2784fcdb66bff86e4d9d6f1ed70f60abf72bd84cf1cf01cfbe7c3a19266294ce89c60573e32c23ec7ee26e7a8d87332fa062b4757c8ac9

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 09372174e83dbbf696ee732fd2e875bb
SHA1 ba360186ba650a769f9303f48b7200fb5eaccee1
SHA256 c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f
SHA512 b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

MD5 2a461e9eb87fd1955cea740a3444ee7a
SHA1 b10755914c713f5a4677494dbe8a686ed458c3c5
SHA256 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc
SHA512 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

MD5 842039753bf41fa5e11b3a1383061a87
SHA1 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153
SHA256 d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c
SHA512 d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\AlternateServices.bin

MD5 3c81756d4ed6b3d1673e4f2e30f13cdc
SHA1 19f79711e0747d4dd0df4fa4e5a82542cae39e21
SHA256 d81f39524afc72c9837455549b5a78096364a0ec3f13a0e4d0b844e134108ec5
SHA512 c7f9aef846f0f8ead5299c9d438c61de016ecfa67d1b9e97b7be9cab5e64456d20cb49c7084587b8126579c723f32ee581bea499e27f913a15e09615f3482b67

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 0a8747a2ac9ac08ae9508f36c6d75692
SHA1 b287a96fd6cc12433adb42193dfe06111c38eaf0
SHA256 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03
SHA512 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

MD5 bf957ad58b55f64219ab3f793e374316
SHA1 a11adc9d7f2c28e04d9b35e23b7616d0527118a1
SHA256 bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda
SHA512 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

MD5 daf7ef3acccab478aaa7d6dc1c60f865
SHA1 f8246162b97ce4a945feced27b6ea114366ff2ad
SHA256 bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e
SHA512 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1

MD5 373c2cdbb8933486c9f298c03ed3269d
SHA1 ebf3a0a328b5849f0ed3bf3e3fba52c65fce1f7b
SHA256 43f41300a5e0232a9823cc81009f4b82799c24c1eb8fccb6398f5ba9088ef4d2
SHA512 8a28b4cb906b7819c41495404c01aa8dc18473eb7eb5e925fb2d772c335dc16da5285a76e843cbfb5239fb8661dfc4f28301bade2c4ddc0feb252d75ff6f4e7d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

MD5 270e5c26f074600128153ab463d7dd80
SHA1 6f9e2989fe6ea7dd64821e80cbf1355a08b4739f
SHA256 c8b2bd6f6ac0993416282f3056e56cb2916e45cd9fd4a954a27a728218c14bd7
SHA512 f40b4849a6d8fccaddc01e29a6a7cdab02425467bbbc97ba67d878388ff945515d0daa8b963e21b29bc5a0bacfaf34a5f3af4e437fa3ca038d65a39cd340da9d

memory/6196-4104-0x000002E8558B0000-0x000002E8558B1000-memory.dmp

memory/6196-4106-0x000002E8558B0000-0x000002E8558B1000-memory.dmp

memory/6196-4105-0x000002E8558B0000-0x000002E8558B1000-memory.dmp

memory/6196-4110-0x000002E8558B0000-0x000002E8558B1000-memory.dmp

memory/6196-4116-0x000002E8558B0000-0x000002E8558B1000-memory.dmp

memory/6196-4115-0x000002E8558B0000-0x000002E8558B1000-memory.dmp

memory/6196-4114-0x000002E8558B0000-0x000002E8558B1000-memory.dmp

memory/6196-4113-0x000002E8558B0000-0x000002E8558B1000-memory.dmp

memory/6196-4112-0x000002E8558B0000-0x000002E8558B1000-memory.dmp

memory/6196-4111-0x000002E8558B0000-0x000002E8558B1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c9fb8bf502a937b12d55bb79e07812ca
SHA1 4eb0e30ac381acfc10533eadfb82e1ba9e19a87e
SHA256 e1606fb697045725be4b8005de34578e68208180c4bf97ed33aad88ca8b4aa7d
SHA512 6e969f733791e3df87cd8218c6ce6c4914d4908d383439ea3a18279db58599bdf45b979f0ba933fad6932e3975c3d09c8b8a81b86872e598731044a25cd4eb24

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 044b8dbd8588e8d2981aca54d8814e14
SHA1 e8fb558650cc163b9a8faed7a26b81170055e092
SHA256 43c1ebd39f6d7ecfcb883f3f018b2dd239f8b741790c53ab1b95a2e120cb9005
SHA512 100bfb70c8abdc290c73f01f1f45f381c99d6218849a564712b95e4a7c7f899836e0edef3aa4b3729506205be57aef21078092f53ba67cc0cf1a8766af9adf1c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 e2b7c10538bb41135808abe2aeaaa9f3
SHA1 ad3abfaa23798bd1ac8ebfdee33f806af16c7182
SHA256 2b5b231fc0c333c9f4569fbf7d9ad8aecb23bea40a42d1c0c490c5dcf14423d8
SHA512 9f7c3ce60b30fb54ac270b6a49c2d05f13b03b9d4622c17f66957e4f10ad2496961000b458a318b95cff55264ee1c4d781cb5739c2724623032414f200589250

C:\Users\Admin\Downloads\winrar-x64-701.-nKR2rc7.exe.part

MD5 3a2f16a044d8f6d2f9443dff6bd1c7d4
SHA1 48c6c0450af803b72a0caa7d5e3863c3f0240ef1
SHA256 31f7ba37180f820313b2d32e76252344598409cb932109dd84a071cd58b64aa6
SHA512 61daee2ce82c3b8e79f7598a79d72e337220ced7607e3ed878a3059ac03257542147dbd377e902cc95f04324e2fb7c5e07d1410f0a1815d5a05c5320e5715ef6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 190c721239774fbda452a018917bafc5
SHA1 cf57299e08bd91c749f91116069eecabaedea2ed
SHA256 b860ca2aa9fd6c9373f46f24b7997f37749b8345135fffb659fdb5bcca86fff7
SHA512 952324cf5a018ade584d0a313bbe398617a6992bdb2e27de5cb2bbb3017e8d1b0efeaa1dd5924d3b1dedd1fc1c715e058000468cbb3d703693ae6b26f25b29cb

C:\Users\Admin\Downloads\rar-android-701.qCmTIQ67.123.apk.part

MD5 89ebe58fcfe3ea924ddddb227119dac1
SHA1 fe514fd48b4ad5f5700d17eb9a612be9669a42ce
SHA256 d3298df9db2759c2ff7c962ff8ada40f3dc988cb0061906bb0407384d2820956
SHA512 2c150a5cf2b378b392016446060059374fa73b448b230416ea19a8f9b85b909073ae5f2f67202e270d5483509679df73a97502ca315f24005799674c21e12c21

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 d5ba8677041f98c61b4a8bebaa7b7ece
SHA1 88d30a7edae09c9d9dddb800261f45278a5fe9e2
SHA256 e80ab73fa51b353e8b9b083d144edf191d90c4ad9ba2cba4e945e019537c2666
SHA512 6ac37ccad530bb5c2967e7f6cde40446b605c03f30ea366e0362e1b7ce3a75b31ae2381815d0d59123dc5a1830a030359b9cf5894b9920f18938bfe4fad607ea

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++download.cnet.com\idb\556220133rrae_su.sqlite

MD5 87eeec5e5f1e0ccde3bd95ff828e51bb
SHA1 f401b397a8c3154218f28badb87e3abec798b90b
SHA256 4e4fdebf05ed984bd771fbb9fb38b6f7674284401ffffda78a6838eb0a41aedb
SHA512 0a01083c3bd03683ddef90ab0c1313931d4b9eb7230f23b23fba2fadfe439de0a7f60bf1a57db64755c0c808f609731f07b5c40ac5bf1a506fd727647d61b4ea

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\5AF7D63199C270C14C872B3D4F498E63A2CE341F

MD5 8057def451c04050cd37942472577ead
SHA1 165e94d668f0de72517663292317aaa3abf85fa2
SHA256 c7d2d1a46b6540b80cea55c3cd5beac45cef5cdfdbfedd264f47ad7e4ab6d129
SHA512 4bb8435ae3305dfc3847175d5a81626b5c7ed236a11a7c81491d922cba93c7df160708e272f21da2add4c9bc954ab6f0331e070e347928a0e77b7c39b52d5df9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\E6FC0B255E6FF65DCA0F8DF351D14498A928388E

MD5 763c58425d67a22af1cdeae30dafe470
SHA1 c01ece25fce72d96e5296e0b37eda0cda81d080f
SHA256 48e99260cd0db2fa723c24b6575f181470e4b238b177f8022077b6d2ad12a595
SHA512 bf777c897d8eaeeeda558438562a0b06d765ab1d1cd9519e6b4e762ad252600b9f8d3c6aad1d3915327401f917dad57e09c3d1221e72b670684d4bf197445e28

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 4346c639ff5d1916d9b85491c0853f5b
SHA1 7bf52f29faa487b2c30bb43f761fec932e4220f5
SHA256 69b0e533089c15eee149b191d8593b402abf2dead160f79bd75f9df678e84876
SHA512 2b6aff47f4fbb8dfa3c1513a6354f1e6888a6ca6baf2c1d2815b432dfc2f74ad2567066cc74504e5fd69a6393fb6f8dab405bbc9f8734181361a79c94b05a356

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\B765363E9B617EA83FA71254B3A657AAE933E52B

MD5 288c34fc9a716dd1429e90431feee7c0
SHA1 014a3b87d8b488d2d10eb2f27837e2f315a2cddb
SHA256 37194f54e7724beef4e4578821358312753982d13ee0601650c459b0047b6506
SHA512 71a4534bb81f2a7fe47987d1bff23e27ad54dab30395de2b56c9c01b887a3c4d89a279a3739f1ac29bec5a45b9cdc6580b7247bc26558e52ac94721ad56f2feb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\6953848EC4611C0591A8D364569CA2A6EDA054F9

MD5 6b0b8e97b40c71c9f92c73183985feaa
SHA1 35bb5c34d0791be560a73f22465478aa9f60af69
SHA256 432beaf7e9a6f60b8e1ba0af3fd0c3eb9c366315eab36c94cdc4abce3a3dee3b
SHA512 8dcba38508a8fd0a77796ced7935ba6a9756e01ae4d9a16683eaa7df4fb11fe155a75c9c5b6b8a0bdffc0968f02b553d48c569c3dd13d0f8a8d87fd6d0c4acb7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\CD9D3EDAB37071839C6DF4B98DA127EE7E2B611A

MD5 30bbff7e87c88cf547fd1f398ac80a79
SHA1 8ca2e72f03c58f3a6bc97583336cd1de398486fd
SHA256 dbd74f729555301accd1dbb5d53c45ff4e969c7dacf200ab8810c5661ee38093
SHA512 e91549422333a8f81763affe3341392fb0dea388e505d6c3555825ae18f4e81e024b7183188e3ea5065b4f793a7544f2ea55d8b984ac5e8125f8a23231c9a87e

C:\Users\Admin\Downloads\winrar-x64-701(1).GBdan-pY.exe.part

MD5 189abcec9f4fb755eda2e220919e5cb2
SHA1 1d66706b5b339a2398ffa9d9ad91795530a2922a
SHA256 eee5d6a453e774aacc9e89df23bc9d86c1868151d19e6b6ff3c16d1beb38750b
SHA512 c62182eebe36fcef2534aa4df4c8312f66ff959f10fa36de6dac44784db4e8cf2ab1c7045657495b9dc2c72a07ff6fcdacd00056a479eb3eb00aec32a7363481

