Analysis Overview
SHA256
9f098d5c54a0f9c475338c3d5df4ecd2e027dbef2c54ed14df912fceb46ee6ee
Threat Level: Shows suspicious behavior
The file 3119e27ef4665f22b41643a24f89fd6f.mp4 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
Detected potential entity reuse from brand STEAM.
Drops file in Windows directory
Program crash
System Location Discovery: System Language Discovery
Browser Information Discovery
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies Internet Explorer settings
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Uses Volume Shadow Copy service COM API
Suspicious use of FindShellTrayWindow
Uses Task Scheduler COM API
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Suspicious behavior: AddClipboardFormatListener
Suspicious use of AdjustPrivilegeToken
Checks processor information in registry
Modifies data under HKEY_USERS
Modifies registry class
Suspicious use of SetWindowsHookEx
Checks SCSI registry key(s)
Gathers network information
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-02 18:50
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-02 18:50
Reported
2024-11-02 19:03
Platform
win7-20241010-en
Max time kernel
422s
Max time network
438s
Command Line
Signatures
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | drive.google.com | N/A | N/A |
| N/A | drive.google.com | N/A | N/A |
| N/A | drive.google.com | N/A | N/A |
| N/A | drive.google.com | N/A | N/A |
Detected potential entity reuse from brand STEAM.
Browser Information Discovery
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B5311E11-994C-11EF-BA45-72BC2935A1B8} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\MINIE | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\3119e27ef4665f22b41643a24f89fd6f.mp4"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2ec
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7389758,0x7fef7389768,0x7fef7389778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1108 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1496 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1604 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2312 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2332 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1388 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3232 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3092 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3592 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3712 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3780 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2612 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3384 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3708 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2360 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3604 --field-trial-handle=1356,i,4618948317493998755,4855373404315175221,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="824.0.1492977166\1462030330" -parentBuildID 20221007134813 -prefsHandle 1232 -prefMapHandle 1224 -prefsLen 20847 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9bc666b2-a605-47c3-ae96-f5cddcebfe97} 824 "\\.\pipe\gecko-crash-server-pipe.824" 1296 41d7658 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="824.1.1981036998\171525016" -parentBuildID 20221007134813 -prefsHandle 1488 -prefMapHandle 1484 -prefsLen 20928 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2fac02a6-b9e9-4258-958d-a547b984bdd6} 824 "\\.\pipe\gecko-crash-server-pipe.824" 1500 e71e58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="824.2.1572377968\948152349" -childID 1 -isForBrowser -prefsHandle 2096 -prefMapHandle 2092 -prefsLen 20966 -prefMapSize 233444 -jsInitHandle 876 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3f366feb-a363-484a-b028-54d88df8125a} 824 "\\.\pipe\gecko-crash-server-pipe.824" 2108 415ad58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="824.3.1710228544\38346808" -childID 2 -isForBrowser -prefsHandle 2652 -prefMapHandle 2648 -prefsLen 26216 -prefMapSize 233444 -jsInitHandle 876 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {cd7cad46-afdd-4c61-8ed3-8e48ce726c4e} 824 "\\.\pipe\gecko-crash-server-pipe.824" 2664 e61558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="824.4.1097385530\1343032594" -childID 3 -isForBrowser -prefsHandle 2928 -prefMapHandle 2920 -prefsLen 26216 -prefMapSize 233444 -jsInitHandle 876 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b7075fe8-2b95-4d6f-b549-2c824b3a3a76} 824 "\\.\pipe\gecko-crash-server-pipe.824" 2948 1be7d458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="824.5.1688916043\72715766" -childID 4 -isForBrowser -prefsHandle 3780 -prefMapHandle 3680 -prefsLen 26351 -prefMapSize 233444 -jsInitHandle 876 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c95c5fad-4bcc-407d-9ca5-6d6699e9d65d} 824 "\\.\pipe\gecko-crash-server-pipe.824" 3788 1e5bbe58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="824.6.44978561\362382808" -childID 5 -isForBrowser -prefsHandle 3900 -prefMapHandle 3904 -prefsLen 26351 -prefMapSize 233444 -jsInitHandle 876 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b75bd96e-9190-4502-aaaa-c3166164afc2} 824 "\\.\pipe\gecko-crash-server-pipe.824" 3892 1f283258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="824.7.177325746\1111918852" -childID 6 -isForBrowser -prefsHandle 4076 -prefMapHandle 4080 -prefsLen 26351 -prefMapSize 233444 -jsInitHandle 876 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e3cf2e1f-0528-4083-9bf9-f052b08461c9} 824 "\\.\pipe\gecko-crash-server-pipe.824" 4068 1f285c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="824.8.515366737\571183107" -parentBuildID 20221007134813 -prefsHandle 3724 -prefMapHandle 1700 -prefsLen 26356 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d2b483e-98a1-4b34-8686-d4456e73f4e4} 824 "\\.\pipe\gecko-crash-server-pipe.824" 1788 1cb6ab58 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="824.9.1843094209\1264412656" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4436 -prefMapHandle 4448 -prefsLen 26356 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {537fff29-80bd-4719-8f7d-c1c3f127e81f} 824 "\\.\pipe\gecko-crash-server-pipe.824" 4456 1cb69c58 utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="824.10.1043806411\1525137115" -childID 7 -isForBrowser -prefsHandle 2628 -prefMapHandle 1924 -prefsLen 26356 -prefMapSize 233444 -jsInitHandle 876 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8048f2be-339f-4e9b-8aad-e28a0a57de35} 824 "\\.\pipe\gecko-crash-server-pipe.824" 3460 1fcb3258 tab
C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe"
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2684 CREDAT:275457 /prefetch:2
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.0.706925464\288396480" -parentBuildID 20221007134813 -prefsHandle 1144 -prefMapHandle 1136 -prefsLen 21236 -prefMapSize 233536 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c51aad8c-941b-41dd-884b-be4fc923d3e6} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 1208 f4fb358 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.1.370508713\632206487" -parentBuildID 20221007134813 -prefsHandle 1364 -prefMapHandle 1360 -prefsLen 21281 -prefMapSize 233536 -appDir "C:\Program Files\Mozilla Firefox\browser" - {365ff1b4-6779-45f5-98a6-181d7d090f10} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 1376 3d33558 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.2.1897156774\373614523" -childID 1 -isForBrowser -prefsHandle 2076 -prefMapHandle 2072 -prefsLen 21742 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {64293369-cd20-4a88-8a91-83eba0251412} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 2088 1a146d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.3.1927870419\479883584" -childID 2 -isForBrowser -prefsHandle 2352 -prefMapHandle 2392 -prefsLen 26927 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a7b9786c-eb11-410a-b85f-2c5bcc5bb5f7} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 2416 1adc7858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.4.422017827\612319915" -childID 3 -isForBrowser -prefsHandle 2392 -prefMapHandle 2420 -prefsLen 26927 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {04a5a689-7ec6-4cc6-9cf6-2a93b98f5717} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 2748 1bb92258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.5.203590731\772297303" -childID 4 -isForBrowser -prefsHandle 3456 -prefMapHandle 3468 -prefsLen 26927 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ce0abd0a-9c96-44a6-9a2b-96b891e68276} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 3500 13da1e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.6.537038673\997227598" -parentBuildID 20221007134813 -prefsHandle 3640 -prefMapHandle 3476 -prefsLen 26927 -prefMapSize 233536 -appDir "C:\Program Files\Mozilla Firefox\browser" - {58014ec2-3371-4b69-87f8-8d03e06ead65} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 3696 1e8c5c58 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.7.1447999084\124415049" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 3832 -prefMapHandle 3868 -prefsLen 26927 -prefMapSize 233536 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b3084236-09d5-4d58-843d-349ba3ecb4c8} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 3880 1e6e3758 utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.8.1182237507\1495633326" -childID 5 -isForBrowser -prefsHandle 4020 -prefMapHandle 4008 -prefsLen 26927 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {baec87a8-e4a0-4111-a8c0-485baaf71ece} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 3900 1e8c6558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.9.637226862\2129981" -childID 6 -isForBrowser -prefsHandle 4128 -prefMapHandle 4132 -prefsLen 26927 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3ca356d8-1881-4ecb-97fd-360a14366295} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 4112 1e9e0658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.10.1949390958\618292601" -childID 7 -isForBrowser -prefsHandle 4296 -prefMapHandle 4300 -prefsLen 26927 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9c1e709d-0b2d-4095-8ce2-3890eabeda31} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 4228 1eab9658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.11.509239960\1306044574" -childID 8 -isForBrowser -prefsHandle 4008 -prefMapHandle 4020 -prefsLen 26927 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1c5a761f-e376-4bf8-a0d9-8a84975bd200} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 4468 1e6a8a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.12.1104832629\972337966" -childID 9 -isForBrowser -prefsHandle 4796 -prefMapHandle 4792 -prefsLen 26936 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7d4899b7-7589-4425-993d-f9dee6ffa254} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 4808 207a8558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.13.1570577975\1333245181" -childID 10 -isForBrowser -prefsHandle 2376 -prefMapHandle 4136 -prefsLen 26936 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c9581ed4-d42e-4300-9da4-fdf0ec0ff405} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 4212 10d22b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.14.108840610\2100670774" -childID 11 -isForBrowser -prefsHandle 8448 -prefMapHandle 8452 -prefsLen 26936 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c5a10ce4-9ab0-423b-8bf9-87992593a169} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 8436 1f7bba58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.15.1727271820\717775704" -childID 12 -isForBrowser -prefsHandle 4284 -prefMapHandle 4280 -prefsLen 26936 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5cbd8d17-f3ea-4d86-9deb-edae114061d7} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 4536 10db1b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.16.414628182\371304173" -childID 13 -isForBrowser -prefsHandle 8296 -prefMapHandle 8420 -prefsLen 26936 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dccac0e5-c5bb-4846-b6ce-7db360ca5ae1} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 8284 18660158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.17.899993184\1134903262" -childID 14 -isForBrowser -prefsHandle 8120 -prefMapHandle 8116 -prefsLen 26936 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {50e79650-39db-483b-9b59-e4672d0dfe0e} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 8132 18660758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.18.1072328040\1759683043" -childID 15 -isForBrowser -prefsHandle 7924 -prefMapHandle 8148 -prefsLen 26936 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {30219b8e-d10e-4dfe-92fd-1f100dc47a0e} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 8212 f62e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2348.19.1213866577\1024651971" -childID 16 -isForBrowser -prefsHandle 8328 -prefMapHandle 4544 -prefsLen 26936 -prefMapSize 233536 -jsInitHandle 868 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d5984ba1-5125-4d26-9717-a183a687d5a7} 2348 "\\.\pipe\gecko-crash-server-pipe.2348" 8340 10db1258 tab
C:\Windows\system32\control.exe
"C:\Windows\system32\control.exe" panel
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\DrvInst.exe
DrvInst.exe "1" "200" "STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot19" "" "" "61530dda3" "0000000000000000" "00000000000004EC" "00000000000003DC"
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.187.202:443 | ogads-pa.googleapis.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | udp |
| GB | 142.250.187.202:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.178.14:443 | play.google.com | udp |
| GB | 142.250.178.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 172.67.143.125:80 | youareanidiot.cc | tcp |
| US | 172.67.143.125:80 | youareanidiot.cc | tcp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 104.21.95.69:443 | youareanidiot.cc | tcp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| N/A | 127.0.0.1:49544 | tcp | |
| N/A | 127.0.0.1:49552 | tcp | |
| US | 8.8.8.8:53 | api.bing.com | udp |
| N/A | 127.0.0.1:49842 | tcp | |
| N/A | 127.0.0.1:49851 | tcp | |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 104.21.95.69:443 | youareanidiot.cc | tcp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| FR | 142.251.37.163:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | tcp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | tcp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| FR | 142.251.37.163:443 | id.google.com | udp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | udp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.213.1:443 | lh5.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 216.58.213.1:443 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| GB | 142.250.200.46:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.230:443 | static.doubleclick.net | udp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | bonzi.link | udp |
| FR | 151.106.4.82:443 | bonzi.link | tcp |
| US | 8.8.8.8:53 | bonzi.link | udp |
| US | 8.8.8.8:53 | bonzi.link | udp |
| FR | 151.106.4.82:443 | bonzi.link | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.kinitopet.com | udp |
| US | 8.8.8.8:53 | ghs.googlehosted.com | udp |
| GB | 142.250.200.19:443 | ghs.googlehosted.com | tcp |
| US | 8.8.8.8:53 | ghs.googlehosted.com | udp |
| US | 8.8.8.8:53 | lh6.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | lh6.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | lh6.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | lh4.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | lh4.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | lh4.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | lh4.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | lh4.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| GB | 216.58.213.1:443 | lh4.googleusercontent.com | udp |