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 3c720c24e2c792cdf168b023adcde91b
SHA1 e5b478885fdcab6f89a1132823a9170161ce33e4
SHA256 96a4c7075df1f57575a1f593366c0d33fec0b49ecfd765fd5e4bd845da0a206a
SHA512 42545890eec49dba2f5eebd8ec1fb4a4470e1cec2f2ff00505651a23874b3db35e9d7c081dcc9983ce099a84ec7479a81ec27a79508268b1313ceab6383819d5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 22b0ee0a5ccaca0567851cee2d82c4cb
SHA1 c2b51d998dc1c8692c5f0a694b1747cf84608423
SHA256 c4577b6ea4c9b6709a3fd1c006cbe2a5d2c78b47a2fc18078e878289eb75849b
SHA512 d98ee8ecef0c49649299108fdccbe0629e2c8ccb1068cc5618954aadb0250da182c3f5bf0c677259bc271a09be389c38736803f30db53d8446f4456384374c86

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\EBEEC26E556262F8E1AF407807EF282CA63C9CEB

MD5 96cb3aecfc4f8f833e8ac67b891ab82b
SHA1 0b91e764778980250c27b591cf3bd3a6099ab39c
SHA256 a0d2f4fabb24f12803cc9c95dc3d4060e78d50cad1e17d545a25e101a6145774
SHA512 7d8d124281fffbffb093390cf81566e882341d31d4207dbc378ce7db6303e2de1e2cbf142bab3ea416ff2a76ea28a725515a381ffe96a7f7a816f171b3cdf93a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\5CA27BC645641B73F67C3BD12B16ADC816BB6243

MD5 900a5be393db8f5f3517fa2ebd154d30
SHA1 30a4bd506516228a89841a27862a113cb338932f
SHA256 52eff4517346b50a96c3cc45725c72e9621ceb52ca6a9f607aa0f9617cf01331
SHA512 4ef09325a26143fc682c2714759e2fbc3d19001a1c33b210a990a5c00f68508b61cc6233b321590d10f75de4c33e73d0496048d0f423ce68ac74b4b7d796f812

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\59371ECD3558F66F66D79F15573204A6E8295A73

MD5 2ef7ee68cef9ad6d702b6daf4d6f5671
SHA1 665a90ef6c5a1083028b1accaa68beb4f3bc3c71
SHA256 788c6879ab9bd4dc35b98a7a1c1cb133259d19fb7123a59775887daf1a708bd3
SHA512 31f99cd41015bbbfb82ab5857074f73746643d6d8a75ccafec358061378fd15eea16cf4ca952fc8cdc6e342a27dd4f22bec9e64df07221f53f5560ab6655e4d9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\9B63661C155DCEFBC36A39823124A9D96F4AA9DA

MD5 b567e72c28ce1f9af45976985f5ffdc5
SHA1 0f96f6f59b4ec66654b35b48cd67105c420201be
SHA256 6310dc3cdbaa29d35e4cd868bed2b35c1808be871279670e9d9d76359cbb3059
SHA512 6b94af2ae9c47c77d4eef13a38a864afb95caa04a8a16c010fc6073e55e18932ebd1914d7e19673a041ae6063945999ac59c21309391a2bbe3041dc238404aa9

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 d21c86b61da808fb4f3d4d4589ad3044
SHA1 334aa0c306a8cd1aa732befb636f696d0c3b78ca
SHA256 1f5eab9dd7689ed3e96311413ec4e47ed803c77033f8d3292fe529083d0732c6
SHA512 08fd4c654ab858ae63cbed9e688ed6da89ef1e065d7c96c2da07879bfde88cc6aad4cb57668602553daf386cba2344185e62ab3e5bda17585b6039b520bdb98b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 1c20c6d0fe1db7874e95b05ce598d515
SHA1 eb69e7d7722ea2a6e421d34a42eae7200a7fde3f
SHA256 9c9913e8bccdcc0fe0940a5b4079cb772c028313baf261132ee853477b198916
SHA512 d790dbd8356784665289beb3805a8d5034e3d0db68ed8487d9f5dc871dc9c6145265dea0ea78e79d28361d09fea64735e436cb8ae987abba2d32b4c206a8bacc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 46e23b07f066e665adfb73e5ec7f019b
SHA1 5cdc79bf57c2e90a3a98d241b170d84b455411e7
SHA256 d820078f8ffd75bd93459065c20ad556ac01cbde46165c546c22eebd206126c7
SHA512 794cb6f9171a107e166049c1d17bcfd7162c7dcb05080e97e05625e9a49446f9d0778e763bf2d44a9407daca55fcd1e5adeb882bd84051499c2518290a433dd9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\D91749E48FDA3846E00E2577E98697C303851529

MD5 33fc9628f72ecbb3a8db0a246d02a55a
SHA1 1175403bb62b18474f7cdcf5c77261aeaaafe8b7
SHA256 bd916ce9ef4c069c01de3b86f20c2a90ccd3292a6cd29ba945d9acc75320e91a
SHA512 af31df0d82c4d89fb3cde3561b2e8c524750f387b2997aab0e1ae7efbe7876f9b40b5026b20fcb60c7f3dbe13729bfd11969b46d9a486ecad9cb8d3720b98da7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\19513C753592E3FB05DE028A94ADE55EB3815959

MD5 012bd7e3b8e62176b48c61a90bc79308
SHA1 3ff56c97bce1e7fbacec6333dffc934afd1d8fec
SHA256 a489f421dfea835f323c51f7ab71c8d2868f921224c015a22bb5a55e6da00aad
SHA512 69229d6bd8bd5b22e42a968e34669010081e22d2c2a36e9143c0aba350978568c09af54ce2160f55fabd19a51c23b98cf7b6ef2b0266de95d128a6e859eaddcd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\156\{59b533e8-a0d8-4692-b25b-12366f0c099c}.final

MD5 2a252393b98be6348c4ba18003cc3471
SHA1 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598
SHA256 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee
SHA512 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\5839B76000D8B808A42699400D9796A020D36C2C

MD5 8cb14aa725194a2c3ce0c9c0fcf53d1b
SHA1 3849243b99cb3e7cee0e1a9469e392a0d33ff391
SHA256 4f96c485383165bd03a8db1e69e77d3ccf47c70d2c77fa5e6114bdf1795151fc
SHA512 b74cb92fc97d48953097e1c4170ea2c20d52fa46faa390b2de339c865d1a8f09f4065e07c9f3fe5619061863dc1348b74b0d9fbe101bc98133ca42d87bf27bb6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\12D862AE8567DAC569B3E4F120355656E7BC1854

MD5 a39fe52c1e9a4e5d98264689c0cbd71e
SHA1 ae343a8432c390a6ddaf2bd11b21d431f17a87da
SHA256 dd21115db1fd802697d5875be666188d97ade79eb2be0a120ae2832b68f1f87b
SHA512 48bb91a524c65ecf5f4e7abef24170fe88505ee864cf123064aad20db4ab75a9b58ee214764878ca7956d4579f1dcac2b61f43d1e7d1bd90649a255d17e07d72

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\DB7BC4906B24E3293442EB698C42BC4EC3127E37

MD5 61bdd737466b59ba3e9f89cc98c1730b
SHA1 074ad07162b34b3699d9d9469d7ea7079f1e2802
SHA256 b6bf0ca960ce6bd62c609de0d2d1d3fddb4df1e504b5b2b5774987088799eb38
SHA512 8b6bd14fcea529cf4de4698fe98c744423b0c154f10eb063cc9281e2959fdef52ee5bc4c8a9b947b8acc764eb7630ba84fabda4cd29337272fcbda7a51bddec6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\232\{4cd063a6-c5fc-4270-addc-8e6505b132e8}.final

MD5 5cface5cba5c77f6ad2040066f519b97
SHA1 3a57ff50864933765c557c07d33a18359cd963dc
SHA256 1ebb39344f5b7a30aa7bfb275240e07e9851f925d5bab09c7762fc949026c58d
SHA512 af33a0c61921731ff7c4b38535feeba50b9b67b08f50ef0cd94370f359ea2a03b843cce3ba155f52c1b3d27318fca84f08f7646a4dd880826d9f56e22653092d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\BA7C305634DF602A04D0E3F0B7BAFDE211DEB97E

MD5 03434271aa25b44ecdb5184541516117
SHA1 7839ae41d8724be5c1d111c7f935639be0ac1e40
SHA256 8dd9170a613d2e9ccccd5f71061d3d10c72a1528b489356855a1d5168f3daf22
SHA512 7259357a1ce5a135b74b8ed5660889e23f2fb5141f12dc338f37fc9350af930f59d0f01d329f50dfde82e37596863a2d22e7dc928fd86c42d6ad1da944193b84

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\serviceworker-1.txt

MD5 73f10c72cad1bdf2d8b47dcca1704d32
SHA1 3e9f25f6ac713da68840cae68925222b8e3ec90f
SHA256 dca53a13a9e3a7edb84daf7835e73ff6bd1ed38cee31d334e9f581695257e912
SHA512 f56b1b56d84014567d777b566ab59af40ea13385c106928d807a0f6691c5525dbe63e740af7bc1adc0d2c1180c47591bdfe2ce4aad264723a496f7598885824a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\serviceworker.txt

MD5 9fb355405448093281f0d51cc7eb5823
SHA1 140863e13cda39d57318056fa19a4974f60fd6de
SHA256 d9de536d30ca04a3da16ea2833baa7326edb292628c0ac8b9314696f47816377
SHA512 1163dcb55835b95a7c3e77e6338f750ee6eb8c2414e41cff456f09b1ec9df2a39a43941c35499f4129f906477ccd8224c34f3b140fd8d9246308cb9c023f5542

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\144\{7628c1e2-cb31-4aab-a0f5-dd72d68fd190}.final

MD5 92ccbe6108327dd051d1bce36c574f6f
SHA1 21f4ae2144eeb51f674755301d63e946639e4e90
SHA256 2230108c8dac0c35044696b98f9ab09344f109feba9bb62289a10f5aeb3e8dd7
SHA512 e7bc3ec185886bda2c05c46b1bc99a59587a684f66242f4749ee8cb2f8324aba90761a901e3d1b1186d0a2faa65e9a71fbb9072b276ed19ffe55a8b878222c71

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\214\{007a682b-5aca-4d98-b56f-7e2c6bb76ad6}.final

MD5 be912f4bcd3b478ace5df6dc46d82aa8
SHA1 2485e534279a5fa834a6e099cccc92f20c91052f
SHA256 8a3103971412691de6ca0bf149f63e274d5347e8942210e0b14470bc2c74538a
SHA512 8d082b4bbdc165115c47454a3d641a6d6fc9ac732a6f2bc511802fae3ebdba8a84ecf64d1acfe1fc9c023cf40ae2520cd74d5cc428dc9eba7913a2323b27d59a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\153\{fc266d37-ce70-4981-9579-ca7c38d1e799}.final

MD5 be203547ce77fa7a91259437b55c0d1f
SHA1 cff2ff2c9469ac96eff7baaa308cdc886fab804d
SHA256 e5f9c781a4756c64455652d9b4bd944aab9ecc1eef556814c00b1797209f4840
SHA512 adf00778a63ea8a143f8fbbf61188392a87a376234e17856339036854cff3a5247aed0b1c0b603332e244d348d58402ba58b32f6df6cc8e18f9d8242f6573f71

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\idb\3211250388sbwdpsunsohintoatciif.sqlite-wal

MD5 23ea9f718189a9b96d057bb958de5da8
SHA1 4dfe228854b86d593af53a7df22d180d27940979
SHA256 5a134d64ec8edcd13c8ebc526ac5a290c558041d582f270e6dd74d0b6678974b
SHA512 8149a5a757063eb06da00748d140870f2d2fb2de3b24d8ac4bdce44bd2108cfa5a9833dd96448b30518d064a1f62e7db104431324882d3a9a656bc6df11420e8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\125\{67c790ee-f4fe-4710-a27a-3d411686b57d}.final

MD5 45e25bb134343fe4a559478cd56f0971
SHA1 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93
SHA256 dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678
SHA512 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\29\{9a095270-38a9-47b7-9d4b-c3a687c1031d}.final

MD5 51bb0fe00991a2ae6707b3aefc583918
SHA1 21ec201ebf41ad57faaab02f7961ce5a746e6dbb
SHA256 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a
SHA512 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\160\{4771767a-2196-41b7-aae2-0189abfa2fa0}.final

MD5 fb3d6634360a9125ce7edd27c987c8c7
SHA1 d3b094de4065f9302bc48d57637bbe04cca19d0a
SHA256 e75d4b40320638f498c0e1b2daf9a4c9f2ef1f09010d48a88740c48b43d306c3
SHA512 c880e7c9a5174e0e31a733393744e19c82e6a7f424be9e35a6736cc1209d17552e0c5a6cdb8cd725a77a00f15d2e4065b21db78a99abb5f35758d32adb52a53a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\120\{e271b9c5-e754-4905-bb6d-f7ac97c0d478}.final

MD5 2300eafff09d478fbf68f49fdafbff49
SHA1 12f127da15a69beece4f71f600975e0503c77ce1
SHA256 f8c94c9f9dd4455eb89053d024bfd28afa482a9c697732ce5acb2df3144e885f
SHA512 93d447b0a87e4c25dbca71a80a198693b12c684c0a96b370693d693899230460bbd8c85c137dcc0b4872bd2d85fd0d10bfe3f4137c1b08f01da3a9bbfa481447

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\16\{0b53ca94-abe0-4f0f-8452-ebfc82d93710}.final

MD5 184e8de5f2d1b10b1cd688026dfec0ca
SHA1 dd632464c3ad026e57bac8efc3348eb7349dad84
SHA256 e3aaf869118c6db298d843c5308262f88ce5ba474d88e7043badfdea4471c93f
SHA512 e3495544032b7f6760967b0ccf57861ec5454bb32e8f5f7d2165fa63e6ab580e278275a1f719fa55fa17fc0a3aa9788e15ba60ff2ea0e25557f0160607066143

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\49\{f704ea18-88c4-4b9e-b7c8-f1253bc59e31}.final

MD5 b3a912f7ad1772f6fe5812fb79fb8f4f
SHA1 00443a5067e504d2b102a4358ddb6f0484d464b0
SHA256 7663eca944129445deb2757f49ef731ac2a95ac01080067f5938dcc0904fcd7d
SHA512 58e365169f36ce049bdabe6c19ef7788684a68b2b38fc499f0cd7ea8232dccf0708d585ecd249d9a92b2023fed544145b967848e50ba44b0d2af5447abb0b761

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\120\{54d1afaa-383a-4ac6-9aff-0d5613726278}.final

MD5 34eabb6d7873666c4dcd0f6e2c379fde
SHA1 e6dceb2fcd82d2513d383afba73625a4822b44cf
SHA256 2f6cdfea39358c552286c9a055d5e364e27d8a1e6700de932fd8f406446d7048
SHA512 ddd2d6d1c98d67ce10e3c4085fcd33499767b0a158de2975cc6993f2cc06c8c09cb1daf1ff628e4cf9127c973e87a6f3559e3459de1ffe4c8685e40c1998ece9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\183\{e34e5ea4-594d-46c7-8e5c-e3a2c83f48b7}.final

MD5 887d18f5d2a951296bceeccc0a2908bc
SHA1 d9ea3e25c31f63fa2b5c234df3f4a22c87b7abdd
SHA256 47c2305553e87db8d59361705090fda372c32938564297a6db1dec0e5dcbcf20
SHA512 ce858e1c6730655d32e099d8c2804288a654bf2f7629c9bff0a28636473c1834fc9f8e437e04b0b985998ee7cc499abc3b474ab292f3d7180e5e6adbb4d07956

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\192\{99574866-a585-4ff2-acbe-e7e7a71b9cc0}.final

MD5 3a412424ac9e9e38359ed78efdadc85c
SHA1 efed1bcfc57a1a6b9917cd3bc20d59f767adf5bc
SHA256 8cee6015ffd0f547e1bdfc958c906df98b64e24cb6dd5d89cc1aa3b38bd62bd4
SHA512 244689ba698e3c6323e8b72acc8ee5672bcdca4f859dc402e463d09b631861c996d90f8740b75d7e1668abc27ec447a1cdea1aaa30434ba56da1f7b06b84d57b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\109\{77a372d0-30c1-4334-8396-8723a7e14f6d}.final

MD5 03a86a4d0b96c719d1a9a44196a77fc2
SHA1 7e71f7222e84ed9ccbf9300ede0fcddd5c8e0e77
SHA256 455837d864264591dd726619a3976c2cf4c1f18bbdeacf200c7f996cb3541ee7
SHA512 1d772ab5d65bfebbf924ccf00df8f3bd69b39f53d5e5cb2cd69f07904cdc1667700c544938cd58410c91d31466e93262a9cb5e13503292501d11773f19618ca6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\26\{0732d0b5-fcc0-4e46-818e-c7e9936b291a}.final

MD5 a7be5c1c2c7863aeca8277d4a930ac3c
SHA1 ff7bc98d2cea7fd5186cad9db4c10ee63f917c09
SHA256 8a647d6239b7e39ffeaefe9e8b7940e3a48e34a38e3c9848531317ddfdbbec9b
SHA512 fcd2f837ff41e74356bf1421cd59c7e4472e4c2a6f49c46bd9c385a7cd44e9bf05b312d684e270a8d12bea077aed33c807f065eae45083db4dbfbccfe41c6a25

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\152\{cd6bc789-216e-4c46-b08c-f92e031e4a98}.final

MD5 0b734627f848f5c2293f4355a84c5f17
SHA1 2c8643c3434407508c0a531ad006c3670120100a
SHA256 87a5c2df003ea35101f80c0f526754c34b5d7668af07dfa8fa7370c5ecfacc15
SHA512 2a4fbd6ac8952b2d4effe9b83c9d8d2c3c2f4292b09cb4217d80982b284cefd32c92168b6111d1b657153291e40e26cd9e479681679e45b6a70440f8acabf8a3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\103\{7fd87ade-6068-45cc-b4cb-fea0ecc97367}.final

MD5 a57c59c5082da22125cfc69197546e95
SHA1 ecbc238d1f440562832601a78bc3fdc052df1e0b
SHA256 aa70e89647f51593908420aa5856e5ae4f663065bf8a12cc4ee1aba1a0916a9b
SHA512 ca88eb897f8ef1fbc65b1e2e426a2e8274a7cf8c225e02e5406c39ef5d1bede11a732673162e21379773622207b28c9a45de83a64aed110ca82218e7097e7cd0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\163\{5500a26a-77bf-4499-8862-5b39b056eda3}.final

MD5 abada082ffc6679a2067c452c7cf2afa
SHA1 99a4e6c70bfe85066f09c2ac1b2108d05f129c52
SHA256 fdd42399b41bbb74565be3da15f861b96f044ddee74f6f2ba29940a96b1f2031
SHA512 a4db103b9409b1a544ad9e449a3cd65db72937fa325f1d08419450997f0de9b1481fc7c31ec915b89dfaee13f42f4e50bed68155d2e39d42332c01f4f4e6fbfa

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\155\{dce41f3c-9b9a-4dc6-b8ca-9fe32a2f1a9b}.final

MD5 0ef1f531ef723ae794070d8fb9f22e7e
SHA1 359a185e7e59e52162aa084fab2f31d2131d2da1
SHA256 7b92f7b90080f024b9f265b888631c058878628e569fb1301c8dc93ecafc90b6
SHA512 876120bfdb112bdbbbeb2a87140af386ebf91d13b9bbc02cf7e96fa0f9f10d66c4a7265811b7ca79223a61fe141712ea64c5c2773aad6199648e3bcd496225eb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\189\{56df6b29-f5fb-4e2f-8228-02fac62442bd}.final

MD5 6593c3cd0cd304b103124a65062a274c
SHA1 aba82966f9eebb81bcb05ab9eadc5f9ec7087f38
SHA256 89e8c95a42b02e26e31e55e66381898d19e3ad9e6da3f27ad837c7470f9b9324
SHA512 ac4026f5fe5346f518171c3ce08c0ba5652382f1ef83b1358140e5696ae1721d980b925925ca24d2b84cc6a84b5fddc9433ac492c943d09ba2f8f2485e892768

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\238\{9e0ada38-c200-4cab-a5de-b89d377231ee}.final

MD5 a16ea228c26d9635887c0f16939633fd
SHA1 4296ff50e58e69f667e69a5eb0e4b33d5584c011
SHA256 1147a378214d10a08296484419be2cfe7e251bf90f5f0ea9897ec1b79e195664
SHA512 357c2daf556aa2471b6f0887d32000939044ce584534fa0fba618fbec99031d0569c5ce662a9f3c1235785ab3fc9116e095e99396a082cb60e1c763f9e561c74

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\76\{c90a569e-28eb-49d9-a323-32fcb40b464c}.final

MD5 c39ad8422f2a033a19029e992171863c
SHA1 d4bc0db91f8b6a7e562632cdbc47238bf7074311
SHA256 d4b92610c82ebb2fa1beecdec652dd1b40731ced23e5281a1746739bb9636783
SHA512 abd2d36b411db7e869da2fa6434644768801ee8db91c4b06a15b8af4e3bcb8b58721d654a7208809eaacceb2d17a91bccf8d40aeb81c2ebb0817eeeb0a9c31b0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\177\{c15966e9-3f6c-4114-a4e9-c4b5cf9824b1}.final

MD5 3e7dc63be6da02f295c1b9a5c56dd322
SHA1 0aa6083dee17a265efa6814d10f0171753c5f042
SHA256 6ccac4a1dd37f1f6d1bc68aaa92f48f02d92d3a23be15dee4d83c0b892fd09d8
SHA512 3ee1d46e61646303fbe77cfae5231366edd2862e9c2bfa45529fd7e90d7bf8fb62969c95f4125a17760ba6f934e5d51dbb5ba42bb43e24af33b43ffc0faf53b4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\236\{af4dd832-3953-4fe9-aee6-39d1203016ec}.final