| GB | 216.58.201.110:443 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | drive.google.com | udp |
| GB | 142.250.187.206:443 | drive.google.com | tcp |
| US | 8.8.8.8:53 | drive.google.com | udp |
| US | 8.8.8.8:53 | drive.google.com | udp |
| GB | 142.250.187.206:443 | drive.google.com | udp |
| US | 8.8.8.8:53 | 1526906943-atari-embeds.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | 1526906943-atari-embeds.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | 1526906943-atari-embeds.googleusercontent.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | store.fastly.steamstatic.com | udp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.cloudflare.steamstatic.com | udp |
| US | 8.8.8.8:53 | clan.fastly.steamstatic.com | udp |
| US | 8.8.8.8:53 | t.sni.global.fastly.net | udp |
| US | 8.8.8.8:53 | shared.fastly.steamstatic.com | udp |
| US | 8.8.8.8:53 | cdn.fastly.steamstatic.com | udp |
| US | 151.101.67.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | t.sni.global.fastly.net | udp |
| US | 8.8.8.8:53 | t.sni.global.fastly.net | udp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | t.sni.global.fastly.net | udp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.cloudflare.steamstatic.com | udp |
| US | 8.8.8.8:53 | cdn.cloudflare.steamstatic.com | udp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 8.8.8.8:53 | video.fastly.steamstatic.com | udp |
| US | 151.101.67.52:443 | video.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| N/A | 127.0.0.1:27060 | tcp | |
| N/A | 127.0.0.1:27060 | tcp | |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
Files
memory/652-13-0x000007FEFB9E0000-0x000007FEFBA14000-memory.dmp
memory/652-12-0x000000013F360000-0x000000013F458000-memory.dmp
memory/652-14-0x000007FEF7DC0000-0x000007FEF8076000-memory.dmp
memory/652-15-0x000007FEF5E10000-0x000007FEF6EC0000-memory.dmp
\??\pipe\crashpad_288_VDOAMXTEGCCUFFKL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | e579aca9a74ae76669750d8879e16bf3 |
| SHA1 | 0b8f462b46ec2b2dbaa728bea79d611411bae752 |
| SHA256 | 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf |
| SHA512 | df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 10db38b64b61095ab58d5df95a459293 |
| SHA1 | 6c0ff3959ea4c357a4571aa213469a7018d1e29f |
| SHA256 | d1acceb79ce6a98a93b709431e112b87ce3c759227196055af3360f3078cb921 |
| SHA512 | 53e15ed0f8a2617c3f0d804242dcf1134910f1df992d8ad7b63b1751e4ed7ea9c3775e3b4d8efe344156ca732fe46787dbae3c7bfc97261510e087cfcefebc33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 907d725bca6c97eaa79b9a37b3d4d55b |
| SHA1 | d283c5b8f7ce54efcd703ce66adc0a11afab2bab |
| SHA256 | f34eb3eb8f7b0024c58f213e4750fd7e4c4eec5ec41a063fe2cc817bd3ab4f22 |
| SHA512 | 4d99102a3f2ee5d21aa90959ed518f7c09c02ad9880e6b860d9bb497af1ffbcc801d82a2174d3bdfee40161854694b9fc6f448e039b070df73c5837d9a83acc0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 503766d5e5838b4fcadf8c3f72e43605 |
| SHA1 | 6c8b2fa17150d77929b7dc183d8363f12ff81f59 |
| SHA256 | c53b8a39416067f4d70c21be02ca9c84724b1c525d34e7910482b64d8e301cf9 |
| SHA512 | 5ead599ae1410a5c0e09ee73d0fdf8e8a75864ab6ce12f0777b2938fd54df62993767249f5121af97aa629d8f7c5eae182214b6f67117476e1e2b9a72f34e0b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cfd52296a96ba2e90c75d8acd1509ade |
| SHA1 | 2b34c2c74d5106a496944f4cdb2e73bc5c31be0d |
| SHA256 | b8fa8139968420df6e3cfd708a297a560b99f8732939a8c307546685d7a07099 |
| SHA512 | cfd0364262cb3b0a1decd202777924169e0d85befe4226a078e24c8eb930b1d9e4f8ed907c91765bc14c4a33fc1e4d718dfa57834f2f27b54646c7b2bbea7821 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 40fd300b339f61a2098fb8362f6368bd |
| SHA1 | 55c0b8abace354194b1b4ac51765127efee166f2 |
| SHA256 | 764465b2228169b1d4733ef98f88d7767264468c25353957a8212ca1f16da824 |
| SHA512 | bcfd99ed9aa0bc4fc28b2684f623e95b342c07fd8fe9fcd92ffb59ce5df4c0e4654d4b6835279505d241d98b508f6ac3abe082d1b9d1f009482de7c7f8389809 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 87ce06b0193281897023c4cfb922319c |
| SHA1 | 47924a8db27de5596d5bb2a44b6dc7ff1fae4aa3 |
| SHA256 | aba7184daa9d015330dff75d247b2a356832332c7a5b09b418dba612dfa2068f |
| SHA512 | 5a3106153704f900b36452be483fc45501db471cc05a4eaec269310e3fb1999594b3ff83414ba30cc2f204f7520165f54c675c279147cf2994ab5a616436427d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 48b03e6e15bbf3fc8202ad26bb70d238 |
| SHA1 | 5c57c0cb836877c7682c595df36d89ce73d10ef9 |
| SHA256 | a9e0d7630f610a555eadb3bd2ff31de0cf53ba01d532bfabf0427a32e8c99cc6 |
| SHA512 | bd517dff3f40d24719c5a506c196599639d5896f286587489e2af38c565e1443e74670e098d696d93522f619d3c28969127399ab9b0abbb5614d15d69c5cc12d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\d12d6771-26f1-4bcb-899b-72bd38245435.tmp
| MD5 | f4e2c252d5974d48ad5face5a5513f09 |
| SHA1 | ca624010528de5db7f30b161d45155da8169a265 |
| SHA256 | f1fccc998689e5a0f97f4126df4b33649b8a8b04af62c26162737432067d698f |
| SHA512 | b9c5518e1dae8cb3519fd9d48e4af10c57d1434d3e78a8c0edaebc8cc0ca1ad727ccf7b30826b3b9ffef440641a6bec0e58ec6da73dfe067b38392da372b4523 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\datareporting\glean\pending_pings\5da40a12-7ab3-4fa1-b565-4c9d54b60382
| MD5 | 738f4803ce6a9e462e2711ec2c2c1b75 |
| SHA1 | 9e43ef0a784ca43990def88846c6b3104b0428b4 |
| SHA256 | 9bd4555046795eb7d69f93b1d12d742f94fa9251f37c520d9d693a7f618aa0d8 |
| SHA512 | 76e4beba2b68dc4feaf0cc390dddd16273ebd99be7afc64239bef17a07d8498496484468e33bd122accd8ab2fc76fa1021bdd054ae92c9a6879c62b213e60bcd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\datareporting\glean\pending_pings\337988ec-0aee-4ffe-a34f-20550386f758
| MD5 | 7fbe3e813019ac61c16e50d5ed6b6248 |
| SHA1 | bf2d12a8888526d853e135c2a247025133ea606d |
| SHA256 | b5489259e77c64d2bdefacf6d08596fd204fb45893b6d2146db3e8b2c5821121 |
| SHA512 | ca513d44d14bbbf659da340a1e93ad426334d333fe115212efe55b851be574e6c58fdb41ea70fb79959537d8846f5c86601a0601bfe4597a7eb4137e97523398 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 14c58f3a095036c7ef887a4c27fcccea |
| SHA1 | 4583e7588ac17e4713746fe6e6fce067eed3603d |
| SHA256 | 3338b7901fcff7005ddb84527c3cfa85fd0d555d7bc75fbaca54063ed78d294b |
| SHA512 | 31849510d91d7cb86e21cc4b5c7f24cefe73f7e3e0d9e396b0e25f919fdd5aa0a2c080b3feed6d84592ba7b50859d67a5574931b0c1d98c80b4767397d6e747b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | 3a3383142bc8819394b54a667715aceb |
| SHA1 | 670484078d7add0fd7d76ccdd978ddfb5fc26e9e |
| SHA256 | 467fc3d30070414d3acfa3083d7618fef601f265d3147a6a29339ac8c6f50c2a |
| SHA512 | c3a4aa87c8f922b577f3d29b29d62d7e95e69682b071567c19e0fc466e1979a0618f6cad05f19ad3a82e17c339f98bbd1558ef4e64e5ef29acf94b13bc49ea1e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl
| MD5 | f99b4984bd93547ff4ab09d35b9ed6d5 |
| SHA1 | 73bf4d313cb094bb6ead04460da9547106794007 |
| SHA256 | 402571262fd1f6dca336f822ceb0ec2a368a25dfe2f4bfa13b45c983e88b6069 |
| SHA512 | cd0ed84a24d3faae94290aca1b5ef65eef4cfba8a983da9f88ee3268fc611484a72bd44ca0947c0ca8de174619debae4604e15e4b2c364e636424ba1d37e1759 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\prefs-1.js
| MD5 | 68220437406142c8c81af08d31e64dcb |
| SHA1 | 8944777245fe87a2eb674cfbf2f1e97dff78ff85 |
| SHA256 | 7e86fe2987ba23491b0f48bb5bc23834914697bc48414fd87ee78f8be1cc1358 |
| SHA512 | 45649f753693917296e3446fe4937dbf2695dc499d44a376ed94a21d24553e35cf4942d2c59262926a7b25df45cf182b82ad889bf4433cd5b4bbc1c9793eeff0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 05cbab869afdefc0607d4c78d91ab5c6 |
| SHA1 | f06e7713f932b86ae534979b83d2e223fbd87cbe |
| SHA256 | b0bd8f4d3b845119920bdd594bd8d217207c1af5c61cd747d624351a67bda0d2 |
| SHA512 | ee27f5c5168db045f7a478cfdadd121c6b1675495c5a85280520e4c771da973f690e47ddf60f47aa4fdfa802330521b5a7f17245e315737d917c73c38fb9c67d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\prefs-1.js
| MD5 | e9a1ac0057f534ce2a63adb103b0533d |
| SHA1 | 6dc310dc702a677a5d0784dce138076a5101a3ce |
| SHA256 | ee9c162435491ab1c7f9287544b560232d51e00bffadaa7c94622a5629c246b9 |
| SHA512 | 239a45bef3dc2be3ad302c5759d1169ab19ee53c71ab6147a2a7dc4f2985b9c5248d2c31c841768829dbed9afcbf1ac71673a4d500e148a1455d84efef71c8fd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | f97c4673b0010ab9451c7f6c2323b29e |
| SHA1 | 0dd04126e13def96d83fc47eb33598f1bbe148c1 |
| SHA256 | d84e9c83edbf11a6e6f82c4731e6f4b2135cf464d86f062f4064362c1843baeb |
| SHA512 | 2096a5bef4982bef537e406025e602518a2b8f5919cdd05d0dc558435c9aaf999aa4b643ce13de904735ad9c403459574872011d6099e6b05187a7d9ed5c171f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionstore.jsonlz4
| MD5 | 7e3a22e4a1f5403cc74ca792254c6ee6 |
| SHA1 | 7c82ddecb49545a4b85a045e3b5e3e8a448ed373 |
| SHA256 | fa00b772a601b2b849fb979970de9d82aaf433238b24749ec99c0772008b9a5d |
| SHA512 | b0bc2caa7d8f1f855ab2c7a3cda3f5f8a10c81460d1d92b7bdb71b5b1a6832de6fbfe556f34460598d698c63449c69c90b20b07841aef705744904cf082ae692 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\prefs.js
| MD5 | 6c5830380d5cf4745670d26ae5a3f23b |
| SHA1 | fe0ef4b693a0256109a633009a9c11a8c8b09dd5 |
| SHA256 | 2041c6a26d753ba3a93393495c84bb9113cadd424424e66773d83244753c63ae |
| SHA512 | 358dd81f8fae8a37a81a705803e7b64e08feef07698fc745e1c4836446b46ddb9f1eac0150bc57f66b56afb1749722f82d32a1bc2ea021fe4ef1134ea15f1750 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\startupCache\urlCache.bin
| MD5 | f88312ae8c2070454080fea6289c6bf2 |
| SHA1 | 385488ca57fb118e961e096e569ff0038d13f6a9 |
| SHA256 | cd99da437391d6feec0289b5733aaf5c9e22aaac7437d73700d243cd54dd4259 |
| SHA512 | 01ea763c9d590ae6d6455f27f04b38d163d7770002ba3fd2dee44add90ba421a9591ebd9a047362a16763ed75ff0077d6ec7bb826969fb5ca2339736efff6c97 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\xulstore.json
| MD5 | c64c353599fd3ad2e43607fcb5b4ebf8 |
| SHA1 | d47b687df6f60fab3f0b32dd20d54258b2b645d9 |
| SHA256 | c92da016f56b7aa125d9735490a7421c525e839d1e34c130d4f73915b08c8b44 |
| SHA512 | c5e25b4206a027d28ac6aae3fd31b9dc020febe33b7036885fb94d39b7378f3bf1d7f6df9902c372de1ea9505e7f4032ffbbf394bafc1cb87ed3b20fabae7b23 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\permissions.sqlite
| MD5 | 5d46917ad7eaa6da6d78d82d7df589f9 |
| SHA1 | 8e40dcd0c307c5a43b87655ec19bfa1bef684d18 |
| SHA256 | 9e648e4c8b03306aacfa86ce64e5ccf17ad0e15c07b5583e9ad3d78a2eedd90c |
| SHA512 | 4bcf9f26f4fd974c36f4efaf35eefd6ad7f6deaa37594d608b97c5b89fdd71336dbab12c4b539d1aeafa096514342cc0047264a2d1fb1d05a5f3a280044f4712 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionCheckpoints.json
| MD5 | 362985746d24dbb2b166089f30cd1bb7 |
| SHA1 | 6520fc33381879a120165ede6a0f8aadf9013d3b |
| SHA256 | b779351c8c6b04cf1d260c5e76fb4ecf4b74454cc6215a43ea15a223bf5bdd7e |
| SHA512 | 0e85cd132c895b3bffce653aeac0b5645e9d1200eb21e23f4e574b079821a44514c1d4b036d29a7d2ea500065c7131aef81cfc38ff1750dbb0e8e0c57fdc2a61 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionCheckpoints.json.tmp
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\storage.sqlite
| MD5 | 211bfb719c89ce3c50462d94b41df70a |
| SHA1 | 8e6977982358d7835141bd159035dc418457a7bd |
| SHA256 | 4b1bf413d3ccd5063ef460424a9a84f7e7cf01d624be5e2c29496330e556d1ab |
| SHA512 | 7b99d60f7b38bdf8bcb6b2a98541e0fcf0d2e45e1aa0941244cf2e8ef7106a392fee3b7ba01eb0c26303c85d3f21d75bafb09234d59cafe80b8ee73a95694cb4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cert9.db
| MD5 | d6da269205b226445e521654fd9db29b |
| SHA1 | fefe2e2bacb66ecfc7e09fe0cdede175ac24ec26 |
| SHA256 | 7be5859292293c103c655a1c2e47cd15491ec2b88f518328f0d02960c76da850 |
| SHA512 | 57625ffd68bae3b9491b3181a3f449b80847ac72e682bd10ffadf5a2618186c8ad83876f8d10609873822b480abc7830c93b184d6b775192869d1d03c9ad5eed |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\SiteSecurityServiceState.txt
| MD5 | df20424725859e168646d31be8557389 |
| SHA1 | ade699aa0e195897f35328d859a47f86b50d8b04 |
| SHA256 | 3ba590f2a980022ef4ecb79b9a6f038552ecb971feb611091beb3491e13d4244 |
| SHA512 | 5e4ada7eaba191d34a87553eb39256a0744d6d572948acedc50ae18ce8b9ed3caffc3cf9d7075f2efce6a341d1a89e14b1f2cc5bfd01421a50f62e7dee27ca26 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionCheckpoints.json.tmp
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
| MD5 | 5e28fdf29190221fa23448a4ff4faefe |
| SHA1 | 2195e327e3e6dd9157b79f2b2cd40f9b029e5392 |
| SHA256 | 123246ba4f7c7283881732c8b31c172219a690ab2c5e95b549292ca9047c9626 |
| SHA512 | 19eac3477b682e9baf87f76b20fb15593e384124ced2918e67d2543b61a0406bd8c1f3750b4caa4a359e7ad1f34b6e3c26c125dacd0fcad101e5294a2296be10 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\AlternateServices.txt
| MD5 | dc2ba93d2ff5c68f068d3312c18826c9 |
| SHA1 | 544f1d01a3e6fee3428e46a7a05d78f59a40d833 |
| SHA256 | 0b1322a6d69a4947280b6509c3444a000c182f92e83894fbdef52a505932c9f6 |
| SHA512 | 0209e8f800447116f643b1dd95359a9cdee85c0d93d6cbcb8e7b0315ceeecca71fe7a8f49cff58fb470d8126a00bdbc561ed33a0191b28e576148a0209f1fb59 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F
| MD5 | 44844a71c665b9c1f7cc15e1a3e3b51e |
| SHA1 | fba849526088225a77389c9ae41a9d160568794e |
| SHA256 | d3654314b303180f02acc225a47dc64e8ff8f2f800537ed80fde4af0fc480759 |
| SHA512 | 78844c9c38a974ee61d04faabf4e29374e936540bc165456b988eedf949b336a7e760251b9030cd63b5a7d0f1956372db763d8aa4e42527bbd00b5d729e6b00f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\favicons.sqlite
| MD5 | d4529790492f210e19958618e2d4d6e2 |
| SHA1 | b966ec7b12c0963eef2d8e9786f82034a543f40c |
| SHA256 | 06a25c924f213cc3dfd9a1b87b8efd6a603cea036028b70ef8bef0aefac6a43a |
| SHA512 | 2f9baacebc265f98594e14e8143ad515ce77df5768c0322be323df5ee906ee7d0cc0946aa2614dc8342df4274605b1da95bab4fce8566292811517ab16329b09 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\places.sqlite
| MD5 | 9406e94dfda365598f2d3bc9b4f3a53d |
| SHA1 | 70d8a9d2c3f606b01e0ad656d291b451d452129e |
| SHA256 | 7a078faabe39cfe5b937008980cb8bde5ef7c469de8b9b8b2038ff84b28ed4f9 |
| SHA512 | 54aba0314454abc889ba00abcc3d3f0e1eaad8b763fa6dee55f637c59a56e9d6e923f759827963911ed84c2af9a3f694587b373c55880a14db885f9e83d1a1fa |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\protections.sqlite
| MD5 | deeced8825e857ead7ba3784966be7be |
| SHA1 | e72a09807d97d0aeb8baedd537f2489306e25490 |
| SHA256 | b9f022442a1506e592bf51284091a8a7fe17580b165d07e70c06fd6827343a54 |
| SHA512 | 01d303232d6481af322137b44fef6c2a584f0643c48bab2836f9fe3193207015da7f7514fe338500ae4469651e3d9618293858ae507e722198a249257677099e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\datareporting\glean\pending_pings\91e1065d-8db0-457b-9363-f4cee6df7b3b
| MD5 | e799bd4d8a96877a5dad8c6fc558c4c8 |
| SHA1 | e6dbebf2630c14496293bc98853ec5af26b95898 |
| SHA256 | f7f32f4dc4ac465690c802f13a87e53d7e3aee5478a64355d88f9ed099d52476 |
| SHA512 | 2bbd67db5edd602570b260e73e33be810a989dc7e732eb1377f045dc03cf88707c14f35c8b4c6d55e7d7921cbd9d87eab8eaa44030b5acd9f762b47ce1deda88 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\datareporting\glean\pending_pings\55e24044-6eb5-4415-95a6-38654b867d16
| MD5 | 2e5c3b13584d8161a96a26c9cef2f9d2 |
| SHA1 | 557ae5937181dcd7365af30e1d42ca0e90d064da |
| SHA256 | ffacd0d75e23b30eee01e93e31358acea1bcd566a705d4c6ec9cb62cdf458987 |
| SHA512 | 6270064d25cb2db5cf6419891c975c3beb9e7441f78859850778294c92d32d80dc6d55c705f9fc3e75d2fa75280251a391617a222b93a6c9ed5432ddd3c1f341 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\datareporting\glean\db\data.safe.bin
| MD5 | a7b26017a602b0b162ebf965849bafa6 |
| SHA1 | 202aa5a8284cbdcb7f1728e4dd1a3be64ea782da |
| SHA256 | 691326456c9493ccad6e83dc6abb9e164532352cd518cdaf1e2473ed8f0aa1ea |