MD5 ed6fd5e11dfc8e4cf53ea851ea9ede04
SHA1 fc392e8d4f64aec77d892182f63fedcd543977bf
SHA256 478c763f896d5b271626a85070b75e8d66dd1eed1dcd244d9d6874bb1c24e6b1
SHA512 5da78d681d8feed8958b8fc60c4bc7975e9a4cf3e94e884e2525005cc1852c5643cac43cfc0c387381ab6f8d97d90a1d22b31faa0a1ee3529117b471cf6ff21e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\4\{c71de49e-6d47-472e-bcba-639972612b04}.final

MD5 a8ac2b1daf1197439e18577f9341b301
SHA1 7c6e18163d4915ae57f27df9cfe607834bb998c8
SHA256 de289ef6a8ba393577207b6a036d9bb0462b56479d9fceec6b4c094c8891a72a
SHA512 617ac8779a29725613666c729e3b0976f0bbfda6bfc358f7e606a552dd0ebf712de791d483965a72b225412fd7532764a2ccb2df1b3b91666ff25fb841cd3c93

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\200\{eaf144f4-5f6f-4318-9298-79f6ea2869c8}.final

MD5 6034306070954b482117c7883f153714
SHA1 dea03382c66843d3b2f548bcc628dbfbc3cab661
SHA256 dacb173c166fb4640953753914c783a1c8aecda2eac07dbc30ca70804bd8c029
SHA512 dc178d0f42734ca82160a12caabd406b1b16f414e09d67fee35092249aed61f570702bd1716a169c1e97e33fcdace6709e98044884e7459e453377f103946e62

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\53\{b1258c89-b4c4-4950-96bb-e5707a67a435}.final

MD5 9aabec02bb846ee3fab89838fc80448d
SHA1 8b0f294de64204dbee03446885a8f31f03a22b17
SHA256 31afb122c87ea568cbf6b96fc5bb8ce12eaa379581d41c269ecc4674d452d72e
SHA512 198e2db29f6cd3807e92fdc6fb2fce689ead581fec734e414f953595d1d4dfd0de8a23a364d3665380b99e58c4146d4899ba0ba6e3e818dce29bdf809ca00b73

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\223\{3fe2f725-490a-4039-9bb2-8e521bd63edf}.final

MD5 7b4110fa3efde7eaa286ecb28002c24e
SHA1 ef18905bf90bcec8d651b137f902e2d70968b960
SHA256 3b339433141e9d91736ec678e692c2ec5890be7d216f4ba576461109835b802b
SHA512 bfa6025d1b2638ec2aa85188c52d1d15b9fe8c85f1e431da724f9a28bf6fbe78299539497a24fce08e48985430e713c5982aec2cc5b5c137f5b611be77767fac

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\210\{477cf0b3-c0dd-43fa-aa7c-9c3d3bb0c6d2}.final

MD5 5409f7bf4f5bee52df75c2e72dcc9f36
SHA1 7d03d02ac3127b6d3bae88725b830f05e2c19b92
SHA256 1e026c82f67c10fc4746f558ac948fa6549402b7331d97fcf7b22690cb8a6696
SHA512 b3b6a124599c979b29f89ecb3d28f494e1d9046e373539f94acd3d89de284dcadf860c38067bb496e0d8a9d6f1a4e54e15a82d0dbabfcc6280543a25b7bb86f0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\219\{e42a0ce5-4f3c-4529-9e4c-8070edbde5db}.final

MD5 a975d247eb217c175e9104e649cfa5d0
SHA1 d85ba5f059f8b624aabbdcb974b16d05fad94b1a
SHA256 3165df152edec50d78e9a54edb28e74682976dd15e4bc1e7ae72a5838a8436b4
SHA512 cd11924a023f8c57315aca37f3b77a90b2ddc2db55417c4002e916c917fa7826c521240a646e24b94ce72192bfcc2739b1ec0edcb790ae33960a3329c2af22c8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\45\{e72522e0-b77b-4586-a8a1-caa124742f2d}.final

MD5 680103ce64ae5c8edff61a1e3240326c
SHA1 03038ee24f31ad0b8da727f0c3dc3b5879b26c8e
SHA256 3c24065c3b89ce87c07f724caf59d270c80b7a072d751bd51e2f0b27b594442c
SHA512 68c0beb28e4050858d9ed8f79e0bc4a24abc99b9776faa392aa7d412a83b8d7320645ed498b7de7f1d712ec13abb554862d6c2b01d7223a229a96f27c9e130a2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\119\{a1287d28-b4da-4024-ab95-02884a100377}.final

MD5 63c7f2fc0ff6a57ff3d98d003b00abc5
SHA1 7eff871879b328e59dc2a5e959c9efdb9e93c91e
SHA256 d750432333b0cf3e88461237110ce0718e2118f3f65d368e9e0d798b9986c440
SHA512 b3eb057cb9578836664bc1d73ff55a40e66eb48b8a210587dcb2adbad404c99a324e388b2d88a77e61f67bf25a3825a4768e7cf6f126008637feb3dd01255d63

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\128\{ad77cc0d-f853-4346-8d7e-0c46684a3f80}.final

MD5 61fe63358ed5c171881bfffc422a3d0e
SHA1 aa75bd2ab0c3337649e0c8b70bda7f026c873854
SHA256 b595399f19902bc6fd474a33408fa74f5f4f97308c2fc8f8e6226897241e5cb7
SHA512 8f8de25ad07e2b76f2e8366d6be5c636cd40e1ea3a36c82595abd42113816a0c7668d1aa6af84b23c57644710cb607d166324330e8e095613190de5159b3b3bd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\65\{77359045-0131-435a-be32-f4212cc3c541}.final

MD5 93fe42b9cacad9a58418d5702e29918d
SHA1 fc31ea0118b5b0999dc102efb09ed974b0a6ef9f
SHA256 10a26c50074171def0db39d8343ce1b08c398e77336f87dac2707492053f891a
SHA512 9248b47c5b621c6dcd9792b25c765c6bf7dbab2a03eca1f4507ea42c1aff3f08ca165f89c75f43c2bb1f35514845ea7ccea5199bbf57ddaaf631d0a4bb2ccd7f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\209\{4a49a36f-548b-4af6-92d0-839fc5525dd1}.final

MD5 103a3bb224f38cac909b8f5719ac61fd
SHA1 a2f0ca0141add7d8ccf18e2cfb38acfcee45a0fc
SHA256 63f1c1eb498439212024b5bcc18287e503b28cf7d84c3723d153a78f1cbde45d
SHA512 00c640a963ab78076b97323b51f2a3e8fbcfe288bf3cb52c97d4c3e5cb8e62e29affc9f616ed35d3ee978027ccc9d8d23dbc9d7e78f48abe8dc707fc6fb215c1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\90\{3aabf4a1-7c65-4ae2-b775-f98edc92985a}.final

MD5 1a840973aaba0bc8aa82cd789f229983
SHA1 dcdad762a070027acd4d167c919a8b12eb7cd4f2
SHA256 fbefd71795c1a773b199567dea99ea28a5bd85ed96abffee7e3f4c1cf6f57c6c
SHA512 871508335ab32879d045ed3309d52512edd03c69e3da9813de212b19ab3ef2e4939f7f108262f12bbcfb593cfff2f1b3774bf4a84076111569fba0f306dcb773

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\193\{4492f287-f944-4f71-a4a5-920167a884c1}.final

MD5 3642d5820ca7ce4525164aa44f5d6beb
SHA1 b8d4c651b067c3bd08f2fefbc9cee8fda03c9354
SHA256 9624b4751a170b67e592dc6b20f93a13ad959ca57a74bdd0998871414f05e512
SHA512 3cd72c8df0f244da5aa0ae250bb9ced273a45c30374864ea662b4e518dd03c6b7ff8030bbe1ae5ffd078ccb8b8338d43b7ee61ef7545059e87616c56fd3a079a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\35\{ffd572b1-9d01-420d-a977-17cd96447523}.final

MD5 501e302df1cacf7ffe388900064433f7
SHA1 d044ddda684b1a7b8acb5d9a887f1b92f77f10de
SHA256 baad1d86dab561f7abf009b62005456a15797550fd0dd565328f8c1e7e7c23ca
SHA512 8a75f975a60c979627e4f325e7ca6b8af17df51e425b7df27ea45ccb45b0b37b8ff339a7cb1a22108f1085854c4bdfe8694a6009a41df07ffd93aa7c6766c80a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\84\{c50e0ee7-f075-46a9-adfd-5983cc2bfe54}.final

MD5 ff1714439da5865eda7a26d7366ecd42
SHA1 d05ac8350fa53bcb01c187b349b9c0b6cd990da7
SHA256 f2406a6799cc1538f17a8ae8eb0f6b053fc8f8cc37f77429de1fb638bbbebffe
SHA512 4d76e9d3676913d82fe7c85f4f481c2508eeb7bdc76f61507353e6af12c70dd2721d43d3405809d518f29b87c0cfdc1658ad688453e37aaceb4e6cb68669204e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\70\{ce67cdc5-8cfc-406f-b4e0-0676fcc2e646}.final

MD5 25bc26013ca16ec022cc26f5370c3769
SHA1 0b959045667e2ab2efb992cdfe8abf8d833ffa83
SHA256 8e291ff624d1139db9423256f8b7637e909580a54b8838c81119b12cc631b84b
SHA512 ed775d60df5dfa9d6fcabeab00e46d6ddd421f19c8de2ba3d1a78786cf70ddcd86e3dfce18519d916078a36a23f64e9db42149a4e3c26d58ffdd565f3dd9afdc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\128\{594343a3-e5e4-41e8-ae3f-c8fd6c677a80}.final

MD5 d53cdfdc78bbfa83f76b88fec1baf8d5
SHA1 44fdfb015f2e0ef773b74c91e7aa3084f86be4b4
SHA256 b60f85072330edde455cf9a62c94958d66793b18f461289da8a88b6bc0e29621
SHA512 07f7f09c3828e81d79f88d768dcee3d8f91aded0b408bde57daf82593eee49a1ef2dfde683b0aef1059031b5f9d701dd6a20673020578801a66555eef720f023

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\244\{401bdf90-e945-46b3-9338-820369fcb4f4}.final

MD5 4a514bed69506c494569d2de079a4565
SHA1 cfbcb0c9ef303e49adb4f8c85191593dcbdd95f6
SHA256 9b16a083b682783c5014b9a1f4f6914ec9399100e86fd5e56a82fec41ea96a68
SHA512 c2d81af256d7d5e8bf9b4c2ca467a1972aa625511ad0d63c5da573d0916b85b1b09babf4a606d94f6b79f3db26bc00ff8c4b08db485224383d487749881b88fb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\97\{38af4ed0-f380-4dbc-95da-ae4c2e363161}.final

MD5 5ecad04347c2a8c59c4b6a885e947fcc
SHA1 ddfcb94ac1af832b6a831dfabd66b47138534ee0
SHA256 9fb212fc86221efff20faff19c616c41932108a588078ed6a6377cde48e81d4d
SHA512 9a79703298ad64b902f6a0328f6c80031f540a7267ce4f4c96cc33b6b9ab2ba23f1b190f0ed1a51da1ed7306dab020ef30f87331da5cd77d01789c5e8887faf4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\34\{dd14c3fb-451e-46a4-aa35-b0cfecf52322}.final

MD5 c4e0cb3d3de8b6bcac527d2f0e5ed241
SHA1 2425b0c4ddb89f31d101257662629cac0c3cf0af
SHA256 3135abfbd2020a12ee327fd81c3739da37a6fdfc11d2032634ce5d33e916505c
SHA512 29e026c7ece58ce6c56d64073f3b0f6a008286edfef920973b7e399ef57f042780f8cb5a940d8654c41abe2a6fc8f60e4427d70fc285fa7fee5fdf473ae66fee

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\54\{07f679e7-cd20-4beb-a55c-43958e583236}.final

MD5 4281c6880b38580a12983db6afe98254
SHA1 052f3dbcc36e439f4f23b1e1b608d92ee8e72654
SHA256 98cdb9a3eef1764f2034497868bc60328364b1a414eba55860fc1756aa5f85b3
SHA512 6b92b3ccf7ab00db56c0cd6c7c180741e1a154be3cc04199b883e7c350a818a6b0357454116ddc86af433f3afd57cc8dd89efed7cd0dfda6c3d9bbb270dba533

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\168\{7c78810c-9c7b-4a2c-96ac-271f5012c2a8}.final

MD5 590de80c94ccf9eadb9c7d51be8e796c
SHA1 e2c967e833e34a61c7bbb2cacabad6743f3d48c4
SHA256 75b7670458b285925b57d33949d24b515dd8fe50466ef7e4a4cbd9a402f168d0
SHA512 d06068e443b20e3778c98441fd8fab3bcda4fbba3daa683e3e7c18c0de280d59d4261de63ef47ce8fb9a819b3c7f8d612f7d6b7c6fed591be25c19421ebd7a91

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\198\{22d5137a-e335-4e12-83f7-e16322174fc6}.final

MD5 5525a3d889a5f2b22309572b81eb632f
SHA1 75570ecf4e74c8094526263c3f8fcaf09d4ea87b
SHA256 82b1f81789c3cf58f4985bcf3dd14d3606a9bda013bc08501e36bf46c4fd4e52
SHA512 d1e9153d5da3549d63b5833648191ec199a616e64c343b2985a11626465bcb728e39a3a04b906ea5bd42bff8b7376ef1a26e65c4e62b689af0cba19487fe982c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\20\{d86a2e1c-e20b-4a1b-9773-4fb887e1b514}.final

MD5 a5a12471c60b1660512fce9579675a2e
SHA1 d702b7183c27a6b08b626c9bba460ce0e20a7395
SHA256 2b8ad66d9eb14d6020cc86c9472a8d32859faec20e5bc971bbbe068753b378c0
SHA512 ec69cf09ef623b7971bf8a42267e23c4f5265127608a70d1ea8ee7a910982e075723a0dabd7053022905c9d0e44cbecb4fe2fb1005258fac9a0bd5a33f3b6014

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\207\{55b0a21a-7251-4531-94cb-a5a9ab25e7cf}.final

MD5 977788f7041189490d48fe8cb2db70b0
SHA1 896bbafbc1f4a310ab867f215c6b4c4494847f60
SHA256 02f5dce12d59393d9d124cf943957bb5eb8a21d12c9393e4a5e17142d78edc80
SHA512 f72744f7c9e77107fc48cc156610acbec7ef5d10aeb0a7e4319c4d771c63df47be77555e1ef057d07c6f6f593e2e7432cf529d337c1d97b111201bb01c056a42

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\159\{b999ae3f-5745-4356-90d5-a41b2adec39f}.final

MD5 fcaa7f35d0b6f5dcc3edf6ea35b7ef98
SHA1 37eab86381cd122095b712d205eefd4c15ff49c1
SHA256 67b688b893251d9e52650b3cb720b6f8be62c6e1afec8ea4b223a8e975d27b1f
SHA512 becd339b63fb55676cabeed67fbf4e28740feca0995b8734a430359c96e14b8591d4242a526d920ac8893d9d22ac125288e8ae8dbfb0a0fb484ed8544774958d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\82\{7a6a3486-f23d-409e-9962-e9ae4ddc9852}.final

MD5 a5b6e175f5a577af3302c7029593adfc
SHA1 7b21982420c602f2678b28d3eeb7172d5c491903
SHA256 02240202d841f7910cfc4d17aebdef67a1084e704359fdf544d80dec3809a8e1
SHA512 9e62f4350403815e642a70d746bac7c8862238a8f108491f6e33031db7ebef4ce91a9a97d83f9fe9c15dd70333bda1229dd7d1ee709f964dd8c65071833b6544

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\29\{a184d5a4-f28b-4baf-b46c-bd348be0381d}.final

MD5 3f7a4ebdd9e533cda0125618ad02dadd
SHA1 8f024e90ae75e5926e0f9d0847e2a1520b4f8eab
SHA256 3408ed8bd0781a9ee0576ff0ddf30150456e0fa59b40406b21248613602c1043
SHA512 6257799dd555ca13833a2320b10056a966f1f384d474cc66e6ead51a76b726e66ab64add92d9bf3a85456ec75b5b97404bf7574eab7d3e6090b8f60d2799c1ca

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\154\{6b77d0fe-bfa5-4c0b-88d3-553c4ae8729a}.final

MD5 321ea72e49df8692233391c1f36451e6
SHA1 2f016758fc5830a806ed9891e574936db521c034
SHA256 8113ef313d8a5519df57034e29db538c65721112804bf1a1a446b8302ae7e0d0
SHA512 86d5a408e472a62c2cfcf69a5fadc122f7a62dae866a36fdc4a7381de6cc8028af4ba51cec9c827b9815c26f75db82c4813ab25682c728c1f03d3bfc7ff21114

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\47\{6571be58-362e-4cc9-8076-b2d1462fcd2f}.final

MD5 fe5981f30c81e299a4b3cbb8d54c236d
SHA1 86d257366f84c5da701ce39084e8bd6b54a644c5
SHA256 d94c2ef736a7e46e3c6da5ce1b0f4ae07d1aedf5de035104fa48c3804f5cc86d
SHA512 51bc339682768b4ab038325bc12186aa16836e7179d36ecacdc8b4559b70e76e7868bfbd1ae19af5fc35ee36299060166d5c4da74f70c0816849510f93e2a403

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\72\{03db10f1-2690-4f1d-8b92-50f822a68a48}.final

MD5 ee0078268c18aacfbb32f121a2bc2902
SHA1 413487a0a575c27405b739fa8938a66b61a24149
SHA256 9718aa5eb454fe31d59fb6cb2d7bff3ba1f7e73b171c76390ed97b749493a85d
SHA512 2d776ef4276e4f8cbe7782e1aaa91d78f1154cafe818b8fb507e7e5f823c1ace750e8b2214a82448fe0d3be43fc25f1c15eb93d9198ca4c6b1962d19af45ccf2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\151\{2ffba076-9f73-45b8-8fcd-5e6d3cabfb97}.final

MD5 41d7c0ee3ebd3ecf60e8f06238d8976a
SHA1 313d08e7b04eefdb0ec87504462f522d7cb94d4d
SHA256 7b48b7ea9af7535de272491304ba8988db28c4cdf0d50c800e7d461666e73efa
SHA512 9619b290dd7e07d7a4d9768ee35dd564e37f1b0f4357bd2cb8a39c1289772f275f23f260114fac395974f544ff70efc168285a34611f40950eded0735d2ca6ec

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\82\{c8843a81-959a-44bc-a90b-1d95affbb952}.final

MD5 18ea68569ded72b5f8f681906febe6a4
SHA1 5797e923cf4e23b0c5b834923ed11b3fd101ebf4
SHA256 3f7e5effbbc5b1d293c34e82334eef3f6f20195436b46a97c9322a406af63cc6
SHA512 e32bfa8081fcb47042097617f10454358b0fa206db22cf3d4ceb09c7134ca97c4cc3d8d283e1dfe7b4db13c0254ca9aae2fc2dad38d50cff4375373d76d9e060

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\158\{cf27d453-8f25-42a0-b734-4ed4dad2699e}.final

MD5 a601665adcb4c6be23f3f43db3ecd713
SHA1 daf1dbb4c74201e6e986283fba3603b508d576d2
SHA256 38f281885066fb223a840e11199c5fe053ce470857cb8ffe5fdee25e226e2e7a
SHA512 b60b5afbcafcfb4d4751dda855ce4e40674ba635a28dee30b9ee8dae0cc1a751623ebcc3f1657aa1e847ba317dbb4bcdf44e73fd68b96ddb9ebc3d0a73bb5ae8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\125\{cb441970-07c1-44a7-8a86-8b8693b0537d}.final

MD5 31f682f3d011c942f1c41b7f915eec10
SHA1 0163e4cb475138b8f6ef221cf0bb15055f628f4c
SHA256 00392c87ab0206705a7f066ab9b2cad308eb3b2d0b538fa535d053b0c662c48a
SHA512 da32317bdc01471cf7fe107c80d3b69646aafbde3ba9ef7d4fc674c56034d78dfc08ef33d8c133cdf198e4ce265625c8411cd85b2cc6d57016af360129db733f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\73\{c6726bdb-aa4b-4b0e-909c-7c8374e56449}.final

MD5 b0e3a03d13d45c1f130df30ee51eea72
SHA1 ed19adf38b3978300a958e5287546be08c8fb371
SHA256 ab156c3358cd6b946718508bda5099c8cba2e4583e3d03fbe0401c0e6f20e5e7
SHA512 3fa2fbaa7f78f69d0df8e3b8211ad56532cb0a68a9ac89c37fa5354fce51e114babd0673f2f44d109fe2e518ad7806b7ff3040a840e3099be4cc5f6dc07f8154

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\93\{25a47004-52f0-449b-9e38-06d08551c05d}.final

MD5 0c93d244125f8056cc0a69a4ca53f049
SHA1 e35678e1a49498e40e1ed508b521e79779a6d25a
SHA256 f286ce18e4e82f60816536d23dd2b1708cc45a3d1850b132b282feb1d5aec4f9
SHA512 198952bcd97b9497f6cabd7c9dd6cf0b8e75416fe5a2eaea15ca1e30919b7219be5b28985752834f0b8d501b9d6f6b637ac799db078a16f1e7e95480dfedcf5e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\154\{678ba1c7-9f89-454e-9147-8ae0b26f8b9a}.final

MD5 93215d67966bcb26afdfaa76aa00aa91
SHA1 aa3252645abeae4e228d6595c93d829afad380a8
SHA256 aaf4281ab5534bf37010c4e3ed86dab18a9f4cf8185f85ba7b0e6ac59c844849
SHA512 52df1847b0b802417b245e1fd51197349639fb25ece34a48003120b2920255b52848b3318f0f9602f8d8bf22bc7e761082befcd21b9d06b6a1e882a23f8c9ba6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\149\{110c7688-d9d2-4cf5-aa0a-c80a791c3795}.final

MD5 8d9443186ccb116d608c8970023a6c4f
SHA1 c280277c0344161167dd348d9267548041e95124
SHA256 70feeade7e05a69d4604df99cf1ff6793f7aed0879ae06b50a69b86906a892bf
SHA512 66240fc8a36102b8d3cc7cf157dc80981bb05ff707efa775b82ad6219fcb72fca9a3c45f30aed6147b222356a06a9b4063c9967f41f1a246735d68bd502eca51

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\236\{b873a462-dd2b-4a73-b7d5-83aad29e8bec}.final

MD5 9d8bbd70725c7ef1461172bcc4e85c13
SHA1 a4c4db2ae4f58c81ca1de7fced23b522d6bb8f73
SHA256 4fd302f56fcfae608964aad2038a1570e38e96b82d52d590387ac91915a8c8bd
SHA512 fc90e23b5e86c1d6aab537069159ce5eeee5068817b6923bcfa33d93e54358fc38c5dd8ec4638b9eb5349da1fed4679af0159ef958cf48227efb14dd67511811