| SHA512 | f74587edfe9eadb78b61601827258946ce2e309faef3f2bb6f536a1abe3ca7cc670c799510444562d777aebe298a984f8f8e8a89073fe73931dbe983adbfd1da |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\datareporting\glean\events\events
| MD5 | 70884dd1559fd1771c5ac2fb304bd20a |
| SHA1 | 778c17f360d68c2858c89e6c6ef73c76604a1822 |
| SHA256 | 7f218c0b3fa7f0ae89d6343538f6bd256a21d1e997bcf23ce8ef18f61ffaa431 |
| SHA512 | edde0940c25f514633c744718f4071b38938eee2f8cafba6c2b92a4f9318e1c2bd841108954689d7e244722f8b044ae7c0d3527eccca3ad705cd344cf8fda935 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | bbdafdc20ef0efabcb763f450fae962a |
| SHA1 | 26cc87e40f06f992be1cdf9c51d16a9b4e1d072e |
| SHA256 | 9a812ca01a1fbc729f4976ebace03998f2e12617dca43782f79d50d280d00555 |
| SHA512 | 3192fee729930ae4ab2abaaea3d309e58f959946051b6069df9d4d44f1dc04df881e888065da1adfa1a19af713052ce1ce327dce40a1b6ae34c6ed774431d136 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\prefs-1.js
| MD5 | 203a94a2bdc250d8ef7f12757b7e6758 |
| SHA1 | fb97f98dea5de992bd1db4516529bd6ccf04d7d0 |
| SHA256 | 06e6f51484b8022c762894c125adbe800953eed1aa4e97a21b707a230df6188a |
| SHA512 | 5c2b6a885f65eae989cec43ce85c549e865347485914d8e7b6c523229b6a9ff9bb6cd9d374a52ee88cf08df0dbbaff756bf20c31292931fb30c96d67eee450ae |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 5f8b60d2787f928268b3db76b863e30d |
| SHA1 | 80153bc3541efbd51caf575a6eb9837e25169bb0 |
| SHA256 | b9d129b23ee77ab449ab285c557fb730946e25d89cae2a0747c81345b5170bc5 |
| SHA512 | 5e7a11a03e1b35d9ee52c7b1b29dc58959a877541cad36e6ed882ddc2dd0603bf0f9280b2421632205457afc17d83732f00064d1efe1b0881d21ae8ee8c92d6f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\doomed\28571
| MD5 | e5cb4b30d0580753f49eda249db97b07 |
| SHA1 | 1db3097469ed92e895751e29a67a4d8bd55dd082 |
| SHA256 | 3a2ca146addc9709b7e6702de8d1edf4b9a8509536e32b69088d8a0955358c03 |
| SHA512 | c2425cd55aacdd5d44b5928a62be94c367567edab53a5fbf0e9c466670a1592a9901c9bf6b0da865856948c26ebc079d126be99c7b56edb06ecfd85ed913c8c2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 9b9536bf0ab44c7ff65c03b5fc600aae |
| SHA1 | 1d21c71e25f857f3f0cf7aec888c58c1fc971dc3 |
| SHA256 | 7e43e0dad714531a8c6e223f707e5fc5d642ecd4249f15ab2f19fc9816b869dd |
| SHA512 | 2938c7f0fa9485049e90c6bbb16d535a1fa6e6f670bc0ad8f1267f3e641dbc8b0addfc6f7d2680c2a1dc2ba76d6b9deef1f269923738b43dc0465789e27debac |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\AB7AA06B28DAB5B8EA806B72062B8D9A2E6B2CD8
| MD5 | 1fd05044ef924cc78605c95ebdc0e6b7 |
| SHA1 | 4bbccef4b1aa1dadbdfce770fd7c89a47e11ca92 |
| SHA256 | 88b1673d70db57b0a0919543b89ba77b0e75f6df6225fead38ea1e1ba3d8f5c5 |
| SHA512 | 178931648d9e78f2d08b933134e55847f54b6a993f196ad255c671791dc313195e597e97025f0b87a79ce62037ddee83006a0d33fecc23b606aa7ad7a0d637c2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\90C75488977C1BCA1B0123151009F7D3E32F1369
| MD5 | 48b2b1adb53b1081a091d146bb2db824 |
| SHA1 | 853ccd047a1305f10952eb298d13a2ee0f57896f |
| SHA256 | 6af83f3b877d4b3e4f811c70ad70b16d778126f181efe1342d87aef2d3cba759 |
| SHA512 | fe37633251254d4fb9d9e28189883e3696e21d0fa3e3aec67f456087ad2fdfea969d5ba637b7cbe1b3b79dff5a3e8cc77ba46bf2be9bbf46b19eddf7679ebf3f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\85BBEEDFE8AB142FF1E746506597CB3E6D2530F3
| MD5 | 49067e7f352bdc52256fbaa798b60b85 |
| SHA1 | 2691316583c3d7cf37ab2970eba093dc680c34db |
| SHA256 | 40212b1e8aa9e0e82fc6b1679c9b3f9dfc70b0b0a4f0678e58221d9abc80cc6f |
| SHA512 | 597a695d7ed4895da96a8ce57f4ac511c5da64755b924e65085b3f7a80026c5685f55cd9ddd355cafcf47ec23478c6427c26dfb11185172a41c6cf360c216a9b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\77B2B1CC1921D4D8B230ECE2E2C427EB5E5C7235
| MD5 | 44badfd72c8291c4b08c1e078fa398b7 |
| SHA1 | ae1143d678a65161b54725050461f0df39be512e |
| SHA256 | 3f0fad7f8ff0b9136c2e6abf200598b1cde3ade856cd10053bce29538d0463e3 |
| SHA512 | c811a4eb728ac15d3abbfc56db1de3d37a3a51ad6c461bd8575bb6e3cfa09c9b767f7ab8c5f95e1131e33947bfcfc9fb105704aa52065e21ccb0346424be7119 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\74B59C6A1551D74BB99E6CB6A45B631D2D390D50
| MD5 | 90c9950c2d287809a684a460d353994b |
| SHA1 | e314bedcb7b04d8c47df5cd2b8205252ddab9f49 |
| SHA256 | 26cb07e16c45f547d10c56662e1d90a8dea12cdf9b7f0a5b1275e425cb30832c |
| SHA512 | bb77c15af1aca8f5a0af8caff9c0163264d2e5d676c089cc4b7869842bc2649740d7321adbb48e85e98b947122e773f7c7fb982d209d764552c05a634721e551 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\69DE0BDFC02DF25DFB739343DE3E0D62E1A2CD81
| MD5 | 285033fb544a197079f46def09beb2db |
| SHA1 | 4494fa66d15e7fb4a7d157294d786b1d544c7feb |
| SHA256 | d31019e9d5c431fb1c5ca1e66af0b554c4eeeaed4a9abcc26b44c33ecbe9e065 |
| SHA512 | 9c10ca7e0839b923d1cf8795ee47ff0baf7f658b33f9ac6633dc5666e0cf13006070d0744f7c90f3b5c580cfc0ea98630d4d803a7fa3ecbd99850061ea2dc603 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\64AD75C6CBA4C0539DF8C1BD85E390A8DF756E41
| MD5 | 7e4f06e67c36ff0ad833688962a68619 |
| SHA1 | ade183e720b984030f74752003f35267a6179fe2 |
| SHA256 | 4037f282ceb7081bd201bb3e8d608566c2766205b45753bac8121ef34e96821e |
| SHA512 | 2de7287fdb7479edc403f42f2c3520aecfaeda810e555c35c5a7953f6dfbd10a62bc04ad2cf7ea90a913ef86b5ac1863754ab56fab3e503135d2c52cfa4dcb6b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\4BCD1FF38DD0735D7A5F6CA2F9F96D9D2FBAB743
| MD5 | a455a09d5a0a5b82d48701fa9ca0c4c7 |
| SHA1 | e62947fb55521eae0233d81a973a3d1209a8f5b7 |
| SHA256 | 2e41d2970cda4eee7dcb75c8adaee3cbe751a6daee0330864beea897e924e62f |
| SHA512 | 0de7d8027dac7cc9229f2de4eaab9419218a126ee6f319fb779f4ba8ea5306039c94c3fe62826b32c10a588c598bed38ba493638bd15a9f5edcbadf3b0aab23e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\26D7EB16C54E879FF95BE94A78B7295AC84E1074
| MD5 | df11cc8e3155b23f9d44ce8cd53467d1 |
| SHA1 | 283f298d573275078eb8eeaea440f356dba8aa90 |
| SHA256 | a30be90b5f4558e6a97e97195423ad56a246b1850b78dd5a20e9fb275100a865 |
| SHA512 | 5ca89008a4910dd5e397a423e49cdaa2fe7232601981794dac653674aed33d4f037b062fbf499f77cebacb988272dca9cf2d1725df3a78b607a45f0bb7b50b19 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\25ABFFBD3350464574206F51A623A118CF97575F
| MD5 | 719b4d06a2537290ac1d63037d5ae81d |
| SHA1 | 7e9f6066d120b6e6d16eba6715ba506228e7779c |
| SHA256 | f9042ce68f10dd70b5350b2d5b783c812e583b19cecf0ed7ab2a368027876110 |
| SHA512 | e5a4e37632fff585252f54a1e7e64a568ada4e21b8ecc886354f95e0346ed5665097272873ccc86b00ece7da59de3255d617f7ce873ca5955a4156d37f613ef8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495
| MD5 | 44573d4605ec5dbdf50c66fa21c29e50 |
| SHA1 | d570b4b308d112bddfb6218f20ea6020bdd4e452 |
| SHA256 | 3f61bc33392fa824241dee1924d3c8e974fef6bb2abe8eefa7ec07dca9c1c950 |
| SHA512 | b3c3eb6c9b13e4ef0ad2c8c102440166d3e1c5d32aed53cb8bd56966b649d9b62f2dce872473821ded14fdec5886840fdee0846a786d13efd5b8bf64a54f723e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\205F688E3FEAEF1526A8C2C915F58188E0D6A2B9
| MD5 | 3134f7474386fdd564b1975cd647eb2d |
| SHA1 | 573780f8f1c602e9ee7420331410dd01b58efb75 |
| SHA256 | 6f7f14149327c9de0105a90ed08fc2c31146030e34fba09cace3465db69e54de |
| SHA512 | b8c49e8a80cf4d267683d5fc63da778769784581374237923767b5f801af4b9df1b31b17798f33307432e8b3ee5aa4b351ef06d93c0c17bed99016c2830bbe55 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\144AA4E7443BE36B6D16B94B788EE3638474D819
| MD5 | 00aca9be733724cca06b78fa232902b7 |
| SHA1 | 02c04357806496f7f0b45a4ff2d0f79f4aba6d7f |
| SHA256 | 4e387e8f9a320adfeabaae64e16439b96e48096ca371c1aae818484de524167d |
| SHA512 | a100e86203dd79a48aca21a44f92a9ffc62f7064cf79bc03f329efac9798febcaa33d46eb18adf18d5a331fb0d0c06a0d0a7897ad8a904dce55043a6ca0a5951 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\12D5C757950BF3C621F77F59BAF77E1BE177354A
| MD5 | 1a11066e219702f8fca9886d93dcc55c |
| SHA1 | 7799ba32b41e57bd99a112a3fb0540621cdeb52e |
| SHA256 | cbfe97005275d45e7b4b5bf068519eb846dcfc22cc0d053be3e2bce1a6a313f2 |
| SHA512 | 335452d9942631e1be7b2925751cb619667e8070fcdf36b56f96f72a129f9583e8130239f0e472dd9a4ebdb579aa06c44cccf6a927583ee5dc0d9a33c5be5f3a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\118A383CCC984B3062ACAD0BFE4DD879FC13A7BA
| MD5 | 7a3ad07baac86877ae7e4da3ee05b768 |
| SHA1 | 3593c6ad3b18497367fcc6b81fb63e4906b9423b |
| SHA256 | 19a899db78399042b546db917d8409a8215b7b3a7345e874087b50b1ec3a38d1 |
| SHA512 | f6f3a3a124649a3a865874c1db4d0004d6d869b37391e3c2115f6071cee3716d361e2dd573f6c0264cd14b1b77804b20164bde4a109b000861a145d9c221573f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\099EB2BF8827A4F91EAB3E38B14650D0205226F2
| MD5 | 0a7547759769fc6e93c310af9be8dfc6 |
| SHA1 | 5b5c1b4e24c165ce0618b12eca7df731f361cd00 |
| SHA256 | 4109415c4ef286e2ff02d1c05d56e02baa47e36a16764420f13a848839ffa82c |
| SHA512 | 812ac4e6db030d5dbd9ec6beadf77131f4986317f522b192e83218e49e9c4603d0921b7bbf74c27f515497152e27d3b7fd2baec17aedbfff7f86e96e216efe83 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\037778A55E1B7E9BED3390289866D09402D6C913
| MD5 | 41f429bd6e33a2db67e8637de3776617 |
| SHA1 | 2c163ef65bbb9a7dfb0faf3f4fc3d116a883fad7 |
| SHA256 | 90c3faa962f8d2ff65ce205f7dfb44d7a4409340f86eef8a418f48bf07f36b7d |
| SHA512 | 663bf91c68a516f92f33d70aa724bf78da718bf8fb75c06fbab7ec594e5b13a9ae35a9004e780675b30b9fb102a2f27c76d9b03a2baeb32aa0a7a62ca9f7d67d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\9E72CBAC390EAF4B4F9C98B9462CA016F0C0FC33
| MD5 | a79526099929acf96af77a2853087d0c |
| SHA1 | d3ec84597d2b64cc5f684afd3126ce055af8d536 |
| SHA256 | 27a66f888f8198b9f5e0c1bf35a88708433e9a6559a4a73863021b45ba2a5efe |
| SHA512 | 540fffe97e41e6f02ee84451984d9ea0432a96cacdcc7f959e29313b547e88900ad20085848f3f1293f8742c2000c68a47978d7da4c9e1df0ae230020f8fcb34 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\0305BF7FE660AF5F32B4319E4C7EF7A7B70257A3
| MD5 | 4553274f3c9319485bc42bf04f0ae064 |
| SHA1 | 03fedfa319900981a300d272ca8b91b4b6d117ce |
| SHA256 | b9aea536c351f04aa79046ebe03b556dad8832d989d337b00342ee796b83c033 |
| SHA512 | 6d361b1f9a687287d8cfe4c8c12651199c5544f2754dd5dd9e3de8638511e0b883e408361c92f66f8f72da7bd4131c0bb1cd45f1090b3e5a97382ebe270d2a5e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\66E1831339AD550690BE0D9FC4CC4AD90DC1347B
| MD5 | c692029492d94ff1d8d62ecee58a64a6 |
| SHA1 | 77d663b27fcba7e268b5e4963af9d7a9740d8bd2 |
| SHA256 | bb2f1d7a172b50a88d4e64ffcfbacaf7549db56ff4471868cfa9128bdf6e4013 |
| SHA512 | 2a71983f25d7a839090ab13ec00c75f4d3875d12540f3cecf690f927c88dff66e4bde81928d6d2a1999c88b1a98ff8d1012974502a1a608d9aea6e7293ef20ec |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\2C2ACB9B33B92A6F526C54EEB9D89FE0E250D51F
| MD5 | c772e78056daf4972c57b63ead6a9a7a |
| SHA1 | 51bd30c249609676b9e0365a22c0d6a2e101281e |
| SHA256 | 326151cb80d4668e6b5ea5a41ff3427f2711173a3c3a7ee2a85cf3efe0238da9 |
| SHA512 | 856bf68aa1ee76da234d5d81f5844224f2caf45de80d8753aba8734522c160f6a851405ef220a944d4e1bd7e25d23d1ddb17e574e6a15084cf96b3c925ae11a3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 230f8f1da5d7ed80e6efb41c21486555 |
| SHA1 | edf9adda9063cb5a4de0be97dafe9e5a71179561 |
| SHA256 | 18df3b3116362f47aaac1852e327e0122ebe89b6cf953e9aa8595284f2a0e635 |
| SHA512 | ceca650633418cd208238008ad8d8a78045d70be97b80155c3fa12e5a4ffebfb785104da712969025df84e29c1a6412adc78fea4f531d3fc6010a3b84f2155d5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\storage\default\https+++www.youtube.com^partitionKey=%28https%2Cgoogle.com%29\idb\2171031483YattIedMb.sqlite
| MD5 | 9311fc2b1cf0c7944eb79b9161c283c8 |
| SHA1 | 803f04e318a578762ea578062410136d28e07633 |
| SHA256 | cd30033a05999dbdf6cac5c946edb0e175ff4370cda8bec512bbb507d5b34a2e |
| SHA512 | 1e7d7e27c66e15d0a3a5f5bc4ef94aff19776393fbb45188039e4e76aad141b52f979a1bca8fe7842c7bbec097bdbca73abba6dceb9dd0a7ffbbf473eeb13533 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\doomed\8204
| MD5 | c6655525afa2bd09309caca504e14b80 |
| SHA1 | 5a9c71f0403316f1b78abebf8e358a7dd5ad6ae6 |
| SHA256 | 5cce1c13e07867511ae2df948db323177c259978d94f359b7575f5ab2f65f541 |
| SHA512 | 286946a8a3184f668a08fa32b5fe6ae194456570003a9fa1682aecfe9c934c83540a069e140e696fe1ca33ecbd7616cc47e7694fda9f9a9ed8e66f77f58304e1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 2fe20b0772662acedf150bb53613a902 |
| SHA1 | ea11721699c4e0b58eaacdb3b7a86bacdf5797ff |
| SHA256 | 532f289969e0f3cee93a8385ec6fb1a31ad8a29ecdc6eb423b3f539979aa9ad2 |
| SHA512 | a72abc34a042d7994bed68619c75fa857c482d80d10255226d44d27c7ac6c4e867b688a80af1d014101898ae55454d21442cd922efefd044054578d313fe1c85 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bhzluvd5.default-release\cache2\entries\57104CAB94B61778EE5B44E9AE76AA236C3459DF
| MD5 | 2086238486e4c4bf9d9513ff113cf88e |
| SHA1 | 001aa1d0175dd1a09138f6bfb6975cb454f090c7 |
| SHA256 | 6ab3e71e08a745459073388800d6756147b1a456ee168ec1ef648550db913a09 |
| SHA512 | f779ef06f91ff073c4384d63bf1ead2663f474e5d968623181915e71b52d8cd2ecbe2741f87a6b6b50ba580efd320b1e59d12787b51b82633acaa5c33ffb4164 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionCheckpoints.json.tmp
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionCheckpoints.json.tmp
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\sessionstore.jsonlz4
| MD5 | 5f0c80c0af2237dcc2e7c7aa8ec03e4d |
| SHA1 | 87d55d72c104d18fa3d6e00eec5f7eebd2822182 |
| SHA256 | 9e78e9786a98103b0d2fdf9adfbed50507e4bd8b38edaf4a555c186ea00e3c20 |
| SHA512 | a3176985dd43f0a72e9b1bc33427d071da99593c69b64187c7c49be1c1ea594a03f5162b81b227236d48e3d6d89ec02f7b4ac78ffb5f9f0e82a93628a8ab9b66 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bhzluvd5.default-release\places.sqlite
| MD5 | 8db86111cc6276e5d80afd36c6a66058 |
| SHA1 | 3a572770678c5e783c92d4046e7178d431088ef5 |
| SHA256 | 78bd10d205459d16a16af615e299549f5610aa03cb92ac7ec2568a41dfe27751 |
| SHA512 | 4193408ac1b696aae1103e3185e706632f752b723f4661dec655ccc9eba6c1342b86e665d36a197febfcbe645eab767afb559f31a860bd61ab7296016d42d875 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-02 18:50
Reported
2024-11-02 19:27
Platform
win10v2004-20241007-en
Max time kernel
1834s
Max time network
1387s
Command Line
Signatures
Enumerates connected drives
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\upnphost\udhisapi.dll | C:\Windows\system32\svchost.exe | N/A |
| File opened for modification | C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\upnphost\udhisapi.dll | C:\Windows\system32\svchost.exe | N/A |
Browser Information Discovery
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Program Files (x86)\Windows Media Player\wmplayer.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\unregmp2.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\System32\perfmon.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\System32\perfmon.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Gathers network information