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\187\{1e087793-d6bf-4163-b6b0-62e60c387cbb}.final

MD5 c6993227cd75c082eb25aee8332d888e
SHA1 a2e27914baf9a1a4b8579506f419bc7167dff937
SHA256 75c2bda8599570de972a83352d94cebc61a2bf66c8470a0461f0803c59dd8223
SHA512 bc37854e6471273085bd3ee362ede016fea6eaccb11194f749c3a092bc803df07c7dfed2d0a3fa538cd447a21d4875f95ccac3ff4f278c96249e7110cb968b39

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\144\{70284570-0353-4087-8ee3-82ab79520c90}.final

MD5 f5ec5b6fdcb0fe6f76aca19310305268
SHA1 46d30ca75e110987809f6cd78f52b5cb35302754
SHA256 c9f94f5a2384b5a253cbc563cae021fb1d15762412fabef25d90b4f0c60814d0
SHA512 d22ba260c9738129d976df698208c8cc7a9b70dd89c0f81f995f0105940a2956e3097adfd2c300c94387ebbff54af720429795ee1bf4d81f3a1b6a6cc666940e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\36\{657141c9-d854-4bf2-b1aa-f4a2f1ccc124}.final

MD5 32355676adf4c64f1fe47b92f9500b6f
SHA1 cc2a0c3f0da02c1a1ac32a3a5ba417010f89f73f
SHA256 f4b28298d53a353c23a88b0c82002f1036c376d22154ed21630a8c1d04e2a841
SHA512 1945dfb8bf90df999cf7aaed9c881b2d10df4a3550f2bceaef655b2379e79d8128ebefdcd4f37705c7b42dcabbbc4c25dec1c1f9559f4e727c6df45f769a2f95

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\238\{64e09969-87a3-4db8-ab95-29a11156a1ee}.final

MD5 004c0529776665be8335ef4beb8d0eb6
SHA1 8b1fb58622c92f0ce3e490bbf21b532818797f8c
SHA256 493593022b630c1c1bdfc20479ebd34465a1bc79e066b04f388c6572375b0005
SHA512 6ee9bb5cddee2ae52ad1d3f068d08011ca5696975783fcdc816c0e16dd27c87ec0957d6c4b63cdbd76664899fd8f8df087db375a5eaca8b9d494430a6ae09efd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\246\{95631b08-89e8-4299-9dd3-34e64c1d6ff6}.final

MD5 bc7d8425fe4aaf118642e9a60d1b764d
SHA1 7456f9cbd82c691a2832ca856873d8e00901fe1b
SHA256 0ef51d3deb46884c157b25b78667241a8809dee794e3402c07b3c5fe972c1d92
SHA512 0a2dd57fb2ea736faa79c3127af31ad0671a06653d5bd152597fff5275c38d816ad1633cfee6e870c2de82aaea14a976d627fac4458c688d3650ad8197173301

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\15\{f24d3c85-0c3b-4730-804e-bd890354e10f}.final

MD5 b6c6d354eb2e7e52adb948c0366f0053
SHA1 d7f4586d41fcee9be681c70bf002d36f6d2ed624
SHA256 8383e636c9249a611493d7c83a9f02bbc0d9566d5d3389d8082ad6042271ef28
SHA512 9a08680e4aef9e54a24e7956858ffea9871f874966cb36fef70b5e49f6126b2662c443b4049a3c4d74fdcc00c83d3af12072fadb11a96ecddbb87280a0a2303f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\3\{89bd0f0e-6e9e-4f28-9a46-d55402dbcf03}.final

MD5 253a9d7dbf4f2f8141599d38f58f86ea
SHA1 0766863065b6c57e98fb00fad0e6d8ca1c1f6aca
SHA256 fb659afa77a61d064962153784f63ba71e453e597d98b770c02aa31d1cdfa7d1
SHA512 379424e9196ca464ecff6e513cb32a296a63afa9fbb8d19561d0ce9cac304440896f4efb71956bc781cc51eedbda4f6d0e588e075ecba82e482ea2bf6aeb7371

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\235\{437970c9-80b7-441b-879c-1e312f07a9eb}.final

MD5 7732897c3667adcbaeb632ed111b170e
SHA1 eee532cc36738b7e586c193db814a088896038ad
SHA256 ea06cf7afba50fefdb6b8ef1a084dab27ba0d9b578814b3b79eecf474b200b67
SHA512 08a7130e9b36e13b2cf41be54a7eef19d209c494d177dea1d11e2e224f17a611c649683fc5b49976e244dfc4d91944ef481fe1cbe08d130126817180b97a0717

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\222\{14d3667c-ef21-41cc-90ea-d811a1a006de}.final

MD5 50af989865f9dad63f573c5f2bb66321
SHA1 91c2c613fe2faf799d1916e3245c8f7672926d28
SHA256 d36552977b70782f63c9fd0ebbadce131eb78616c7c5f0e0274746cb0adcde8c
SHA512 074f69af44958bf010198bdd2a37272d30da53a22d58313606f5c1f19d67597b98c6cff376bfebf63e199f3965bee93a0588cca0ad70a8eb9e9de3ad9afe5d29

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\148\{5de07e07-c4ad-48a8-a6ad-fa74facaab94}.final

MD5 830028a05fd627d68ab70e41825f7f63
SHA1 721199e2f117990f999b2a41d91536aa4790fc76
SHA256 d7f263bba51f160914640b1310d713268e564d9bb1bbb878e67d442589edfca7
SHA512 7af9479e45a89cb49053df5657133a83b86553cdbac5be5fa18ed069c111021ad7d82b02404bb3c35b9e8dc1ed66c3c05bd8a5e8afd4c0d66a598be3ba24641b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\192\{e5871bdc-1fae-4b53-a2d1-9d7608af71c0}.final

MD5 bca3032426d23daed1b2d997b7bd5fad
SHA1 76a4776fcca6e6add4773481b6b3a82a7c3f5a34
SHA256 41b63a851c63d3c6ba8bd92548013e1a472973011f0be1b95eb2e29697b32b34
SHA512 67b6c14e89be76624f964eca71653977f3e4c5d8364fa9e008a6810efa9d0ba359aafa79570278bd80e57b6e31820d27dda06a588873c181ee96d8c868c4b822

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\239\{e6c5702a-7a4a-4073-a817-ee3364c35bef}.final

MD5 df74de9b9890000872199833e120bb06
SHA1 9514f328171b10d04003469f6dc8a7a4f7daa741
SHA256 3756c1dee77d8250d1431077670e560f38dd9081ec36fa0b5f7f17ad58aa1f84
SHA512 73b313870183d2fa4ca5c38d2192b902c7a79796af1fdbe5e64d8b2d212d2ef85d0bb57f2ba486ff8610f22a9e952bb15947289107ac0d1d307c00015f4baed8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\252\{58cde67a-98a7-452c-b101-ad62557d22fc}.final

MD5 b85f318ce844cd0ac2d4ccfbfde4d2bf
SHA1 f3eea534e7b991836ce9eef594480ddb1bda1987
SHA256 480677e695c4b197a66db44b3d42f937f304e44fc560c6690885827cc99f4a5b
SHA512 1f8ed38e5dcc51daab4e6bc8af64e6b1b8316436519ccf21b2a8414f493efd374bc541a4de3a00fca1b9f48d113b235b657a94d9bb8aba4eee58d0802c1e10b6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\10\{03650955-edb5-455e-9e7d-505c8fc7b90a}.final

MD5 2d5401040d875e10273c9d8ca9fc511e
SHA1 79ba0a97214692e52090f4d2063deb4f20ade88c
SHA256 31342b78121940f85212b9b664588235affa0cc7fa398e80d5f3914ea12efe88
SHA512 b82ca313bc8e3daa966316e10c8303d144aebce1c00761df10790b93113b6eac2ebca429f099d88750427dff8de2a7448fa470e5cc2eb000c7cf71ee73c3edc6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\199\{39273d59-e3ab-43c4-a765-3b09197c57c7}.final

MD5 b719a3c8378a40cb900349ad2a922921
SHA1 10a71eded94cf7fcf70bb4952a35434526264e88
SHA256 7d6082dff0e7a043a631ee1ac1c1e094458d7f7607d075db809ca60f531539ba
SHA512 5bbfe366cc072b80c4d35c45ec91c4ce60a6f5140e6ad7109554ca3dcecb765336ffe938bf490e99c8edddbc3571d41c8e2a34e1becdbd9adaf334b15207e167

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\37\{c5ce0d4b-ec64-4261-a296-3282459b0d25}.final

MD5 030dd07949fee4d5e67e6885b76ccedf
SHA1 a83002727b38d84882fdc444a3f5d7fd7963acae
SHA256 95c8349deca56128ead6daceb682594a737a5af8a03b70065e1f2c6c4fb84209
SHA512 f094815a8ed89bb7e6376238142cc13887694fb184d9ffffdac56b7fae2bde2ce7acf3d50c0431d14ca2e03620526cc21bfe1b6c44b467e079e30e9dc3a8e87b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\56\{1c217722-a32c-49e9-bebb-650c3a145038}.final

MD5 5a85b3ec969004ce7b23e6712c04860a
SHA1 dad284278108abf777290add4971eb92142d52aa
SHA256 bfa4bd5ff49d8418628f3a3c0da5b6d8a95d5436168b9482d6de954c0fea74b5
SHA512 37d836d572226967995b3f20557f98e4e55b89c08fdfbddd4dc45a6d4ee90a24e5dc8276d0e1971d7b366712bba3382086183e1498b006905169b758e44394a2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\164\{0b5b72e5-daca-474c-8460-1eb83d6ffaa4}.final

MD5 3183686d3a59ab0d15fab2be7411e186
SHA1 22d29c6b9fcfa649773e12680f00d868e6714485
SHA256 2a1c50b6d5014af422db7ff5661a5a68cb0c27ee9cc4768c99502ada0eb63867
SHA512 eb7dcb18d20e28d283ea7d4cfdc08c0da81e0499089117ac068194b1ca2be661d380fe7d938d5828c42d711842bd3793b2dc2a3fe6285fab83b90be4fe3c7b16

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\77\{27cd5655-64cb-4d67-ae94-25a6acf6cd4d}.final

MD5 cedfd917c042bfd5faea22058d451ad1
SHA1 5a98904fbf1c9bea6d27f75c42aa49c66db8c54f
SHA256 9cfc9e25c7e723abf5c14049886f33d836c6ab91b40218920efbdc864764f3f2
SHA512 5f7513b881549aba1fad170019ddf45e780ddb6a576e08365f4c9ab2c8bf4e7d2d5053b1db4ec6a2af570de21a182fc8981a0790881172d8605c023fbbbba4d8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\111\{fae9f608-f0e8-4ad6-9a59-f81b708e3b6f}.final

MD5 5dac736054f1bfd6efddc9f8941f6513
SHA1 8d333e22dc6fa20e26c4732d5ff91c954433185c
SHA256 e1f390622425670904099ccdffe9b808e555fc402e7015697d49f9f22abf9175
SHA512 3ea570e7041a136d250e5e94c215b468991b70a6d6609ed27907aba24123e068e08559bbd96ca39a615a52dceccd524e3aa52702a8ad544f8a7b952fff935577

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\207\{737afadf-52ba-482a-b60e-8485aab859cf}.final

MD5 f8a4486578289f338eccea68bf578c6e
SHA1 6cbd17168a35b3f10b74a28f1fa3a83e161a7e35
SHA256 264c3ef4f7bc3f390875ca49d87ec35f9c4f0bbb0eabfdb38073951253ca721a
SHA512 e896ce1bbfd145a4c38f7e81a8afb12c3f354d5632f24f26cf19e8b5f1a466fca8d098e7277a4c0979170c37be25b6cdcc0654ae94f46908bde1810d4c03c3c1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\144\{d893bfe8-f077-4073-86b8-283e90e1e890}.final

MD5 329d8ae08d8dc87f86a511b55ecfc6ee
SHA1 46a40fb3e9c046870707b0a98fff5a53cb4857f8
SHA256 a61773d79b8fc91cde32c678a7e7b10cd7ee94c0023a83cce29180c032f5472d
SHA512 6940b02abfbf4cda7439f2b0ddbfb7b63fcc451b12d2a3fd4dee2e0d1f2fa3c23af1b5177d7e6f68db6252d5aaaa702838bbdfac9cbbb12b6588e9db535324ec

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\143\{3ae88c01-bc1a-4dd1-973b-61d87eb2ee8f}.final

MD5 d0d1672cc7d147f9f802ebefdb01e914
SHA1 22ed7eb147f695ec1df8ae6f43cb7787dd0ea652
SHA256 62efa98b135e5ef8779b99489ab8200b60026a5b1000ff3c997f3be230febe2f
SHA512 7f8ef8af3f57a6aab90ccda6ab1079e43630de11d14a780786a1b0f1ab057d7cfd5ab512b53ecd8ddd1bcc669fa56a0c260b2df421db64e3855dee7d63251a68

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\199\{12446afd-0897-4402-8cfa-a99d5e274cc7}.final

MD5 440b8569f0166adb464f65b587fc1864
SHA1 bd9ec70774c72144b24d6b025169adcf97f4100f
SHA256 7679aaa38924228f58794ffd76387e65f03fb1a7ed42ba79a369069f2da4c13a
SHA512 2a4d57dabf61b213de49a46569ad00401afeee417d28936851c1ea346d65d5019be0b8092d1857b58ca0bd0f2a1407452920a2f3e0a69688d61bef25b419fcbe

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\233\{f8360cf7-aac4-4e1e-b138-562f263588e9}.final

MD5 9f99c5db53c5fab1bcd32e05ca06def3
SHA1 6b898b3b757218e0bb43f98266f14ab2ecd922af
SHA256 99daba8f81f9cff4feeea76ecec876840213816b0b53a16c60b9077c640e6831
SHA512 36d66379ced9bb670957e4a1705b8edc22ff433c601c1acd34b96efa900d58f1971b73ef8c7ef0ad7e07d15fadc97b68ac182d4ce5f592b67cc5134976be4b9f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\8\{f2f9bc8f-58a7-411a-b3f6-92e77a5e6c08}.final

MD5 276cbe7276c7f3a0fc88eafb5ec6e68b
SHA1 de67587eaf19b38f2e9f02fa238219c2469605a1
SHA256 8f2a87983ce99d8418be2ccd1a0a69aaa0753c5086ba37d627a272b2b97e184c
SHA512 4f0d71b0dc2b94016e4983ef8e6288a57a2864f174b3be96809f0a6c4a755115cb198a22988f603e4dfe89f97616b39dae6c47662b2dbc359d40f184122611f9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\219\{1b763301-7cfa-415d-9376-3519dfdc36db}.final

MD5 06ce5d1f93456bf84d4fbc0a21d3c723
SHA1 e5af6cbbfee1f0f6664598bc5857bf8cdc1babfa
SHA256 0495e9f2a6dd37a787587b96429e7e96a5821085f53507861063e51832f853f0
SHA512 24380f9c2f3945dcaa3ef376c8c0d809ef73d5d88ff16bfc85b8f63cbfc9cdc21c2584f9866e835d93eefbc50ac7b692683c5073c6f92903a1f83b8181b8ad0f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 f7aead4839a7a4c4107ff1ae2b502f1f
SHA1 f96e84a586cd60d54267a4d70f047ce6e6bc23c1
SHA256 e1cade8f0f78ececa4a365f69365c3ebd7712d3a8d1504c5ead23e1c9d859433
SHA512 aa99b2ec26b68676d345bf4e9625efbc39d3f63978d72485fb634d44a61735dfb76f489c2839e0a013d6d2e95ba1cc3179ad4717e07e2e8bdd1252b267ac2601

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 cb5865c4cead8302860011eab8eb0e7c
SHA1 de7f8a4ab12e8bc9e864ad2f7394dc1b59f633a1
SHA256 b840b573dd8c53d9da30bb89af84e6d09e2b51bc0c07c29a85c59f0b4f06071c
SHA512 8703887713ca93a3b84b911fe2017443d22a31cd73bcac63670c14998fd3c1b72f2104d13663094c4c3f019b7666da06dff7ed45859d65e49015bb844c23b3e2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\211\{c6cc5b0f-c5ec-431c-80f4-e2e2197742d3}.final

MD5 7a7dd221ff78889b7017387bdb433ec1
SHA1 f22cc2e0eea16a6dfda390554403e44fb060ccce
SHA256 14c1f968945350312d91937ccd56459426379c98606189a0b091aa95faccf919
SHA512 a6f14ee7e123dbbd0367191b0d8befa0eacbae6f61dd753cebb36af05d761b9b2b8aeec487cd93aa7fea2081719250f5d1d83604eb256acc016be957b0cd82dd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\233\{baec3ec0-9bb3-4575-bccd-ab1dcf0f86e9}.final

MD5 49eb048dedb8a619476b0fd5aae077e5
SHA1 d64eada3de96fac11291c9ec8e53b7dd61a441c6
SHA256 b2e1d5e16e2b58d707f32132a4bb2b981a7df6984c2c5a8f4a3645bf8adea153
SHA512 98ae34ceb254b4af1dfc5d7c2c57407ec06d3007392a5fd35b8bc9331b05eb55d6775aadb0ec0f3d4cd837ab93448d35a54dff2051fbce17830a26f5e690942c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\98CA9FD1F99828DF3DEC37897A6F8FC665F118F0

MD5 4cbbfbcef4b96b1dcd6b4873a6536f77
SHA1 1b8ca8149b2c96ed73776e66d1c7a5b5b558840b
SHA256 173902d0df22b5a2a0fc050bf4a8c3b0b385412da4258003251c42b58bb09848
SHA512 3dd1b5091c8b5ab7061b555e547926543dd6a9a0794d15ea6c2165bf0e55ca1ecaaf91f75c307cacf9465fb61fc379d8af33dd70ee227a946f466eab4f660a16

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\576A6D6A03D40A52B615749F8BEF2A2D653647D1

MD5 0966088ab7d9879e9c14ce32d51ae4e8
SHA1 67f8242659177816b0ce0d97a4bdce9ff6e621d9
SHA256 8c9d1b3d9fa6ea134b70ad72a3eff8551cc2ecc46fd209504664f9cfe6ea371c
SHA512 6f8fc0862bd7e029697637269ddf1012fc13c7470597bfc6f7fffa0205a52f96ad355be63a2ddbadf2ce870d7dbbf782fa024ecb026b15ca52a12e2b54caa39e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\prefs-1.js

MD5 f1560884ba9c2c4f07020e333209ff6c
SHA1 ebb239318e55751a10a795154e70f4c414532333
SHA256 6abfb3443f99895d969e4935376e506c6da2e89cc7497290fe4d2285ac147284
SHA512 00c8f2f01e4a808d44f75219874e964a752ae3e51bf5727acb5cf8a56554e1106a2a1005a2a5bffaefd86f74615e011090ad1af0c01fe0f34f58412270dacce4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\0AAA8127F6C70BDCCE94DD3D31DEB22471782D23

MD5 aab3f36504005f4bce123f2d2c770f1c
SHA1 db50f26861a008576e22e5e5716a62ca00206d78
SHA256 dea3dfb1b19d0c06d84e58ce294212733a7588c5ddb5a7069aae35c12bef24b2
SHA512 ee103b0e22c48875d71feb6624dafae73222a5596f52de4308ac7e06cf14524a6e08904037d7543011a391db06356de6e605f9067773d167d3cbe86473b6d0d0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 372219b1b800c1385859f433a3eff2ff
SHA1 282d40f535fed098ee594efcedefa217d4195ddb
SHA256 cfe08ff07fffe31bfb2fb1328a851282b54a51296a9a75066c34cf9afa758987
SHA512 07904f40952b8e164ed7bcdeec7b0dc6f6c1954d12b9c5af29e1594dffaaf34e3c4e46503e2dad31a164a7bb8a5eb060c927e35bc55a230374167c45259795e7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\storage\default\https+++www.youtube.com\cache\morgue\147\{7837dc94-b71a-407c-9c2b-7c460c1ff793}.final

MD5 42c239eb6c39dfb287f4856e12861314
SHA1 71af25530072b14b3e98b3c7d42545cac8ec185f
SHA256 3a214e568cbcb82d5c3bbb1ed72638556d3aa6734c1cf4e2e74622b6abdfb778
SHA512 399aa9669e2cc16db4d1ad90c6d2081e0ff79db4b0aaea932223475a6d1ef40d2c5b3ae8481deda2824c8116687a6a29d9e68c26466f323a98aa6a685c66fcaa

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\244C66E08F94A5F3B0A280FADF3C0D33C8B38E4F

MD5 4b709e78b2ea97b5d701e90a83faf43d
SHA1 390e8e05c1cfc7a85d9e60275e70b525c259c2f5
SHA256 0433aed85e746f8f2cb1be9d26ce342aaa64ba0e44e2a96ad6f5627c41818b5d
SHA512 0d7486f52db852c8086210da8c91edb3e01dfc856b54022745735cdc44bbb5ea5823c8f0bba069afb7a12787566558160bc008588bb3fe529afd36b7b12c9c22

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\B73CC9F25D20FBDAA18B302AF1CF8316B8079DFD

MD5 22f12a1062efeee03669f691a0a04c0e
SHA1 a33392d336b154ff3e7fb45da9c27bfcb570e318
SHA256 feb76936af4dd7533067af8a75b488bded9b093d4d63491fb56e35678cbbcc61
SHA512 17e073cf60bcbbeeffd40ccf073d53b97056a25cb6f7fb22ce74b4d64e88110d2c077d980bbe8e0621462ce358ec3703a1376a6f2a5e620efd64f2081320438a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\9E747F5C69FAFD806C2C3ACA7ACB0AA0EA32B59D

MD5 bd8a42b89426d55b17473e7bbc5e62fc
SHA1 6b9219dd48295cebd0b388e8584d31d7260d681a
SHA256 415a662e7fe5e0a9248b0cf71d22a2793ed1786a0b9c268bc3c9296381aeaba0
SHA512 d7c5b9acafd2ff8575f6189d4fc90f3489ea5d42b9a59c690d7715b36bf7d6a76fb2d0e6bc44c80c4e5af38bbe2b3823f0dd24cb6fa2ac96ce194df9e8592117

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\644B0FFFD44F88AE420E3DCD37036E4B07B740BA