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\ipconfig.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133750480827878898" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Windows\System32\perfmon.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0400000002000000030000000100000000000000ffffffff | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{94D6DDCC-4A68-4175-A374-BD584A510B78}\FFlags = "1092616257" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\NodeSlot = "2" | C:\Windows\system32\taskmgr.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell | C:\Windows\System32\perfmon.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2\MRUListEx = ffffffff | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\GroupView = "0" | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg | C:\Windows\System32\perfmon.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 = 3a002e803accbfb42cdb4c42b0297fe99a87c641260001002600efbe1100000056d03b709918db01e1ca8f029e18db016815d3975a2ddb0114000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\IconSize = "16" | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 | C:\Windows\system32\taskmgr.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\Mode = "4" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\LogicalViewMode = "3" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{94D6DDCC-4A68-4175-A374-BD584A510B78}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000050000001800000030f125b7ef471a10a5f102608c9eebac0a000000a00000002e37a3569cced2119f0e006097c686f60700000028000000e0859ff2f94f6810ab9108002b27b3d902000000a00000002e37a3569cced2119f0e006097c686f602000000780000002e37a3569cced2119f0e006097c686f60400000088000000 | C:\Windows\System32\perfmon.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 | C:\Windows\system32\taskmgr.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = ffffffff | C:\Windows\system32\taskmgr.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 | C:\Windows\system32\taskmgr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 | C:\Windows\system32\taskmgr.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{94D6DDCC-4A68-4175-A374-BD584A510B78}\GroupView = "0" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-940901362-3608833189-1915618603-1000\{D50F7D90-FB7A-4C62-A4A2-3A8D3CED7407} | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 | C:\Windows\system32\taskmgr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg | C:\Windows\system32\taskmgr.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Windows\System32\perfmon.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Generic" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 19002f433a5c000000000000000000000000000000000000000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\MRUListEx = 00000000ffffffff | C:\Windows\system32\taskmgr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{94D6DDCC-4A68-4175-A374-BD584A510B78}\IconSize = "16" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Version = "1" | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\4 | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\GroupByKey:PID = "0" | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7 | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Windows\system32\taskmgr.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{94D6DDCC-4A68-4175-A374-BD584A510B78}\GroupByDirection = "1" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Windows\system32\taskmgr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Windows\system32\taskmgr.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg | C:\Windows\System32\perfmon.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Downloads" | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Windows\system32\taskmgr.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 02000000030000000100000000000000ffffffff | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell | C:\Windows\system32\taskmgr.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\System32\perfmon.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 | C:\Windows\System32\perfmon.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\3\NodeSlot = "4" | C:\Windows\System32\perfmon.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell | C:\Windows\System32\perfmon.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\System32\perfmon.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\System32\perfmon.exe | N/A |
| N/A | N/A | C:\Windows\System32\perfmon.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\3119e27ef4665f22b41643a24f89fd6f.mp4"
C:\Windows\SysWOW64\unregmp2.exe
"C:\Windows\System32\unregmp2.exe" /AsyncFirstLogon
C:\Windows\system32\unregmp2.exe
"C:\Windows\SysNative\unregmp2.exe" /AsyncFirstLogon /REENTRANT
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x40c 0x33c
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1532 -ip 1532
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1532 -s 2348
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1964 -parentBuildID 20240401114208 -prefsHandle 1896 -prefMapHandle 1892 -prefsLen 23680 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c83be35e-53a0-420a-821d-e56becf4c07c} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2376 -parentBuildID 20240401114208 -prefsHandle 2352 -prefMapHandle 2340 -prefsLen 23716 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ed494d0a-330d-4495-bbff-8e9ab5912388} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3164 -childID 1 -isForBrowser -prefsHandle 2888 -prefMapHandle 2896 -prefsLen 23857 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6615d26f-334d-4672-98f0-c81b8bd97cce} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3996 -childID 2 -isForBrowser -prefsHandle 3984 -prefMapHandle 3980 -prefsLen 29090 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2aac1f7b-8e88-44e5-b70d-7700306d2b83} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4804 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4780 -prefMapHandle 4820 -prefsLen 29090 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e5f3f363-a191-415a-b969-4537823cd0cb} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5272 -childID 3 -isForBrowser -prefsHandle 5320 -prefMapHandle 4804 -prefsLen 26944 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a49e2c13-310c-44d8-bc52-67c32502771c} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5440 -childID 4 -isForBrowser -prefsHandle 5448 -prefMapHandle 5452 -prefsLen 26944 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {60700fbb-67fa-4f12-89dd-80b0b7f9b2a2} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5228 -childID 5 -isForBrowser -prefsHandle 5632 -prefMapHandle 5640 -prefsLen 26944 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5384ea9f-5bd3-411f-80a9-a2accbc7d1ad} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4520 -childID 6 -isForBrowser -prefsHandle 4516 -prefMapHandle 4512 -prefsLen 27158 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3813b485-f4ba-4470-be86-a0e830679261} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2820 -childID 7 -isForBrowser -prefsHandle 6320 -prefMapHandle 5840 -prefsLen 28035 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {51b87553-34c6-48e5-bd45-ac8d81de0087} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6276 -childID 8 -isForBrowser -prefsHandle 6588 -prefMapHandle 6584 -prefsLen 28035 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b7b8f0d7-e91b-48cc-a99e-79b39b24f299} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6748 -childID 9 -isForBrowser -prefsHandle 6704 -prefMapHandle 6708 -prefsLen 28035 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cc8e1b6a-77e3-43ef-934e-c8fa548a7fc0} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6932 -childID 10 -isForBrowser -prefsHandle 6784 -prefMapHandle 6780 -prefsLen 28035 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a9611b34-db05-4f97-a782-cfaae1e80e9e} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6200 -childID 11 -isForBrowser -prefsHandle 436 -prefMapHandle 5168 -prefsLen 28035 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1bdcbc11-e805-42a7-a997-ea7e384c5203} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5348 -childID 12 -isForBrowser -prefsHandle 5392 -prefMapHandle 5368 -prefsLen 28035 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ecb46044-0018-441a-afdf-6003e7abbdc0} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6700 -childID 13 -isForBrowser -prefsHandle 7064 -prefMapHandle 7124 -prefsLen 28035 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4cf1e5bb-95f0-400e-82a9-8f1b370d9d12} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5876 -parentBuildID 20240401114208 -prefsHandle 5944 -prefMapHandle 5940 -prefsLen 30573 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5b8eb524-3b4b-433e-be2e-e5e4b6fc5d1f} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5528 -parentBuildID 20240401114208 -sandboxingKind 1 -prefsHandle 5552 -prefMapHandle 5564 -prefsLen 30573 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6cf8a2a8-024c-4155-ae7e-f7491817fe58} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7592 -childID 14 -isForBrowser -prefsHandle 7568 -prefMapHandle 7572 -prefsLen 28035 -prefMapSize 244658 -jsInitHandle 1012 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5d239e93-fc87-4fa7-8eeb-ebaece9983d0} 4492 "\\.\pipe\gecko-crash-server-pipe.4492" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2032 -parentBuildID 20240401114208 -prefsHandle 1960 -prefMapHandle 1952 -prefsLen 24572 -prefMapSize 245037 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b370227a-d45e-49e3-aed4-8e85bb0220bc} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2444 -parentBuildID 20240401114208 -prefsHandle 2412 -prefMapHandle 2408 -prefsLen 24608 -prefMapSize 245037 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9b33ed42-ecf1-4444-a5a9-92c8d2085576} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1744 -childID 1 -isForBrowser -prefsHandle 2980 -prefMapHandle 2976 -prefsLen 24749 -prefMapSize 245037 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d7fb6857-8ba7-43de-aedb-261db79c5e71} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3908 -childID 2 -isForBrowser -prefsHandle 4040 -prefMapHandle 4036 -prefsLen 29982 -prefMapSize 245037 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bcf0ec15-5206-4f86-954b-6226df6d6785} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4644 -childID 3 -isForBrowser -prefsHandle 4636 -prefMapHandle 4632 -prefsLen 27444 -prefMapSize 245037 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9861c4c3-7ce4-4e51-a7d6-853390c3ebad} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4852 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4796 -prefMapHandle 3668 -prefsLen 30036 -prefMapSize 245037 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {64513121-c0e3-4f77-ba47-e5b46704f420} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5492 -childID 4 -isForBrowser -prefsHandle 5444 -prefMapHandle 5464 -prefsLen 27551 -prefMapSize 245037 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {594a1fa3-c200-4eda-949b-610d9c63f6c4} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5660 -childID 5 -isForBrowser -prefsHandle 5668 -prefMapHandle 5672 -prefsLen 27551 -prefMapSize 245037 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5a729b78-0f47-4f53-8da1-4b7748a703d8} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5464 -childID 6 -isForBrowser -prefsHandle 4804 -prefMapHandle 5044 -prefsLen 27551 -prefMapSize 245037 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7a3a727f-5a9f-4dd6-8dd7-6e3ab728f9a9} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5872 -childID 7 -isForBrowser -prefsHandle 5560 -prefMapHandle 5576 -prefsLen 27551 -prefMapSize 245037 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {785042ab-8ba1-4934-b461-5258d893ef19} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5496 -childID 8 -isForBrowser -prefsHandle 5944 -prefMapHandle 5940 -prefsLen 27551 -prefMapSize 245037 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cd03ad94-1864-46cf-b9f2-6a3f25e3588e} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5628 -childID 9 -isForBrowser -prefsHandle 5940 -prefMapHandle 5520 -prefsLen 27551 -prefMapSize 245037 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c0dd57f2-637c-4181-901c-55351879012b} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5684 -childID 10 -isForBrowser -prefsHandle 4644 -prefMapHandle 5688 -prefsLen 27551 -prefMapSize 245037 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bc0b2c4a-fce2-4b31-987a-74f345002593} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffec73bcc40,0x7ffec73bcc4c,0x7ffec73bcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2436,i,11753803746921099072,2630757834123309558,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2432 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1848,i,11753803746921099072,2630757834123309558,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2536 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2068,i,11753803746921099072,2630757834123309558,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2712 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3196,i,11753803746921099072,2630757834123309558,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3208 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3344,i,11753803746921099072,2630757834123309558,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3340 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4592,i,11753803746921099072,2630757834123309558,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4612 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4468,i,11753803746921099072,2630757834123309558,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4836 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5044,i,11753803746921099072,2630757834123309558,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4868 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4732,i,11753803746921099072,2630757834123309558,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5184 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1984 -parentBuildID 20240401114208 -prefsHandle 1896 -prefMapHandle 1888 -prefsLen 24572 -prefMapSize 245037 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b92061ca-4645-4525-8d92-ef8aee6b6c8c} 3796 "\\.\pipe\gecko-crash-server-pipe.3796" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2388 -parentBuildID 20240401114208 -prefsHandle 2372 -prefMapHandle 2368 -prefsLen 24608 -prefMapSize 245037 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {55967d02-289e-45cb-bfc5-d87a6e5b94df} 3796 "\\.\pipe\gecko-crash-server-pipe.3796" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3068 -childID 1 -isForBrowser -prefsHandle 3076 -prefMapHandle 2928 -prefsLen 24749 -prefMapSize 245037 -jsInitHandle 1228 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5cabe2d5-ff54-4cce-8f93-ee0153559653} 3796 "\\.\pipe\gecko-crash-server-pipe.3796" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3996 -childID 2 -isForBrowser -prefsHandle 2552 -prefMapHandle 2576 -prefsLen 29982 -prefMapSize 245037 -jsInitHandle 1228 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bcda3c22-748b-45af-82eb-ea8345e371f4} 3796 "\\.\pipe\gecko-crash-server-pipe.3796" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4804 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4776 -prefMapHandle 4672 -prefsLen 30036 -prefMapSize 245037 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8352ec0a-9a24-499c-b729-ead62efeafe2} 3796 "\\.\pipe\gecko-crash-server-pipe.3796" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4928 -childID 3 -isForBrowser -prefsHandle 4756 -prefMapHandle 4888 -prefsLen 27498 -prefMapSize 245037 -jsInitHandle 1228 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {42dd4eb8-8b90-430f-a866-543b7c61dde7} 3796 "\\.\pipe\gecko-crash-server-pipe.3796" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5056 -childID 4 -isForBrowser -prefsHandle 5064 -prefMapHandle 5068 -prefsLen 27498 -prefMapSize 245037 -jsInitHandle 1228 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {790b35a8-9f25-4155-acc7-5cdd1498368c} 3796 "\\.\pipe\gecko-crash-server-pipe.3796" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5364 -childID 5 -isForBrowser -prefsHandle 5460 -prefMapHandle 5372 -prefsLen 27498 -prefMapSize 245037 -jsInitHandle 1228 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7eb64ce9-0653-4c97-ab6f-73ed7996e490} 3796 "\\.\pipe\gecko-crash-server-pipe.3796" tab
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /7
C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /1
C:\Windows\system32\resmon.exe
"C:\Windows\system32\resmon.exe"
C:\Windows\System32\perfmon.exe
"C:\Windows\System32\perfmon.exe" /res
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\system32\help.exe
help
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0xf8,0x130,0x7ffed81746f8,0x7ffed8174708,0x7ffed8174718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3540 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3540 /prefetch:8
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
C:\Windows\system32\ipconfig.exe
ipconfig ?sd
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4296 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3422673353621973886,4441801386291190313,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.27.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 82.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.73.42.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:51566 | tcp | |
| N/A | 127.0.0.1:51577 | tcp | |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 1.97.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 113.212.160.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 4.180.250.142.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| DE | 23.55.161.185:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| GB | 142.250.200.14:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.200.3:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | 185.161.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.200.14:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r3---sn-5go7yner.gvt1.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | tcp |
| SE | 74.125.110.168:443 | r3---sn-5go7yner.gvt1.com | tcp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | r3.sn-5go7yner.gvt1.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | r3.sn-5go7yner.gvt1.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.200.3:443 | id.google.com | udp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | udp |
| SE | 74.125.110.168:443 | r3.sn-5go7yner.gvt1.com | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.110.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-tbn3.gstatic.com | tcp |
| GB | 142.250.180.14:443 | encrypted-tbn3.gstatic.com | tcp |
| GB | 142.250.180.14:443 | encrypted-tbn3.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-tbn3.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | itch.io | udp |
| US | 45.79.115.66:443 | itch.io | tcp |
| US | 8.8.8.8:53 | itch.io | udp |
| US | 45.79.115.66:443 | itch.io | tcp |
| US | 8.8.8.8:53 | 66.115.79.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | itch.io | udp |
| US | 8.8.8.8:53 | static.itch.io | udp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 8.8.8.8:53 | static.itch.io | udp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 8.8.8.8:53 | static.itch.io | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | platform.twitter.map.fastly.net | udp |
| US | 8.8.8.8:53 | platform.twitter.map.fastly.net | udp |
| US | 8.8.8.8:53 | 99.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| GB | 146.75.72.157:443 | platform.twitter.com | tcp |
| US | 8.8.8.8:53 | 157.72.75.146.in-addr.arpa | udp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 104.244.42.72:443 | syndication.twitter.com | tcp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | storiescover.com | udp |
| FI | 65.109.110.88:443 | storiescover.com | tcp |
| US | 8.8.8.8:53 | storiescover.com | udp |
| FI | 65.109.110.88:443 | storiescover.com | tcp |
| US | 8.8.8.8:53 | storiescover.com | udp |
| US | 8.8.8.8:53 | 88.110.109.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.pubpub.org | udp |
| US | 172.67.75.127:443 | assets.pubpub.org | tcp |
| US | 8.8.8.8:53 | assets.pubpub.org | udp |
| US | 8.8.8.8:53 | assets.pubpub.org | udp |
| US | 8.8.8.8:53 | 127.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | 41.94.18.104.in-addr.arpa | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | browser.sentry-cdn.com | udp |
| US | 8.8.8.8:53 | use.fontawesome.com | udp |
| US | 8.8.8.8:53 | d266key948fg17.cloudfront.net | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | d17iy0164v753e.cloudfront.net | udp |
| US | 8.8.8.8:53 | browser.sentry-cdn.com | udp |
| US | 8.8.8.8:53 | use.fontawesome.com.cdn.cloudflare.net | udp |
| US | 151.101.194.217:443 | browser.sentry-cdn.com | tcp |
| US | 172.67.142.245:443 | use.fontawesome.com.cdn.cloudflare.net | tcp |
| GB | 142.250.180.10:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| NL | 18.239.102.90:443 | d266key948fg17.cloudfront.net | tcp |
| NL | 18.239.102.90:443 | d266key948fg17.cloudfront.net | tcp |
| NL | 18.239.102.90:443 | d266key948fg17.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d266key948fg17.cloudfront.net | udp |
| NL | 18.239.47.193:443 | d17iy0164v753e.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d17iy0164v753e.cloudfront.net | udp |
| US | 8.8.8.8:53 | browser.sentry-cdn.com | udp |
| US | 8.8.8.8:53 | use.fontawesome.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | d266key948fg17.cloudfront.net | udp |
| US | 8.8.8.8:53 | d17iy0164v753e.cloudfront.net | udp |
| US | 8.8.8.8:53 | 217.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.102.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.47.239.18.in-addr.arpa | udp |
| GB | 142.250.180.10:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | d1myn4ixnn41tz.cloudfront.net | udp |
| NL | 18.239.63.35:443 | d1myn4ixnn41tz.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d1myn4ixnn41tz.cloudfront.net | udp |
| NL | 18.239.63.35:443 | d1myn4ixnn41tz.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d1myn4ixnn41tz.cloudfront.net | udp |
| US | 172.67.142.245:443 | use.fontawesome.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | 35.63.239.18.in-addr.arpa | udp |
| US | 172.67.142.245:443 | use.fontawesome.com.cdn.cloudflare.net | tcp |
| NL | 18.239.102.90:443 | d266key948fg17.cloudfront.net | tcp |
| NL | 18.239.63.35:443 | d1myn4ixnn41tz.cloudfront.net | tcp |
| US | 8.8.8.8:53 | duh0b8nl8uhfn.cloudfront.net | udp |
| NL | 18.239.102.138:443 | duh0b8nl8uhfn.cloudfront.net | tcp |
| NL | 18.239.102.138:443 | duh0b8nl8uhfn.cloudfront.net | tcp |
| US | 8.8.8.8:53 | duh0b8nl8uhfn.cloudfront.net | udp |
| US | 8.8.8.8:53 | duh0b8nl8uhfn.cloudfront.net | udp |
| US | 8.8.8.8:53 | 138.102.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn2.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | chromewebstore.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.14:443 | chromewebstore.google.com | tcp |
| US | 8.8.8.8:53 | chromewebstore.google.com | udp |
| US | 8.8.8.8:53 | chromewebstore.google.com | udp |
| GB | 142.250.180.14:443 | chromewebstore.google.com | tcp |
| GB | 142.250.180.14:443 | chromewebstore.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | googlehosted.l.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | googlehosted.l.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | googlehosted.l.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | googlehosted.l.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | 1.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.213.1:443 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | scone-pa.clients6.google.com | udp |
| GB | 142.250.187.234:443 | scone-pa.clients6.google.com | tcp |
| US | 8.8.8.8:53 | scone-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | scone-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.234:443 | scone-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.201.118:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 118.201.58.216.in-addr.arpa | udp |
| GB | 216.58.201.118:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 108.177.15.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 84.15.177.108.in-addr.arpa | udp |
| BE | 108.177.15.84:443 | accounts.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr1---sn-aigl6nsd.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr1.sn-aigl6nsd.googlevideo.com | udp |
| GB | 74.125.105.38:443 | rr1.sn-aigl6nsd.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr1---sn-aigl6nsd.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr1.sn-aigl6nsd.googlevideo.com | udp |
| GB | 74.125.105.38:443 | rr1---sn-aigl6nsd.googlevideo.com | tcp |
| GB | 172.217.16.238:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | 38.105.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.179.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 74.125.105.38:443 | rr1---sn-aigl6nsd.googlevideo.com | tcp |
| GB | 74.125.105.38:443 | rr1---sn-aigl6nsd.googlevideo.com | tcp |
| GB | 142.250.179.238:443 | youtube.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 142.250.187.206:443 | suggestqueries-clients6.youtube.com | tcp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 142.250.187.206:443 | suggestqueries-clients6.youtube.com | tcp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 74.125.105.38:443 | rr1---sn-aigl6nsd.googlevideo.com | tcp |
| GB | 74.125.105.38:443 | rr1---sn-aigl6nsd.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.187.206:443 | suggestqueries-clients6.youtube.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.179.250.142.in-addr.arpa | udp |
| GB | 142.250.179.230:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | photos-ugc.l.googleusercontent.com | udp |
| GB | 142.250.187.225:443 | photos-ugc.l.googleusercontent.com | tcp |
| GB | 142.250.187.225:443 | photos-ugc.l.googleusercontent.com | tcp |
| GB | 142.250.187.225:443 | photos-ugc.l.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | photos-ugc.l.googleusercontent.com | udp |
| GB | 142.250.187.225:443 | photos-ugc.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr4---sn-5go7ynld.googlevideo.com | udp |
| SE | 74.125.111.73:443 | rr4---sn-5go7ynld.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr4.sn-5go7ynld.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr4.sn-5go7ynld.googlevideo.com | udp |
| SE | 74.125.111.73:443 | rr4.sn-5go7ynld.googlevideo.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| N/A | 127.0.0.1:53732 | tcp | |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 172.67.75.127:443 | assets.pubpub.org | tcp |
| N/A | 127.0.0.1:53758 | tcp | |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | tcp |
| GB | 216.58.201.106:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.106:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 216.58.201.106:443 | ogads-pa.googleapis.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| GB | 142.250.200.46:443 | youtube-ui.l.google.com | tcp |
| GB | 142.250.200.46:443 | youtube-ui.l.google.com | tcp |
| GB | 142.250.200.46:443 | youtube-ui.l.google.com | tcp |
| GB | 142.250.200.46:443 | youtube-ui.l.google.com | udp |
| GB | 142.250.200.46:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | www.sansebastianfestival.com | udp |
| US | 172.67.71.177:443 | www.sansebastianfestival.com | tcp |
| US | 8.8.8.8:53 | www.sansebastianfestival.com | udp |
| US | 8.8.8.8:53 | www.sansebastianfestival.com | udp |
| US | 172.67.71.177:443 | www.sansebastianfestival.com | tcp |
| US | 8.8.8.8:53 | 177.71.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | malfirob.xyz | udp |
| US | 104.21.86.191:443 | malfirob.xyz | tcp |
| US | 8.8.8.8:53 | malfirob.xyz | udp |
| US | 8.8.8.8:53 | malfirob.xyz | udp |
| US | 8.8.8.8:53 | 191.86.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mimeprague.cz | udp |
| CZ | 185.66.36.69:443 | mimeprague.cz | tcp |
| US | 8.8.8.8:53 | mimeprague.cz | udp |
| US | 8.8.8.8:53 | mimeprague.cz | udp |
| US | 8.8.8.8:53 | 69.36.66.185.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| N/A | 127.0.0.1:54701 | tcp | |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:54709 | tcp | |
| US | 8.8.8.8:53 | 1.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.0.0.224.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa | udp |
| US | 8.8.8.8:53 | 16.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.255.255.239.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.0.0.224.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa | udp |
| US | 8.8.8.8:53 | 251.0.0.224.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa | udp |
| US | 8.8.8.8:53 | 255.255.127.10.in-addr.arpa | udp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 151.195.100.95.in-addr.arpa | udp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 177.195.100.95.in-addr.arpa | udp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 95.100.195.151:443 | www.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 40.126.31.73:443 | login.microsoftonline.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 95.100.195.177:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.255.255.239.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa | udp |
| US | 8.8.8.8:53 | 252.0.0.224.in-addr.arpa | udp |
| US | 95.100.195.175:443 | www.bing.com | tcp |
| US | 95.100.195.175:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 175.195.100.95.in-addr.arpa | udp |
| US | 95.100.195.175:443 | www.bing.com | tcp |
| US | 95.100.195.175:443 | www.bing.com | tcp |
| US | 95.100.195.175:443 | www.bing.com | tcp |
| US | 95.100.195.175:443 | www.bing.com | tcp |
| US | 95.100.195.175:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 95.100.195.135:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 135.195.100.95.in-addr.arpa | udp |
| US | 95.100.195.175:443 | www.bing.com | tcp |
| US | 95.100.195.175:443 | www.bing.com | tcp |
| US | 95.100.195.175:443 | www.bing.com | tcp |
| US | 95.100.195.175:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | support.microsoft.com | udp |
| US | 8.8.8.8:53 | 65.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | support.content.office.net | udp |
| US | 23.192.22.93:443 | www.microsoft.com | tcp |
| US | 23.192.22.93:443 | www.microsoft.com | tcp |
| FR | 23.54.142.31:443 | support.content.office.net | tcp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| US | 23.192.26.94:443 | c.s-microsoft.com | tcp |
| US | 152.199.21.175:443 | aadcdn.msftauth.net | tcp |
| US | 20.189.173.16:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 93.22.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.142.54.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.26.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| FR | 23.54.142.31:443 | support.content.office.net | tcp |
| FR | 23.54.142.31:443 | support.content.office.net | tcp |
| FR | 23.54.142.31:443 | support.content.office.net | tcp |
| FR | 23.54.142.31:443 | support.content.office.net | tcp |
| FR | 23.54.142.31:443 | support.content.office.net | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 20.189.173.16:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.22.144.11:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 11.144.22.2.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.DTD
| MD5 | 90be2701c8112bebc6bd58a7de19846e |
| SHA1 | a95be407036982392e2e684fb9ff6602ecad6f1e |
| SHA256 | 644fbcdc20086e16d57f31c5bad98be68d02b1c061938d2f5f91cbe88c871fbf |
| SHA512 | d618b473b68b48d746c912ac5fc06c73b047bd35a44a6efc7a859fe1162d68015cf69da41a5db504dcbc4928e360c095b32a3b7792fcc6a38072e1ebd12e7cbe |
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML
| MD5 | 7050d5ae8acfbe560fa11073fef8185d |
| SHA1 | 5bc38e77ff06785fe0aec5a345c4ccd15752560e |
| SHA256 | cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b |
| SHA512 | a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b |
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb
| MD5 | 987a07b978cfe12e4ce45e513ef86619 |
| SHA1 | 22eec9a9b2e83ad33bedc59e3205f86590b7d40c |
| SHA256 | f1a4a978ce1c4731df1594043135cf58d084fdf129dd1c8e4507c9e06eac5ea8 |
| SHA512 | 39b86540e4d35c84609ef66537b5aa02058e3d4293f902127c7d4eac8ffc65920cb5c69a77552fc085687eed66e38367f83c177046d0ecb8e6d135463cc142aa |
C:\Users\Admin\AppData\Local\Temp\wmsetup.log
| MD5 | 34a3be0aa9920bae322a5161d3d9d4d8 |
| SHA1 | 01857e2129cff31543700272615930415916e111 |
| SHA256 | df11480210ecf06604d47cb46d21ba3e5eeeaf6daf65079741d9adce73ce176e |
| SHA512 | b8b43be55084d4c1712a7920e6291ab5ef60b1b6657797aa40b203d8cbbff36d018e4ba004b1d3e0a19ecf0ece7341ece61599ec6c0ac3cb2d6b4012335c9bf1 |
memory/1532-35-0x0000000004450000-0x0000000004460000-memory.dmp
memory/1532-36-0x0000000004450000-0x0000000004460000-memory.dmp
memory/1532-34-0x0000000004450000-0x0000000004460000-memory.dmp
memory/1532-33-0x0000000004450000-0x0000000004460000-memory.dmp
memory/1532-37-0x0000000006E60000-0x0000000006E70000-memory.dmp
memory/1532-38-0x0000000006E80000-0x0000000006E90000-memory.dmp
memory/1532-39-0x0000000006E80000-0x0000000006E90000-memory.dmp
memory/1532-41-0x0000000004450000-0x0000000004460000-memory.dmp
memory/1532-40-0x0000000004450000-0x0000000004460000-memory.dmp
memory/1532-42-0x0000000006E80000-0x0000000006E90000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb
| MD5 | 40cafa4504ec25a5b18d5cd5648055d5 |
| SHA1 | 2c0c92364d3ef1dc42e555d7d6e7229b73fffce0 |
| SHA256 | 47c6c306e5057f15ddb49c878733606163e3c7d159bbe86ade5176a84a4d935c |
| SHA512 | fe3c5dd62e12b1002fd02a806084ee7327f59b0463c8b9d6c56de1f179437d8fe15114b452311e2e780193144719c5bd360b78279327c2817557a16019960e9e |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\74d7f43c1561fc1e.customDestinations-ms
| MD5 | 145bc60ba19133911edd9bb8b89749df |
| SHA1 | 453a071402d9299461785ba627bf26d326cd6041 |
| SHA256 | 8383ee7ff428e55445bf7bcf4aba8fb845f473285774f312341ed6bea54db8f4 |
| SHA512 | 902639b5340358f70dc0d044484962c823567bda1243f95558639d0a8ee727daa6e7791549c53983cfafb212c72aad82f419a4a22b1882944465a69e4e9b76cc |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\74d7f43c1561fc1e.customDestinations-ms~RFe5816fe.TMP
| MD5 | 9fbaa632249155139a52363e218783e1 |
| SHA1 | f1272099171cb88b0377765dd345fd063ce0418f |
| SHA256 | 540be59dc0b1661dda1213c063395cf1c1da199817e1c691a7726484f5f6771f |
| SHA512 | aae68e20dc45e00e53c772f08c83cad9a07f98bd3fa9a8d077bd82d320329eece04b9bf6cf5f0783a56bb6b89d5c7983b4c5ba8a9760fc201f860d320396238b |
memory/1532-55-0x0000000004450000-0x0000000004460000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\e6398f99-69fe-477e-8f17-6cc775ab7bd1
| MD5 | 3b6ba0b38d73ebe870fe71f62bed2c1f |
| SHA1 | 7c8d5ca46675045b840ba5a2002c1ed1f6904346 |
| SHA256 | df20fe48a4b9cc8cc44b91062cd9907cd14b99f20bc8799cf875048027a201c4 |
| SHA512 | 37062d2a71725893ca899fce28d1d2cb8fb52058b4ecb645149bba4daf3f6179e9644bce6d139d7a18272f76f84b554ba9ad5db0dec1903c1b2ac1fe32bf6c62 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\72d20ba5-a838-47da-bb79-ebb6096be3d8
| MD5 | c49edcf5459c604610980a5ab8f7265c |
| SHA1 | ac2a4fc4807306319a710298e0ac191bfda2418a |
| SHA256 | 0ec0feeb29edaad67d3732732bcbe5fa3801ee63607a1a443a3b68384bc258bd |
| SHA512 | a8674a005300994e7e300b29f0ef41d39f7f244f4e52c7da1a5d0daab912867b5224a456f80ca7545c2f2272530eb84efc854419b91116757ace4be4d091aa06 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\6d89c6a3-89e2-4d47-bf9d-f39360014bf6
| MD5 | b271b140dc468038baf260dc8067ec3c |
| SHA1 | 3c5e3127c98b5704585a667418c26e1dca3d3c4d |
| SHA256 | 88b94695b77a8e5a6bcdd4dabb328d8b8f6e419e69c7e18dc73f5b10bb3591ca |
| SHA512 | 01df6e20e7f91932c9c3eb6eec76fd88fa9a18b8d3cb92091df41dfd361f2681443a359eda870cc46c6818fe5d04ce287938fb1a881eb2b1ec635027d9d84122 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | b847b8171fe17e0299ab35c500c91b52 |
| SHA1 | e04a83e9dceb486e101d53e73d5ba92860e95e67 |
| SHA256 | 16ea969218289d13bc46bd422ec4c4b93ae003ae061fcdd210d0cbe43c1df877 |
| SHA512 | 44f67c6d504f4d63a176aa604ed8869f5ea176076cee8bb08ffd77ce81bba80609bf4f6109836ba714ea8371671c22430819bc555aaaf4475127804a6e791deb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\prefs.js
| MD5 | 0fc24a79e6cac1fb250d898aa31e340b |
| SHA1 | b03f6867f4f82f65fb21b878be45b0cdf12feb1b |
| SHA256 | 226ca9b088ac096117ee17ecf1421768475869831672a7d083b76a7c54124fc8 |
| SHA512 | 51ff8c8d25e2dd5a78e5b928969e8271adae6ce4f7fefe82523d102fdc707cb3ce4132380f7a05afc9744b1d60ddc1b4c4edc9b129652d0ac0b6bdee4bfe4909 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\prefs-1.js
| MD5 | 8af3897621fc433e2b7027cd6fe957d4 |
| SHA1 | eb8be7247202dfe86de46392904784c6f96ec021 |
| SHA256 | cc35b611e218697179a8ca08e7d1ba9cb51f522f63021866212c7eb158d28a9a |
| SHA512 | f13b7f6dc16b5f9192e6d57186c6faf4a02eb4a73b0969fa0a4dd338ffd501e443d559a0db0f81a02a361d073f27e0efa711bf1ab8f68b0387182d7e0658263d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\activity-stream.discovery_stream.json
| MD5 | d07705b1097a0c490cd59842be63703f |
| SHA1 | 0e23536a41030e3dc0e9705bcf1b6ee203dc6cda |
| SHA256 | 39bb94cbe58806d2846272b231df80013afb54d8f27003d7970d8e917135b718 |
| SHA512 | f559d517cca471f6ff59cc34d0ff784670f09865b2dfc933f9224d23d25b5faa45e9d8226cb5ffbdf7599e88fcbb37461d46164743bfebc926426da718a20b97 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\AlternateServices.bin
| MD5 | 7708663e8b92f597100f7bf574a931c0 |
| SHA1 | 491471353f813045521e5a9cd913ccf8d5aae7b3 |
| SHA256 | b7ec8c08ced85d371160b470d278bc070bd2a79a50bdb42c54c4e9e83a6cd96a |
| SHA512 | 99f5e85aea4771a31da9918bdee4aed6cebcac530c8935c44143de350c970f480a2559a23b74b62c6c88a27e3b30a4214cce093e9d37702b73280c9be7901081 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 5eba0f283e6f9eb5a2fd1bb9a51a5429 |
| SHA1 | 5f4cfa4a55918c7fd1ba79574e9e6522780058fb |
| SHA256 | a6931b42de5751418fefec74f26f86dcd6a4403b46b964392e48d396c2402525 |
| SHA512 | 3673a3a48fc7a2c594c13f31084db9323b41b0f6e6f23d8c37e5ef03ed4a0f9681619582f3ca98eef092ce09a11f427c800e00b39eb421f5feda9939e58e9ca0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\prefs.js
| MD5 | 3ee44af41c5418ad351c55fbb57a8588 |
| SHA1 | cf206c9d9be6e6816ce5e5674fcf77e03f94f495 |
| SHA256 | 6e8a83eedf379dd07927aee094faf4e9af09ebff1874dfc3435753d0954552a9 |
| SHA512 | ae7ee34dc297518d1031b61a624b260d7812968ab4d411e0faddd61696ece7d59c393ec45762f90315e900422dc732675c9035dcdd3704cd8134a6d130a36837 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\prefs-1.js
| MD5 | ef284cb67d63be88d88a88410f283f4e |
| SHA1 | 22e8e57feb31b36103b1bc2307d080ff7453e959 |
| SHA256 | 66ffe86149854f7bc8aaa8ed3e3b0dcfe0e3c39db07ac81c10e8839255e9e9f2 |
| SHA512 | 07f12d6a329ddf4b8881aeba252f860d263d604d30d438495bcc87e8ea556405a4342c4c5689d799992a12b6ea2d7dcdfbda558b6d514d8703dcd52e96851c87 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f7d7618136567359da4715afb65479e9 |
| SHA1 | e0a971becfd2aea0ed2c294b3f4b619a1e8d1346 |
| SHA256 | 26ee0f232269e33e7ec18715fbdb1177ae141773600c0f0f677b21dc53650d46 |
| SHA512 | 91ba3b0e80f8568b6bacbdbff457cec40073276a70b4e71c6098425f221aeac625043d02e2cc91076d75169271c1edef4801abe3df2386daa86811f3161b9e14 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\AlternateServices.bin
| MD5 | 5755b104dfee3a1d3dbf829a72cd0c56 |
| SHA1 | 1a9425c60af9f9a1f2eda9c130eabc544ade58cd |
| SHA256 | 4c193d7bfc249f2567d17b59a4dc79b580c8446749ef43584b02ad55c3e46888 |
| SHA512 | cf396070eb544b70f07c23e6d6a12cd60fb249874202a1f6b714f092a93269d00d88cb54ccca5371dfcccb171f7fcbbc2a0bf8a8914188c792ede4806f404f21 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 65ea82b81ccd177bf63e24f9519ecb31 |
| SHA1 | 415f233968ab70adacdb44f143f596a733b3c1b1 |
| SHA256 | ab262bbcf973efe530dcf8a6251fc26879aefa8bc44d8ced9cff2d48c8e1e44f |
| SHA512 | ae6596a7fc6d5efe791db1f6181177d96c5d2c67441a284a8e30bad5db1f83587bd59825ecb0e3b4ab05e3554817221e43032c09fc72b381a45283ce6c317bcf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 4601dcd57dfe2be6bda8901142e14cd5 |
| SHA1 | 44339c3d1fb912ae8ab481ee549a211c9b46e1bc |
| SHA256 | 979001205b0d5e632b8aa7201970f45454b63df32268a9ca9a12cdc5720fef21 |
| SHA512 | 14ad6c121d871d7a8ef3618e6d829e111fc8325db532a51a9aa8b3bc22584023070d69b4a0ec733520d55404809164f434ce736b1241ea57584cf0d38eb26ca6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 96e293005a980eaf405325bec313e7d5 |
| SHA1 | e5637a570dd6187e4b2f60f3074a6282ca6254a1 |
| SHA256 | e5c23f9d4e58c0db27890c62a223935d2e7ac190718d92f55a4724f6c7bb0674 |
| SHA512 | 8cdb8f0951be096f02ae27e92c102ebc2a2398faeafd875381bbf7fe0d49c84f88c59e6e28ab6400f01e019c887a358b6c035d7180b5841ac58071d02ae30dc2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 3c5af270df4d859f75b4b88855397da3 |
| SHA1 | 6309691edea5759fd20161201bf00b64b3b6a61d |
| SHA256 | 6afc5f5c03f7e1d21ab34a8ce0a756b02394f31b761ade21c42d9f202fd80c77 |
| SHA512 | 757712f7a99d66c18e0838e3123b5c7f2edae270e222a3738048afe8fee6dafe9ff188a6c5550c0216737e903c822b344a051b1729a14906d2dc8b5328e53f31 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\5B23235D54208C34AFF88FC6F18585FD8A8F8FAD
| MD5 | e335dfa2fc78c3db0e1cb3afb7f94063 |
| SHA1 | 2d26112d38a7676e625fe97e46f9e3d9d270bab6 |
| SHA256 | efe48ab04f1f47ed3738dd5ee3ba591ad470211781055e655733122595c8efe9 |
| SHA512 | 97c5946e0f618f74c4e3384ad46899573f2d52e5788c41f01ca0c768f902927138a35432f8d6674e5d7074e2e80b1e017f0adc7a2e8d0f9d1ff31d6be9f8a0b2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\8AD6F5CF0FEC728921A5A08D73A7BA92616EE430
| MD5 | c63f72f66b158f92347320e1c88dd507 |
| SHA1 | 9254365791781ccb266a6a170cdb6493566787e6 |
| SHA256 | 0e83f142e6e2f8504419f1450a35ea6d05cfb93ca7961bcbacdb1042bca12992 |
| SHA512 | 8e37c9171de8e322325ee52bd43d855fc76b0e8b53a518258f221ac74c6bfbe97c62312afb319252c6b41e229b344f5c7bbad30825bf273bbffd741a03898599 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\4E338D758B49175D54D95CF0771E1C7706613A67
| MD5 | ec8a9c6c6feca22c64976d8244b8f57f |
| SHA1 | 6ba717d8729a5c6bb8301d7f3c4439823af61612 |
| SHA256 | c4bb231fd4e8777f2f0555ab3eca4c5c9b4f3856a2fdd02c8bf775336c3b8750 |
| SHA512 | e9b76b2187aafbabf8b102e88062df4a82159e8f0c97c59673bf2b35d6d8dc750d040a7b93a5cb6274be49ab46e6e65f5d5429363c4d481b9a8dbc9c49a073fc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\7C6317FBD87AEC8B1254D548D6DFE6CA848CF50A
| MD5 | ebe58011cb7105e8e402587f5931e4ca |
| SHA1 | 28d91284bc7ae7fa20cd004561e1d5320293df51 |
| SHA256 | c7d0441ce917aee4aec4d2f433d34f90bf10b40018c6b73dd456e5d5a0d2835e |
| SHA512 | 5ebb1e043a947b338b65c0ed6335b3810486391b02d2f297dca80f4b52d1b468e1f820595c516e6158a04c6ee81f22cd59d0c75270b9645e388a2a520e2af37c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 3fb9f901b5bf054b619a65d767b8fcab |
| SHA1 | fb4eab98f3dabcbec26a733273111fd67295d108 |
| SHA256 | 94a23fd5690eda4baed2c58b843a1a5f0bdb10eab8b66b6e014471e9d5825d53 |
| SHA512 | fd4f09dbef0cf184b6adb73e7c24726226720483edfb97a388c944938df6e2787578600971d6b4418ffaa02e1560b4f788a90b759b69a2c96b0dd5be22fa79e7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 9b10c3aefa01c1a01de1c27621773aeb |
| SHA1 | b13b2a200bbe915067210b8a4a0eea8a8982336f |
| SHA256 | 447f7aee89c515cbbeb421feeeef5b16bdef9ed636e307635c2721bda2e7f000 |
| SHA512 | ce046ac3fee3221f84aadbf227e3b85013ec4d53562e3b00e257c1eada736f5aa6c322c83314ba2e23e02e09c3c7ff9c76c172cd15e2b0de55fcb1d108bfa0cc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 741ecca69fb83df954535c62fad8be9b |
| SHA1 | 02d8ecc7b26dcc322b3ddabfa9f6296eec98a6b5 |
| SHA256 | 0b04a0bd8887a0bf9330841578ec7024a52e80fa6a60cde6136270a83210607b |
| SHA512 | 2c5a994b68ab5164dbc854f0ab3b1bbd80b94b65dce5b96187efcf68e2d77cb58ab31424192e84e41016f63a1d3dc4a2ed780c21087ee995b2cc14b92ad97d7b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\c9a22fdb-bad9-406d-9b0f-811e7404b998
| MD5 | db9e472b88b377782e870531175c950c |
| SHA1 | 3a7ce0fd799ce005070011ccdd19bb27fb28e897 |
| SHA256 | dde408e7c04f7aa504d895b1b287f24837d796e82193f0408e67e9ac1170bb05 |
| SHA512 | c32ea9eae8e1ebb1488a2e4a5336f1e2474c4649c056a2618580a48b9ff9753d8425678243f550d51f13e01bcf92190d1d0f6a0bd6cc0bbbffc644507b16104f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\7e60feac-46f4-4635-adf6-efb8a165dd18
| MD5 | dee83a80cc16a366b3ecd4f2ccbc66c7 |
| SHA1 | c649c5e3e206b7171f2bcf1dd4f0a8b5834ec04c |
| SHA256 | 2cc266ec874c5d0a23e979597091334fe4215e6a0c3e1fc4ca8ca4a6bcfa39d9 |
| SHA512 | 0fe7cdcceb1500c502268a16b0d6788b75f599129f5f3f9e6765fd436ef0fa10b44f4e94af0cf0db7dd872ab7c616c90954fe274b929e6036cb5696b0b8229d1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 90526c248bad963e63701921ac42ffa0 |
| SHA1 | 9afa75a65d28df6edea459ad49b1649b1698cb7f |
| SHA256 | 26f088f25df240d16de53594bb6cdcdf79d7042faf3950eea7c2177bdd6f23e8 |
| SHA512 | 1162d40df07c3b7dcef0a3090b62555d24c9ef7aad7c723ab94859e4428719769111777fe1bbaf8d2b4c96869333933ef3afeba6f922c7ab76456250daa3abf8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\default\https+++www.youtube.com\idb\3060432757yCt7-%iCt7-%r2edscpao.sqlite
| MD5 | a2930cc720c78d4df136f0f02809a568 |
| SHA1 | 8462a22f30a7363f92b9b432ec70c933cc264477 |
| SHA256 | 2d867b1d1f809a6a4f62e96d1a67251ef7dfe91c3e26d70aac019588c135af57 |
| SHA512 | a239d41b29fcbf40e8311389f301141c27a3b05e968664e557ae0285f73ae6a7c2079649d91a7e26cbe2e9f17a468e5179b1f5014169ae3ef43d1d969c89b067 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\default\https+++www.youtube.com\cache\morgue\45\{49106e25-f349-42fc-935f-cf6f7344272d}.final
| MD5 | c82c72ad53e139df6641cdec50178da0 |
| SHA1 | bab628aa38a5c915797e4cc59e908f30279665a7 |
| SHA256 | 9afb3c84580a4aa1add6c7b2f18da11798aefc9f0ee91e31a57dec08f42c106f |
| SHA512 | 3b9efe9103a0428690253ddf50b65d11bae0eb4e62f8d3bb69d13c57463ed9c1200defe21761d76c2d8b05d7fb6d9cf293ecf9398bf9563a1d72a7a45eff58d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | fc58947b563cd0d2dddf7cc7fefb0fc2 |
| SHA1 | 00d477316ee381985a9e736457d72433fdb546a0 |
| SHA256 | 868780e6a5adc53875dc4ba45a53e244709ff261f9aba1c47ad1626106f02a32 |
| SHA512 | fe28ec41e8329fb35222a45e628c346704247b575e6b4fc8bb1276cd9297aaed4cdfae8c5518e5ff7b125b1c3c87af1d9f47122b6a4463695ef123cfe7dc6e2b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\default\https+++www.youtube.com\idb\3211250388sbwdpsunsohintoatciif.sqlite-wal
| MD5 | 97b22c0d4717271d9d6eb4727209b189 |
| SHA1 | fd7bcbf996af6716b4b64a860aa89aff109ef3f0 |
| SHA256 | f80c487cce243e1b1d23a8cae673ea2e06905f8f178b884072dd36066edab104 |
| SHA512 | c47f31f711f872a014283f434c6d890ffbe30e3f960b145db4a42e8ec75e78238fc5c3a0d3d0b923962ce02fd5e45e857750fa1a6c4b40e3dcb82d8c7a92b0fc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | a3b831bbbec0e36d3a973ad4a8f478d4 |
| SHA1 | 8b4ab3ff942cd39c24c1e3f43cac950cb547a8d2 |
| SHA256 | 3a8c42df8c716dc1dc6fa23e9c46f684673dda2ecbf90c936784db642397cbed |
| SHA512 | 0d0f79b056913659bc14cd93b5b019e6438d24ad247e581778379769ea2e29611585465ab39c68340cf215dd191ee34ce1fcf56da72727adc6996c8fb98b3622 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\default\https+++www.youtube.com\cache\morgue\175\{2baa34e8-f8c1-49a8-a11f-a1bb042312af}.final
| MD5 | 7a7dd221ff78889b7017387bdb433ec1 |
| SHA1 | f22cc2e0eea16a6dfda390554403e44fb060ccce |
| SHA256 | 14c1f968945350312d91937ccd56459426379c98606189a0b091aa95faccf919 |
| SHA512 | a6f14ee7e123dbbd0367191b0d8befa0eacbae6f61dd753cebb36af05d761b9b2b8aeec487cd93aa7fea2081719250f5d1d83604eb256acc016be957b0cd82dd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\default\https+++www.youtube.com\cache\morgue\179\{d14d77d5-ca95-49b1-b441-aa2a1f15f8b3}.final
| MD5 | 49eb048dedb8a619476b0fd5aae077e5 |
| SHA1 | d64eada3de96fac11291c9ec8e53b7dd61a441c6 |
| SHA256 | b2e1d5e16e2b58d707f32132a4bb2b981a7df6984c2c5a8f4a3645bf8adea153 |