MD5 2c3dc0d4e0eab2074a5d83004f1f9227
SHA1 8ef191ce8aaeeeb65a23f96d22c8cad5a93225fc
SHA256 414b83a1a36a7e28b73a67261b9654ba6e967cc90208cbc947ad8e7bcb5c79d8
SHA512 480df3c95983e4996e9c9a069bf175207fc9a17358393add2a4dd95d97165b44ede1319644bc5a961856ba72ddefc044b222be51b44bbe4765bc2012e279ce53

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\datareporting\glean\db\data.safe.tmp

MD5 7f2d8fa9e588c32ee72bc71953668b07
SHA1 7bf8901f14ac479282c43269c8fc7e073f78ddfc
SHA256 b06f0c36a06a73d0bbdbd8841fc487e04d4d239e91abb30eb90575464bfda7da
SHA512 f9f61d7f4bd928a7a09d51dee22c1e13ce74346323bd1853dd97e3beaab3c46839d6c5b87913a9941dbebb08e0c0bdc41ee5445076e67c3700a08087d7b5eebb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\datareporting\glean\db\data.safe.tmp

MD5 8ec805213e471108f425ffeb289c40fb
SHA1 b69f105c48c632fe03501712fea9a0154ce03f30
SHA256 1582a4a72607d4502129ffe5ef3f4294f77c0a6492134edff760c9367f38a980
SHA512 1bace440f9b8b5e74b3f171cdb2d964a38bd4db07ff0fe17baf67a71f78eea1956d51bf460570e2abfc482692e692c6e012bec4571953a4d9b3578ebabfb4b44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\6dd44cb2-63aa-4694-bd19-ccd3311ec0ce.dmp

MD5 3ec502fca7438b637656da18f60105cb
SHA1 1ac8053f0069334e1ac2f3821f9ca71f384afca8
SHA256 320871fc2a0a318ebf25eead16266b8f99d900ed1bba2a62c6b6fcb3e86256ee
SHA512 2f509fa664d09a372037b5f8a94d53b7e2493da740c312ad7af2aca207bb18c76dd4f0165dc4f5fb1046ba524cbecc98be2de49d606ceed4d20a45a163f047b1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 eda3856784611dfebc6dc424800aef9d
SHA1 5c17cf773d104bdde902ce0fba5fe5dc2f137181
SHA256 623f4273ce562118a2c9e6e802ebc592254e7adcc4a42cc8b1c6ac70d11d9640
SHA512 d141be069b897dc37d13b1191cf5ad56c37fe7c929f0c43640e32b312956598a3487385c4242fed964b829bf1f1fb5c72fef90fa5a55dc4da8f69e8d213a40f4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 89d3623f203463a0e442c8c66f1805be
SHA1 e7c86ff353930e43c49cdf48a6dcd01b39cb7f19
SHA256 b757ebedfdd3a8dc43a63ae7b04718b5e64bb1eea467326bfb273be23b58fc3e
SHA512 8d5bcd627af36f5eaa467003e74952ee78596e8274cb224c683e63b8e71fd7f9a9688e116e04c6ef0d77d7265b8e10fa02bd5eecaec4244ae463f7dd1fffd668

C:\Users\Admin\Downloads\AxoPac.B8lodzUt.rar.part

MD5 d8fc6cbaa2659d10c2bcda1dea721b6a
SHA1 f74bd78058952b29c4737cb1a8fdbc077df57c86
SHA256 78c1e3f05f9e64455263a6d2c861f0b39be896030e1368f11ad1f2b4f63a4136
SHA512 bf31347d6f0d8531b47576a3eb47d820bb6ed81cfe37909bb0deb0d2f14b2dcdf14f128e03b44c0f1fac39bbc351acef8962ee6c1226ce213689abc5d1e04246

C:\Users\Admin\Desktop\AxoPac\AxoPac\ASP.NET Web Pages\v1.0\Microsoft.AspNet.Razor.ru.1.0.20105.408\lib\net40\ru\system.web.razor.xml

MD5 398dc059ac7b960a31bba803c6d4b7a3
SHA1 dfac62f6e4ac50a0029031244fc5a1469ffe90e8
SHA256 943feccacef5fe23b3daf662594e3b45fcb8bc1caf25ea1c474721921caa9488
SHA512 f3bb82690b39dad744be9c403f7efcf2c40c903f85be013fff4b1a2ac77e8d59e77bc1eb9989134f800fba3d9bcb987485a92b719386750c70dd7fa1acb533e0

C:\Users\Admin\Desktop\AxoPac\AxoPac\ASP.NET Web Pages\v1.0\Microsoft.AspNet.WebPages.ru.1.0.20105.408\lib\net40\system.web.webpages.razor.xml

MD5 9c8531c1d5f692cd921c8a56d85bc85d
SHA1 801b699bec07e93fdd05469f15cf80be4178e409
SHA256 16953fbbff24c3d927e5640060948da47c15a32918ecb2fc4f922a82b3fcfa9c
SHA512 3e7fbce84ca7bc96d46ffc3b4fc7acf21d962d379589125a6515178693c379eb6b5833e428ec11f106e9b807147c698e898840a20a8189a01baf76ace9a1f719

C:\Users\Admin\Desktop\AxoPac\AxoPac\ASP.NET Web Pages\v1.0\Microsoft.Web.Infrastructure.1.0.0.0\lib\net40\Microsoft.Web.Infrastructure.dll

MD5 969d6caf273394f064475292d549516e
SHA1 91f688c235388c8bcee03ff20d0c8a90dbdd4e3e
SHA256 fe18f4259c947c1fd6d74f1827370e72d7ad09aefb4b720af227333583e0169f
SHA512 b4f6a614e5fc52850e3d02ebf7e85abf1ebe3fb4ebd6b4f03ec9dc4989cce88e44714ca2198dd7e632f5ed0f15225a68b31052da33e5ac3ce48a1c91c3c04446

C:\Users\Admin\Desktop\AxoPac\AxoPac\ASP.NET Web Pages\v1.0\WebConfig\System.Web.WebPages.Deployment.dll

MD5 f9efab153915541f6cbdd147f85f9842
SHA1 5d923740f2377298ad917eb9f5bfb45e0b1465fb
SHA256 130fe2b8282263c77d9bee89d636166848291432696c449d708c819b17bf053a
SHA512 74890a53f2b0b73816e5155fb2b48580fa1dbf3e35077e7915d96ae57516c5da2bbf968978ae134e12754039a5ada6f8dfbcdc121cab9b887a6d4d259b68f3ba

C:\Users\Admin\Desktop\AxoPac\AxoPac\ASP.NET Web Pages\v1.0\Visual Studio 2012\thirdpartynotices.rtf

MD5 b0ac92e72b07a4b37d66f0264e3373c0
SHA1 769dec94ed0bfcb47e68026aa01e80a26943ff38
SHA256 5a0792c375031840221f1737ba389b0d6dac373b118a107e50fbe78fe5f4ba69
SHA512 716c37b16c577de53b7f6e3934e09ae329e138a8a1725d60e9d8907c43c4400918a31b12ae173644efc25ccc9bf7cb332a3042c17386a3724320ab977a7ded52

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 da3ad30e6faa043be2aa4896fb11b204
SHA1 4fc297c51f1e65fd1b6adcf56b43f8c97f711b8d
SHA256 df0bb9a8218109facc6eb1fd705986717d643c9b4fd399ddf0ea8f05efa61f5c
SHA512 228381d3200ef39dcb2744df116afa2d3006f4644b694e62c74f81ac8fddd4bead072f1b071a0461260d6e9d2698ca60f1e4a06f83742f91fb936054a531151b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 6b38fa9809ff0d18bb7f087f78312df5
SHA1 dde6b4400229ea2a2d5920db004f84c069fe59ef
SHA256 c97d4fa6020dedfc3e4a97df206072a7c43e515e8166e2fe12c1e9067948f41b
SHA512 30a8b61142ecb0a5852d86311db3d69ef2178063aa5368b493bc08ff387e005be56aa4c521eb66802d85310f2caf04230afe21f8ce76cea55aed331a36e82992

memory/8504-8524-0x0000000000400000-0x000000000045C000-memory.dmp

memory/8504-8525-0x0000000000400000-0x000000000045C000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\prefs.js

MD5 3bc184881b89a81304969187eaaa03fe
SHA1 06058e54f89df83c122f4d2bd2dd31d68766c1ca
SHA256 31df818f70ecaaa9e970a540bc7060351c18b90c0d1fa827b430ebe080717627
SHA512 e1d28791b2ab6fd611c74333bfc6e06e8943ea81a880c99225352ca7ba112fedcd8246687a5c060404b856dc0759a44f1ffe5ca9f9e6361c23013dd7edbb8515

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\prefs-1.js

MD5 c1757dd1fab21eaf2aebf99db81db455
SHA1 1f1c4bf0a96fcccdab71c3235d094800a3a1d93c
SHA256 cba4c3de18fc58289ee0d76492bc880b8934740501dfbacb0bc9d331320eca3c
SHA512 e80dc345f6fd3e3f860afde8362c0d171dbe8fc4b61319577b32d857b875c03922c3aad10047cf2ea226731b0f0ca3cd4204b72794d8486598155c317b703320

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\9CDB308B0CA102CE2525616F079E60F67E7BACFB

MD5 fc1c53cb4deb3baffb85915950f652b7
SHA1 d3f649501eff71dcd6966508d631873a1da7f4da
SHA256 a28738a80ccccd0399a24707e01a23421cb58a061543bda96bf8400077aa53a6
SHA512 05b17eabd118474f4bd8d7e1b987aec3ef8633e2be6e1cad8a201eaad9c2c951037b022d7479b4863b0ff04797bef461f48250614c99c2e579401f3d65f95588

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\afyb4qvh.default-release\cache2\entries\5C11EFD53406106EADFA281DF7D7A81F096ACCCA

MD5 fd5f08dd49c8178ace88b6f713ff3d4e
SHA1 efcfa012e49d411ca94a2b113443b298d12e1c41
SHA256 1ef1dee4b88c75721635450066b92820f4fb1bf4c643547c9b72a1c28883302c
SHA512 85da24f20bb2c9b55b4a670761791f7b2ec4738a35a3e0167602e9adb82116b2eca3db7969ebb619d526961b81d30082de36fa6d344b026dcbd95b050464ebb1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\afyb4qvh.default-release\sessionstore-backups\recovery.baklz4

MD5 e8b5254b0bb4c47157705e5069b1e197
SHA1 d6de9949aad27090659a8a9382cd361d99b40d58
SHA256 4d32e32c5a178280df7f9a2ae43a359ec59d1b16ecb4746fa5191f7e55c3d80b
SHA512 9d1acc4c4dbd13694973486f582867490d657c586076128b0aa25180e5452e3624298975385218cf73eac265bdff5463e8d9f0ed9514610dcb3236e3fde2f994

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 1dd17358f194f6c63988e366b08ed36d
SHA1 fb6ae281430da0023e803776657d1fe066524de2
SHA256 f0cd98aa281f28ac2a533a08f4dd11fc31770b049a3174a6e1c1b6e489a45c2b
SHA512 00338b06c78a9b36e1bc875ca498166f3840f261b4fadec2e1dcc6d21ada0f09d55220a12989a5435c66c4a5532e063b8957c6740b8feb4770a661108cbbb0ca