| SHA512 | 98ae34ceb254b4af1dfc5d7c2c57407ec06d3007392a5fd35b8bc9331b05eb55d6775aadb0ec0f3d4cd837ab93448d35a54dff2051fbce17830a26f5e690942c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | f6eb357c98df3ce3d2fd68b71f8df9bf |
| SHA1 | 5ce3d2c5df2d6c011b613f388af1ff0cd1069c40 |
| SHA256 | dcba0018de6fb17eff6d8d8645af8c2649c7b0c4431b80c697c12f7a8ffc0bb3 |
| SHA512 | 91c65079bd686a3900ad3240ca5428c037e1455a69a3520c1e419a12e604936677be3bab8386e89b13808b63bf98f7b7854cad28a887b107489b6c088e7746e2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\0d1f5fbc-97d7-465c-87e7-2e86ad8f6874
| MD5 | 3c599b3ae9ec294938640ee264031f2d |
| SHA1 | 7bd9acfc3d50b30e802dc8cbb5e9622efe37bdcb |
| SHA256 | 16f4cf652d366503a366b6ed208fe7dc55a5557ae5e7be0050c5b2efef913f5e |
| SHA512 | 4a17553769da3cdec8bc06f6afd45699fe57bc3f2987f64ce6c82d5b92097c2bb15691f663327f51fdd0b48252df0e9f83a7c313eec45e1daedee0bd5eb867fe |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\prefs.js
| MD5 | 63cc1f384c2b9b9e0c97764b87789cf2 |
| SHA1 | 1d357ccf305f76e48a0e9322ba474e5fcbc068b0 |
| SHA256 | 06179f566f864cfc8e58f91e6b6c172cb1d7da1859e1ba7c0fafc7fa88a42e29 |
| SHA512 | 7fd9fbbf650d70eb8676cbd8c6ca5b398c7486f67315b93fa54f2d7bdbc24a8cb1d969354fbf3a76fb59f56dfad43b7b5b2be01ebfc5db326df034571eec304a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\startupCache\scriptCache.bin
| MD5 | 42ef850edbc139a84e7e3b20653f072a |
| SHA1 | 8f4865cac36ba29890d1d0bbec93d36393d545c4 |
| SHA256 | 4770d7a9a2fb83641bca7ba915eadd15fd6349d4a0fe3e37627550453feb08e5 |
| SHA512 | aceaca216366d624744005c55acc2c11c065bdf54c309358973d9cec1fca7f9cd9b12573c2be7487dba3e5147ef8b01ccf9237492bf8086deb3799eceab217f6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\addonStartup.json.lz4
| MD5 | e0573c5353827e3636ad1ecc967688fe |
| SHA1 | 516468aac41d97bed72ed2113b4314c8749a389c |
| SHA256 | 480b99af5bc1c56109d54dcdbfff1bcda29852a454150b6cf09af4fd8adcb331 |
| SHA512 | d2469436afcdb4f295d5a461f1a34162f795c81b9bb75cbfa33e5eb55c384bcb36914518ced53d8c2c97735bff61191e649c5ce212562273f028998531ae1b9e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\startupCache\urlCache.bin
| MD5 | e5adb214357fea83184be43ff7991b6b |
| SHA1 | 41fa14cf2d47472225836c460a432ee296aea531 |
| SHA256 | 77f9747a19b43ee413ccee5520b33271cb534afc6321ea70ed4c63855b7774cc |
| SHA512 | 8f9de887003d77f968f3864e9896cc04e3c3d3e9a315f66860c6b6576b53cc8cfcb686fba9111d45a1de563e27b727bac66c3e63279a4bd4d82344c07f7221dd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\index
| MD5 | dc793b9999c3d83872760c1f28e86c1d |
| SHA1 | c19f07098b889f8554c70e38b37399260c959d46 |
| SHA256 | 2abb5e87327eb7d08e8efc5945969cd7344bf93d75ad26dddbf45e3c95f0161e |
| SHA512 | d7507a0f4f0d57f61c4d34683ed3a79d297674308796e8d0ebaeacb4b7bf38aad78ac12c70e2e2513e7245a9ed7ba6703682d1ef76c5b6e0283e2fc48a823536 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\serviceworker.txt
| MD5 | dd920dfabee1de3bd26c0a00a1b112f8 |
| SHA1 | 48e589560137a487d0957e474895ce256c17393e |
| SHA256 | 2e20900ee7f02c60659a6a441967dafb656e1fc337c3c297408533719cca47ed |
| SHA512 | 8d71036ae23fc8240aa225ede8e098c16ff183560f5d6deda078ddc604888aebae0894c7da131fcc84ef2a3cb2c76a52c591a7f964f1b9bdb832c20ad4971518 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\index.log
| MD5 | fc8936bf89f036856ce6a9d041d2df17 |
| SHA1 | efe8d6a677027f383fef3359866593d4ed7bbbf3 |
| SHA256 | 2ee335ac109d7a315c8bafdb7ad5fb4ecdbf0569952a9729fbe68f0e369fffe2 |
| SHA512 | 05b328df9c97df9b5c2c325ef8b934d006707127dd3ab610b0eb644e90462b6ef7886891b5a7a6792a661a9675164bbe8483ef0b5d53ad3f1e43497efe7379dd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionCheckpoints.json
| MD5 | 948a7403e323297c6bb8a5c791b42866 |
| SHA1 | 88a555717e8a4a33eccfb7d47a2a4aa31038f9c0 |
| SHA256 | 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e |
| SHA512 | 17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\startupCache\webext.sc.lz4
| MD5 | 126798c0032616f45514340eaa10b994 |
| SHA1 | 28ca874474684703dbb643a444d7417c9f80de8f |
| SHA256 | 1dad14abc4eeedec39933cd0b58782f4963d8490f3447dfc2c1ba9bfab765fe9 |
| SHA512 | a8c7eebbf3d1aa828475b5d4ce37de8abe257d5195f9f043ea82e24f957f9d3d74649377c35cb11b1f5a9f2b23fb66bd864e3fce627a8c8aaae62b2a1d426712 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cookies.sqlite-wal
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cookies.sqlite
| MD5 | 04f2a3602884e73801c1eb997a1e9a48 |
| SHA1 | b7e7c2ac1213722a4e7e945abe0853400ebf2b61 |
| SHA256 | ec17349d0bfc61eea5cd888ae89cfacc2388c1502a955afb80bd27b6a0daa798 |
| SHA512 | f5e2fcfc2a3097a4d6aefae954bb4afaa237011be365947558f62ba64f061ce3e411ea0bdc89f666135db4c2fd6210da0e012e82cbc89f01b59785976139b69c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore.jsonlz4
| MD5 | b0a109adac722a08296d59ca108a76e6 |
| SHA1 | 2f1c2ce737452453a92a3587e4b7c9629d88089d |
| SHA256 | df3c2aeb07fa1b58cdf6b551ba16ae7fe6ba873f9d419682469bfa7deb8c8543 |
| SHA512 | de4b1df1b6876f947c91c9e61b662848b8f0fad43bd01f5006ad148a5c198d7ba2756a4c8418dbc6408343907be0facf11d1405167be2a315b65937ee341226c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\D0F48A0632B6C451791F4257697E861961F06A6F
| MD5 | 0f1848678165f820d6abc75f70abb739 |
| SHA1 | 48ed6055776adb17378d31e95b96a45a5d9eaa55 |
| SHA256 | f810c45bcd9068d9b8e0c23ccbe5ceee6ee89dac2cc46f8c935dcd3f4ce69385 |
| SHA512 | 5331bfbd45a01d5edd3f4cb1aee375dcadf3f77adc10dc05b019c68d34263a62511d02291e18bc8ff12d518cf2c6313452e46ca3a5dbfc972b0b2d74e943c85c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\permissions.sqlite
| MD5 | e36d98b7a50346cfeee7efbefcd06015 |
| SHA1 | c8cbf23be40652784c57a4d1cce93561e446a3e5 |
| SHA256 | 4806ab1dc7044359ca4ffe5782ee8b476aee06e33a87ae6ccc3ef712ec79fbfa |
| SHA512 | 311aa3d8c61a2361b7d47ca65a99473acb3bcbaeb3f302480a6e15904583f3e821e597fcdd767b01f0c508bd94905b1643cb1dd13e00e63b38c98cd2a478a25a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 3934e4d5b46fc874193ebf55fdd9597f |
| SHA1 | 1bd8224b6ed0498a4efae9206202b85292c95e8b |
| SHA256 | 0abad8789a503f3a3a214a1f2dab2d68e7071c8eae753182c3aa12ee0164364e |
| SHA512 | bc0762fd621ed7296a364a5b523763d261255cda574ff716829b83a72330e8f7b5df1f6fa493d7b6b251a6899c27d36df307f83f2fee310e3c3ae1ac5757da0a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage.sqlite
| MD5 | e9bcb3353e6c9e89d9c99344b715cd34 |
| SHA1 | 8f1064a6959c664bf05706ec787be38859223e41 |
| SHA256 | ea5f3010a8cd94ae5fd94652f311e2edb8d9f048ddc94b6b8e7e239d6b0ceb65 |
| SHA512 | f9502570d9b9ce63a1ae814e210e501e10741d7728a9329bc9fbf57d8d010d6cd894d58a6836ed9c9e671b2bbf93f912ebfb7f85df27f9c278e28bba21a5e84d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\extensions.json
| MD5 | c173020bda817a45f64c5fda72db5eb5 |
| SHA1 | ac783e559c844ec5f4d5bd2fda77885468ff09e3 |
| SHA256 | a58a854794b075765417498a01ebea449e55b0f25dd7662888aab27d5817e28b |
| SHA512 | bb9079de6b3c32ffc8504ae1dd6881f9966b53586212049d5bf27f4e2d6471c4269c36644af928fb7131a20acb33c3c8a5f9d902861bb496e47294fd84829953 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\SiteSecurityServiceState.bin
| MD5 | 071f0ef1584286dde8619661b06dd6bb |
| SHA1 | 0fa4acb1deabe659ea7a8929a9cfcdd8220f464d |
| SHA256 | 1f08a77a636c4faed9877ea24d914179f4f24dbc5f3c5f3be43bc8e371b7d7d5 |
| SHA512 | f2139b666858a36efde00bd37cefa953eac015b95a43cab86076734f05862d6a7582b50a3f77f02af36343acdb3355303bfa13eef2a7ff455e7d94c99569238f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cert9.db
| MD5 | fab552211d5c1fe37e6375c45037cd2e |
| SHA1 | ac4743f1a4b3c12caf6c36884b769ed115cbcae9 |
| SHA256 | db9fd83f8c964a6251923aa6a9552a8c4ae26069c0fe19dac34aa9e2a3a73cb4 |
| SHA512 | 2ed2c21fe136f3b87f7bf6d2c0e42e7547d80b725e97f0ec1d07ed9636dd2116b6b2c4fa23f521c59bf0e49d454edc683d831fd21abc0144edc7f1fee34d817e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
| MD5 | eb0f822e683a34080a93ce4c023c6bbc |
| SHA1 | bdcad0754b981138b75f303d0537996f5b6adb60 |
| SHA256 | e8501bdc5fa1b55830a9a0767c84358500261cdacc98c6b9cc449dc01b563ec3 |
| SHA512 | 3cc6ce28cb700741ed63c3897aed41566abf0ad5a3476c4216e2eb1aeaca512cdf7681c5b38e81f36f9c2a3e1b5d043c641690b1336397e2bc15a2658d46449b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\places.sqlite
| MD5 | 9c5407806dc1044524218d107c89ba4d |
| SHA1 | 930ec57c0481d1ebe146beb9b83ac6a26b02b148 |
| SHA256 | c0b274a4cfc657390bcafc2a686af6c3f8a4f49b505266547ada6bde0a42e064 |
| SHA512 | 98ca25170841664efe57ad61d84afcbd82141bde66e030cd2f38b4fc5010376f0d8fb440bdfca3684595f37dc5338c694139b8f00b11d391c50c80ce66ee89e2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\content-prefs.sqlite
| MD5 | b41ed219e2c8dac47f2701562d092621 |
| SHA1 | 90d507eae3ec943a121dbe5a080412e40470b54f |
| SHA256 | cfed019635a1e14f74ae78f2c03fb96b40ac3da37b67489bd98c144afc200f1f |
| SHA512 | 5c6027ec701055efb3b6c055727af5ed261e8f1d5ba954e64e8a34e5c791679b1e4a6ef49896ab8089ec151fd758ba41efc7333611af42b851606a0544a9b947 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\favicons.sqlite
| MD5 | 60e5865b07e77ff6f835d8a07b54feae |
| SHA1 | cfc2a6032b9ae55e7c789b73036216b2e2367561 |
| SHA256 | 559ce6859bb94af71d105563afd4cbfd5247c086e173cbb9add2ec4ea383a3e4 |
| SHA512 | 9b92d4a5e6ccd995359921ddbf0fffe9479d87e4c42fccddb4ce8580daba3299aa8d42bf2cdc9609c0b2b8ccc745e39fdc101039d3c168facaa361fc52c8aa0e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\0305BF7FE660AF5F32B4319E4C7EF7A7B70257A3
| MD5 | 4b54bf4129a2dc3977c5d13dda9086d6 |
| SHA1 | cc10a947943529963463b1462b96240dbcf969c7 |
| SHA256 | 0821e86591696ad4dc802383275fdacab1c8435278050ccf92b67f72d1dfcc56 |
| SHA512 | dd865bd1a7896a29959a04545e895aa11015bb5730908f35fd03a697a489949b492670f9f97626f03d0265a5c2c91da2787c1796670f987e95ca74aab0f0476c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F
| MD5 | 16f8df1b218a937e27984535dd03ce53 |
| SHA1 | a0c5c98622c5306c7176a111eb3465534ee53712 |
| SHA256 | 2ab3084d9741311bd22ae8ecf49c9ad36da66e0adc44db8928507c818e965c94 |
| SHA512 | 8b88b71188b8962a4828854c66abcd1a052bced6cf6639b9ac0494dc10a13e8f02cce530928684d846883c3edca96e058fbdfb139a3c2f22587a10e864ab2276 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\3fdcd969-285c-4bd9-951e-9d4db2e21698
| MD5 | b38e57bc6a5ae4a1995bb95bdea8f235 |
| SHA1 | 1f2b3eeae063fe1e07f9d61713ed43f063dbfbdf |
| SHA256 | 6b09ee92ad5268260563f850f7f355f041740624b4f8f6804b0a2d27571fc7e9 |
| SHA512 | 75d68962794a8486a05ddac39ba63f33e397b785d4aad7e8302b820308163f16bf4eb0a5175c966396a9f2f611b96f8f8aa8fa6369868020585527476f8d37ed |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\protections.sqlite
| MD5 | 8f6eb3beb9074c28997f53c350ec5a6a |
| SHA1 | dbabf06889815b867d5beda3780b89a95d02a3f5 |
| SHA256 | 473b468c54d32d2dde09ffdf0b621efe319155314339879163aa02e2c19b7b89 |
| SHA512 | e410fbe24af2ba7ecf8ecd0746029b1231b708e352c0a5c654e4adf8766222d85861561f0e4958ff7f1e1a158550035660d9a251e03c4c9633a17b3d991e4f57 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\5a0d60e3-81bb-4925-a5e3-d8d81d9b1cc3
| MD5 | 324676acdde58e098dbf601a5afe6a31 |
| SHA1 | a32bc34d74d0d9ca7c7eafa1dcd06caceba0f8dc |
| SHA256 | 184fdbf9fcc5aa8ca8f1d95d6d46beabba1e92fc80992c6dd4f83abdeff2b70e |
| SHA512 | ec8150cc9a04aded8a81b5bbd75293bf93661ad80fd37c16291876dd86401afeee83ad624db279c21f807671c68d51bc669796290003f389e777db510a4cab82 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\53d029f5-50fb-4d48-a9c6-072aa4e685a9
| MD5 | 6900d9dd7309e88eab29546c235d6621 |
| SHA1 | 6ffa82f1ba8a116c3ac1153814189976ee6f4214 |
| SHA256 | 74972915ad3fddf2c2f73e9c87a267ac09818066f40c49f7b66bad180e571a44 |
| SHA512 | abd168ce63b2640eba5fd401ca88dfbd6f55d98e03a82e9111330472a8d2f1094f3ff11a4fcfc0148452c3fda69f43034cab297d624b7422da194ff0e3ac5be6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495
| MD5 | ba80b07669cf6be1445ba0933b4bdde3 |
| SHA1 | a19cd728469ba164c7a00e278bc6092a71fffa9c |
| SHA256 | c015dde58b4aa9e2532dc98caee56bfc4d75d99c6991269006270c1e076e7c3c |
| SHA512 | 17a343a7fb348d646d45d3d944032eb8441821b3a11b5a3e20a56822fa13d8ef1cabadf9d8fcdd86f21ed3b3bd5b54dfb36b6d854c9136aa488607b36b101fba |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 0e78d2a4709c2ce7dba3f27bb1d1fb41 |
| SHA1 | 12f41e2bfd9fbf974543a30bd273e6eb2f51de97 |
| SHA256 | 6b15c89e9cea042eaa69f7fb0ce694af74eca745ddb76c1108dc1147d50781f8 |
| SHA512 | c909ab299f654bf711e98bd20385f27fd5341b940bb9abd09b58412529e5bdc37aa405bb5605215a8dcaa82316cd006c6d4548ec1a4099f2699112b9ca7b9d02 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl
| MD5 | f99b4984bd93547ff4ab09d35b9ed6d5 |
| SHA1 | 73bf4d313cb094bb6ead04460da9547106794007 |
| SHA256 | 402571262fd1f6dca336f822ceb0ec2a368a25dfe2f4bfa13b45c983e88b6069 |
| SHA512 | cd0ed84a24d3faae94290aca1b5ef65eef4cfba8a983da9f88ee3268fc611484a72bd44ca0947c0ca8de174619debae4604e15e4b2c364e636424ba1d37e1759 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 02d5ab5e17163b2fc343ced311801325 |
| SHA1 | f1d7892d05a9fcce89159c492e7865550e7671c9 |
| SHA256 | 68249880a93bc0947013af3b060d5fa59029ea9dab49d6dfed639d12160eeb0f |
| SHA512 | 3b4ac2ce05dd1760fcb42df589aca05f2b67ccb767bc2f19ed88e66f813f1201f376d4ccf44589a6e653295f909abe800c90059f299faded7a667232a9c92bba |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\events\pageload
| MD5 | 5d73d8d5d0ff59cc128f61b444f5954f |
| SHA1 | 9290a4041f9c257b809dbd592b82753bf967cd79 |
| SHA256 | 7b705cf1ffcd1079856f7c1bc669fd4f230427107d19d444e85e6a81cb8e1039 |
| SHA512 | 1c229257c754c02e4cf329002f8075d9466da1faec4780ec3507c229d84e2d579acaa608bc105db0d1182cbb8f794439c632938b12af1849b48cf820e425b4c8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\events\events
| MD5 | 4d4fb92dd5b1eb991fc3a2b1ef6ddc06 |
| SHA1 | d386844f734ce126aee64397d4102333a0e98932 |
| SHA256 | d2e29f329645ae4aa3cac8347aac49cf342d079ab34c81ce755160bb9d3663f7 |
| SHA512 | 7b92e24bb6b5444c8976259b8bbdd649d7a32d4bddce8bbc909c2cec7ae0c4508832835d08c5d8f7cd3c8e610708956e2cc65dc3f17f08bc95c8d14d8fa561bc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | a2727af7ed432b5ff4223cdacd10a686 |
| SHA1 | 447cfe6385336468992c0c8d1c9d2368a8b7e01b |
| SHA256 | a937df3c217ce3d9478ced8ff13edaf2569469927fe0ad5cb1e31c612810d934 |
| SHA512 | 35ef2847d4a0614a60d9d35dde97c8d1c08e05883e6570db0bb48ecaa29fbfac06fc37d524d83af1c523e4befb7af63d31567cacd74e25e33afc65c5b1439140 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.bin
| MD5 | c049db1167d7ff7c5b687209d4e8f2bc |
| SHA1 | b2ad6bca25e6605ad293eff46722b84bf2e7a5d9 |
| SHA256 | f869fe753281f1037e8780d9809cdfc8deaca23c29604a1fafaa332bf744b2e3 |
| SHA512 | b73fbe869dbe9376085ad7a8ec7e9664ca87fd6cac0aa2d40c3bede71b31fdeb8755bd387aeabfd5f0c2310c371e22a7c3ca7130ea8e8fb48ba9239d06a54ddd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\AlternateServices.bin
| MD5 | b11b4a2515f05dbda84ff8dab8636877 |
| SHA1 | 6206f4ed99ff0c5587bc5d28142f0b32e3ea841d |
| SHA256 | d140aa2178c02a38721303e8863e2971e1de26c6d2cbaaeee06b073953d9d825 |
| SHA512 | 00aa87b9b455c715554519898d39ed0aa2a76aadaac6bff25a85e1109cbc5f9bf33f798f25d6c3e5b5059db31623b9457a681f5123e3229b9b92fc97ca1e0711 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\default\https+++www.youtube.com\ls\usage
| MD5 | f07abffc9d37ebb70de25eebf6d1864a |
| SHA1 | 4945c402fbe451e55476ef51378484dfcc79e12a |
| SHA256 | dcd87254894b4203e9f6f3fa13265517f92d1e80b0c63f78b4ce6a6ef56d4a0f |
| SHA512 | 3f8869cc3a049e7cd65da440362eba1486f995a026f2e553a8d5e9e619b6fcea795d316262a5c403feed29259557fa23b29c8c010c7bd2806e2ceda1618e9818 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\default\https+++www.youtube.com\cache\caches.sqlite
| MD5 | 853eca66dda0905ee0dde5706d18ac6a |
| SHA1 | 937eaa923da89b8bb62b18663ccf5bb4dd7ed8fe |
| SHA256 | 6912a703d87f34c3430456eddccde424c37e5182749d3c542a1b16b422447757 |
| SHA512 | c5922801d1eda12e25d72d767dc88b5f298138e0599cf69068d22f7217777536e59c96e45f8f21c26208535bd184c7ede5ae533df415caf8dbb958e258d24e4f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\default\https+++www.youtube.com\cache\.padding
| MD5 | 7dea362b3fac8e00956a4952a3d4f474 |
| SHA1 | 05fe405753166f125559e7c9ac558654f107c7e9 |
| SHA256 | af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc |
| SHA512 | 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\default\https+++www.youtube.com\.metadata-v2
| MD5 | 17fc76faaf5a9886e2b51b1fe5411770 |
| SHA1 | 7e232faf2f416f0d1f9b855c7c43fffde15a2a62 |
| SHA256 | ce9e6440a9a9aa37fb2ba9baa07305953253f312e229cb62e1f1d469800914df |
| SHA512 | 9543cfa45fe4c7de61e4096d66fe2c02b59d70ed0e78eabd249244db5e6de2ab96651ac46dae5f9ae6126f3ff431c41c5eadcf1972587e320e4142050f621a8e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\default\https+++www.google.com\ls\usage
| MD5 | 5ff71dad7c5e744dfa947877af782afb |
| SHA1 | 9aa480b4bee69816300bf5a411f8ab485b7d2cbc |
| SHA256 | 9db30533fb7a6d3f7b8934d527139451eefc93b3740d81fc9d547a67e2bcc7b3 |
| SHA512 | 867c2c7e3b33b3d5fc714ae97e393e73249f5ad63579a0fafc2bfb7952aa436a808501d4022ae4e06d9634169b4100c7d6ca503964f22e7117ee829c46bceba6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\default\https+++www.google.com\.metadata-v2
| MD5 | 42c078fe1a1afba25eb98c5d3047bdff |
| SHA1 | 6f80b6ed99a775e2fad8c4d971dab7a4eb1ad7c4 |
| SHA256 | b9872a0f71509ac56b529ed5153d8b1125256e91ad1dfe2eeb7110830f81b7ee |
| SHA512 | 072cb5240af9a66b2542f354e902a02b423a5ecd7b88ada4f40d7497b0cf54d326673a89ef2eb582a8d59d90fb521c7e3a539cfbab22de32c15085924eb2f455 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\prefs.js
| MD5 | 064d83719783438bb7ef0998df8afae1 |
| SHA1 | 5f917f37d3b302d189cd78aec0488880df25ce68 |
| SHA256 | 6ab3cedcc2999e0180613ec71539cad2fc62a6752106f13295feffce1985b58e |
| SHA512 | f47d385ab21077b4a25c02ea0011925d5535435ca9166b1177e5a98796afbfd85fbac816c248e7677bbf015d87b6587721780c64f4fdbdc313ce8da556901087 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\formhistory.sqlite
| MD5 | 4dd725caed7d67f1338903236b25f9c0 |
| SHA1 | e86dacf5a89121097e69ebcc1924f549806330ff |
| SHA256 | 59be910aa3ead56f3daad6e54773e5a432bb980c2caa218c3fa881674b102091 |
| SHA512 | 55047a66760d592c1486e6d71bd55651daffd1e9dd670281bdf95f45fd13fd009a678a9c269515d576d48c36fa24f6ba27caa03bf4121bb84b4d9df6727d0e9c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\F18D85F52EBBBA2AB081EF739ED0D6E8A76D497C
| MD5 | c13cf68658866f54147db72c9f612051 |
| SHA1 | 906e84fc06fe8de3a0b1f9c49ef2a9ee8d935801 |
| SHA256 | 16644118455f3647deb9e6aa6105ddcdec34538c1bc37b8ab5f8697ee4c7b74e |
| SHA512 | 902ed7af7dc286354ab2d59771ceeca3688fc491038b1ceeec9e0a4872b0bc354df600954809f79d2ecd958a55008e7abe179b9204e102ed9e5a2025548a6b5f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\AlternateServices.bin
| MD5 | 5e4f3ab6416a0ccfb3367d21f0afb99e |
| SHA1 | bab187d7bd8fe86c8c64b1637cd6822bfcb82583 |
| SHA256 | 23f13b6ff89d6fce3920669d233b751432aacee11981f712f5df96249883b0bc |
| SHA512 | fe60d68c4617431485007eded23a6f8fe9a39198b8f0614589b1de28dc5a5950d273ba8131ece6ccdef97c243328fcf38dcc595b420e028b6475549f1f206cc0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\8540EC873F08CBAD5DF5121BD3BABF95624B4A14
| MD5 | 5ac489203c6df1661d9aa195161767fb |
| SHA1 | b6f701068deda295924350ac085a7cfc3f2c5230 |
| SHA256 | 5ab42ddbf1b5c8f0e6b9ffa804a36ac143d0a399f770804cfb1ff9d20af15634 |
| SHA512 | 279e9b8c76c6323028d20dd992ccf2fe6e1e3ce500d650ca0eb9db91369b4a53052232f0e62ddf7e115a7ec073db29cb47d3d0f34e4a83cc12966956a4bcd153 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\2B16ACC15AA680352D12943E950AB926A085A466
| MD5 | 61a450c275e3c923adc470d43b2a0352 |
| SHA1 | 55fb282ea2b0bfb84be8ba364c1573ee141d3697 |
| SHA256 | 8cd43c9c1764807fcd07edf3b56b3686ca4b1bc2368e9a6654f415f98d7b0b69 |
| SHA512 | 7a3722360e3597df7ee50abd0a7c2ddd5894b429f88ac99d08d282be07ce06ef04f70ecacd1b78bc76b3a4c903856e3d302e7589ced694bda5b78a54da687d1c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\CE30F9E7CB4E0D8AEB054228E581960CC2812E48
| MD5 | 5cb1e60095d44d82f58715fc753dbe4b |
| SHA1 | 3b0ee5b483d32cc757c6dca20824db501a2c236c |
| SHA256 | 8bb286b9f1e511798c95da441cddce6d9b1525ab6cab877d3915e91c08726504 |
| SHA512 | db4e13ef891fc480da4b123c68c7436a494a3029c9dd9feeac18290498155c7ba5a6bd767809429ac5a52af1120b18addcbad45e1371ba3dbaafcf69fd004042 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\storage\default\https+++www.google.com\ls\data.sqlite
| MD5 | 061c8827cd7bcfb54fdc2af5afac651f |
| SHA1 | e70ec90a8216ff647f08dd19f299d286fac3960e |
| SHA256 | 8c3c03c432d88253ba6c8ec4ca9c97d5871923344c896205c02d9d7d9e310413 |
| SHA512 | 15d43ce3bbcf191dfb327e3c43efaf008c40bd0be7ceb6874ef00b8ea0d3b125ba69ec25cd7fdc1b24c61ffb2f9704469bc8057677e83d63ff8282990017e118 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\AE6C91A7A94F8219B78F6FB4AEBCFA5DD3A78D91
| MD5 | 6d90f19c32f458272070f71bc04ffe66 |
| SHA1 | 79108b4e1b83437b6d1485861f6b43f35cd3782f |
| SHA256 | 918cc26c62835a43149684ce6095ba896efd678c0e8601f3042cdbacac304932 |
| SHA512 | 58977fb6970990ab121bb0e2f81ba75782e0bdd1c3763f9eadc89be375f9e77eef83ce7d5c15c01bf0eefc8715284b660e5cae41e057ba64aba104a3ee0e188b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\6EC2AE770EFC3451D85A600B7DBCCE4A25142850
| MD5 | e2096c9194de1e50b21c46c05d4bb4ff |
| SHA1 | 4ac37e9154d1b0907119c0bec3ecd4d883739e8d |
| SHA256 | 8e87c43785b282876117756e2220bce368433794359dffff8dda316381c7dec0 |
| SHA512 | 3a8d075a948827df9e1013ea484e20a9c5ec78653c9a4016fa43e574ab4a67cc94a5ac83a8bab35cb2b19c571710bc70dbb537a9ccb4c78185f83c0000d79935 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\FD3C8B7B2C5FC530AE8D3FC8050677579C3D2E17
| MD5 | d633f8edfb27d3f3a0dc3dce8af00b6f |
| SHA1 | 1df00cc097b7b48476ed52ff9260431d204b0318 |
| SHA256 | 26f3bae1abad1f2e57ff4ffe76384be235e99a6545564c249188f9e37151c5a8 |
| SHA512 | fa7b53b36869382e652ab6d2c4b78c091fedf1aeb9146ec1e25d2c05e1284b59ee1cded4b385a131f3aa0c681ddd860dac53ff422dc892685d3ef2280159de80 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\9FC8C85689D31525EACE26158B83B464F43A027B
| MD5 | 6ebaadb3e7b0d96df2a1034b408af404 |
| SHA1 | c2f0263d938ce73efa732b5c7174c483d2ee02c4 |
| SHA256 | fd36656b8f13aa1d5bafacf68d60f70b043bf1d1acbeafd93e216f9debdb9c53 |
| SHA512 | 3cb6573ae37501277b0aa22c506811ee8490a7708d0195a118666459c85669a40a3c27beff2544e2628804f822c45a68ce5bac68d28c30266851095ef7fadc37 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\F0170AF0AA6273CDA9D105CE8905143FE8159A19
| MD5 | cae4c7484bed0665e9e8fe5fb0d907c2 |
| SHA1 | c0a981dc364d30dc159fa96c363ad9c19245cebc |
| SHA256 | 14f466447c0271aa1a88f7878cf7f67cc76bcecad9639d36c0497d5993a0d19b |
| SHA512 | 83f412251cc0eadfbc5cd76b48f1aeb0bc8979ba9b20ca4be6682b4c00ea4d1fa40f56c7ce6cc71f3ebd0e7af9ec8e5f14f3505ebabe7786b00ec242ab8d140b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | ade1573e45033b11775a9cb97758938e |
| SHA1 | 73ec85178f9707c01dfeaf2ddfe252af30b52759 |
| SHA256 | dba97e891410cfb5efe51a11021fb41194c3d3493fd31e2fd3809eed266fe0bc |
| SHA512 | 13ec4f593b2e2d90a0f927f6415fed1faccb8c637602c77e2b211d4e361d0643822cfee044705280c40f6785c93c22a18c7975a0c9a8f01618573a9b85816782 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\99559A4941891CD5905E3EF1D64FEC2824C6BDAA
| MD5 | 08668952b32d584e2492ebbfa8c868ff |
| SHA1 | 4d5ab86e5f9cd6b1724b87f002a650690d5ace75 |
| SHA256 | c983a3373f4476394ab83e3463a9dbb2ed331f6e36cd3dbd867619216960394e |
| SHA512 | 0874ae767a33481258e84bf6e4a2fa0c141570dec267cfc95d2494bb0e2f5b92602bd4977e2f2f84951df72a43df38ac503cbb0d78a4f224b1d9726aa65445c6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 2f3fc17d269993a026adfb831d666033 |
| SHA1 | 6c7a7e58c2e5cd9eef4a414c82c3f66605b56498 |
| SHA256 | c813b71827a0dd6d47097fd2219bf628d0e2fb4c2e0e4e440c352aa8c4f901a9 |
| SHA512 | 74241ad6f05f18899f3e777c86002d7ac4f1359acbe46ff6754e749f5e1781fdfe1fef00c3bc8816e71afa83f60776cb2963d0a7d8b90b0b875c9aee548ca5e0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\BDD93674D7318CC496CC9B4D8B39A21D7E69E89A
| MD5 | f80284db30922395c1b6172869c6992b |
| SHA1 | ab1f81d6197c974f178d8dcd4ced137d078c75fb |
| SHA256 | e278de20ef02ea7b2444071cfca93bee0f47cec064e9e789b72f9e5634ba95e4 |
| SHA512 | efa3e86821f3ff62c5911d09c8461df1923dcbb6f8482b4700a767f8f6ea7940db6f0419488cbf65279a231f8043e1beefca5037eb69b7db5867ed75c8ca8ddc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\3DAB4AD5F65DDEDA8310F2811C11A30D50EBA59C
| MD5 | d699a055d98a63779eb773c4d934fb13 |
| SHA1 | 8a1632611f3c5636045d02557c2cac23ede3efba |
| SHA256 | daf6be002ff8dc4f780bb5ce0f1ca20842b0d196c4ac2ba320c6bf654cdfcb0d |
| SHA512 | bd522da01ffd42c578d01c42002a66d06ba2f81b27a4c2bc4c95c4530c7c90d52988d1a5edc83ae4c9903981ab1204e1f0f8f151c58ba779adb412eb1b3f5ad2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\5627EC047E3A09F66AB68C7E4DBFC195FD847D9B
| MD5 | 2cc112eae284419f25b2c5becd97897b |
| SHA1 | 351a79ece694ce1acee86a0b35425f876661e390 |
| SHA256 | 94ffbac6c1bed35f72d23be0345da5c091accb3b5392289a78416d352a317399 |
| SHA512 | c5e945240f8a5273e73d5bbf8042492255af3fd56cdfef3b289e8268388e478cc776f1f96de48839c0596cbe2575b50c42a8e50b49245b97ea8e15a5de356231 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\9C9625E3FC34CF0A876025E227D060AAB0C60500
| MD5 | 1574ac8daad420911cff6e90341d26d8 |
| SHA1 | 04324eb56dfe44cbc530aa6888e0aee824db4fe9 |
| SHA256 | ec07a6fb3bc22813d953e9c6593c9b8afe9153dd670424393411cfd54515d5a9 |
| SHA512 | a182ce77f89eb07defbb8dd506d45c440ffd746b1737e7134550bea3c9089a7dbfefd4e221949a1e3c5af35b22f77512eb28f19af1e57ba516fe700f07a15547 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\crashes\store.json.mozlz4
| MD5 | a6338865eb252d0ef8fcf11fa9af3f0d |
| SHA1 | cecdd4c4dcae10c2ffc8eb938121b6231de48cd3 |
| SHA256 | 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965 |
| SHA512 | d950227ac83f4e8246d73f9f35c19e88ce65d0ca5f1ef8ccbb02ed6efc66b1b7e683e2ba0200279d7ca4b49831fd8c3ceb0584265b10accff2611ec1ca8c0c6c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 1ae3dba051e20d1edb8f3600dae51b5e |
| SHA1 | c6a7e35a103454790c4230edcc72ca866cff8fd2 |
| SHA256 | b8bfa88369223aa21655198add8ef90243db731b4d94d67b9c22a3a182e892a6 |
| SHA512 | 8870df61a3524136515db93f57a74a4b7fe5245371e1970088862b73241f0282f82a357e57db723ae1ea528d834fc4fa6ce3bf92a1f2c43da0895e439b164974 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\520B737D2FC42970EA3ED9A6778612D870C30295
| MD5 | 169e1eed5de435cf4e54f806a8400349 |
| SHA1 | 244999cb2e963fcddbcaeac1d12163be860b138f |
| SHA256 | b932d6e48412360e98355c4fe83e5a7d1cb1f2abbe60bf5c992b6ea2aed214ec |
| SHA512 | 94fb93605f09536ed6ac09709164b1d0a95ed7b10b01b883562dcb7d239160709d631c75b9de7d2e7654d6e7cf2cef6b45ab3d548f907021773cb3bfdabaa8c8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6ir3v68x.default-release\cache2\entries\6EA1267BC1D99F39E596EDAEBC55E4A75E383819
| MD5 | e2ce96b8fe939e2cf883568d29885e60 |
| SHA1 | fd2d34cae9b4e5ebcdb07eb237f29a6ee47feaff |
| SHA256 | 0811396ca700c856653440f0ae44719ccb412510c28c89b46dd3feba2cd6215a |
| SHA512 | b110834e6594e70daf8bd99bf6cb2401ae8d409e7f59c9d0a4eb1b2a09e274102cc4a3d6af49866cad8340734ad4e6770506bc84ad1091e20401f0200f8b5ba7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 71e452dd76d4ef385c9d29b971b13ec0 |
| SHA1 | 19a272f0fe4aede30272fc20404a30cd6cad04a6 |
| SHA256 | 39c4d3658f74dd7409e56756493308f92df53ccb5fb5ad36bf5b50bc27818bc5 |
| SHA512 | 0305a89be672b17f4ea0525a9f6ead1e37ecdcbb28a494d0ed8d7158f8446f6febca2de9d9f20192ba5d732a1e1e8b57d44b6905ae9f91f94a34ff1c5656c262 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\a48b6b38-5bba-45fa-9d70-d565bd39d662
| MD5 | ede94d7f26d2e8253b4637d1b9560ee1 |
| SHA1 | 323104ed2052cb4d497a870437763ac82c2ecb9d |
| SHA256 | 5ec99a0be4a7847132d65d1697c87cd930452bf9a875d1b2bd2649b040f68465 |
| SHA512 | f259a753d4f4e72044f151ea474ada55caa3cd85c4fc8fd30db4c339c7961bb872d8ab82c551fbac7eac9f7b1c9fee190a7e6ccdabae4eb41a0f45a885425d04 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 211566f4b56c18a75dc9069ebf1c50e1 |
| SHA1 | e27d547ca682bd3a0f529306f4b9c32eeb240cde |
| SHA256 | 849aeaedb06b8e066fee01ec9d474d450cde22ad2aa9c18e4db87b4892ffd997 |
| SHA512 | 747c4d8b77867306a70b77cfd91457f4bfbd2f6e84a9c96465e584e7dffb62c903a74001804f92c3e2db881abe16d62e64637f437974d01873e675798d526193 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\places.sqlite
| MD5 | 9add0fdd2fc75a53ad3fccc373d69e82 |
| SHA1 | 8bf0f6b5c07f83e42dc00258fd2a2a1ae0a7e397 |
| SHA256 | 5ebebfe43da08f8de4a06a3971db5bf728eafa6dbc3036179b92e3f1b5175cd6 |
| SHA512 | 9f4e6ca2427b44149384f51a2b8160351a6e73563178db1aaf6a58070869c7f4b234ce5119db10d1a25b806217d6b7d9bf65b26126420a3e81799fb36c6270db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | af5cfc0e11f42535ed8a1b77c0ae3acc |
| SHA1 | 1a4fba026f8c03ec91b23c7270930e557b219efb |
| SHA256 | 19c0cbed349dfe762953277005c672bc92746afb9f07f97a38da735d43bf0d7e |
| SHA512 | ca10f95333adff5dc6b0673c97ba7ccf0a9cec02b4117b9dc2ddb2e0249c622f8c58c70714707248cdd83ee5569954fe926935f6bdc8feda3d6eaa7684bd3851 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 82674e3b7a790be585175b5d8fe40a5a |
| SHA1 | 11cfe9093c880646cad30f843c0c6c25fb35c85d |
| SHA256 | a2306cdf39f790bc4fcfb2096857a252730c1f024104cd7f386e32ad6c4e22a6 |
| SHA512 | 4dd100fefb4d417721aa43aa930ca9054d5f7ce3dc7a072524c2e7e6157dbf50a37b91b8f7398c3428dbcfae33bc88f9996c59c534d3e50256a585bc91a9e2d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 44d217bcfca26dfbbb3d2d0604dd1ecc |
| SHA1 | 7b65443615f72f6c362e067b72b69871ff63a1c9 |
| SHA256 | d415964d80508b1304f8aa4126e5ecac9ba7d824d57806d99dbd40c5777bb376 |
| SHA512 | 760f0c0d95dd1bce1d44a59ad4cb6f9b4b0e644c96e56eeba8ada530e697a8e1c351cae54547c58a12e041a1b0bac9e2125a3cce86fff25cacc174f9e380201c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4710100a1bfd4837c1eacd758b486279 |
| SHA1 | 22df05f6f196fcc0c361c43568b97baff02a0eb6 |
| SHA256 | 6fb3225fad1ff13f7ed765bf8928d0641b5c65f3a3fd7d4a7f171b5bc44e8fe5 |
| SHA512 | e9eeaf2a82727544ba7af3a478c1ad41e8b09b44c97d8c3e849508b5ca27564241866ed042717dba5f153647cddd004da87b56b1fe23c5ec1781febb44d57557 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | ed0d563d205297dc2beb16c4f8da403b |
| SHA1 | 305b5a359e33d2695e187a3966e8bd63b9730e32 |
| SHA256 | a7cf5eb7d2796a27d0f930cb289b94d71098bf4bb37d712a4fc0e2f64a98d85f |
| SHA512 | b55d92de155aaa7e9ca7c28ec4af50e90a376701ce1dd2dc69132bfb000debdded91d567e6c84312b1f1babf40273a08b33e80d3b45b878b766a7d200afbc582 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9b4c4a2295aa4c6d90567ca76bbb15e9 |
| SHA1 | 6016170af6721949caa170793f42ef95452e18a0 |
| SHA256 | 75b27bb5189103db1966262311ee008cd35d1890fa45719f3f39b8f8f0254ffb |
| SHA512 | eda5a8cc1713bc7483e5e1eff48a0d9e5d6c132ef4f03e86fdadd430378055f1ab12bdd3061dac5e05caa286336d81807492154c1bbb56d135f1a862b46fc9b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1c7a333204f64430ea817655033ff794 |
| SHA1 | 921c1bbd553b1c17d474849369cdc1d3f81914ae |
| SHA256 | e2484b3bb3e0730ad7d95ef98b476a150b067e1b6ce6d3d310fbbd964972e409 |
| SHA512 | a745c547443ecc9df0830526f43482c7b4b3f11937b7c4aec3bd2b5238c7c6c4788f3f6ddda0c1c19768bc9f48c6efde27a20fd6c5d84ae064d24ea245cbf06a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a0f703dc575ccb627359000770132ed8 |
| SHA1 | fb66c512ac541dae2b12f0c74fb695e891d6a078 |
| SHA256 | e87a236c07d26f73e404593f90d2e8250783b61eff59d777401ae64625bfc11e |
| SHA512 | 4862693cb759c764696e34fb77043cebb19187123257d4c383cf3ee7645c001bca4f3b1e06aa6ece7eb0aa5c0666449e9d2dbb28baddbade40ab54874a10140c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 35a25ae4c8c38403cd869832a45b1069 |
| SHA1 | 711b74a9e667a200d09dde2ba4986b6440e8ba59 |
| SHA256 | b1a1958ee6bfd218bc121f358e33e6dc2b2b67873a44bf21647203fa43652860 |
| SHA512 | 05c5c563eab2d4239d88dbd6204c43b3532de47768202baec9e381d1cfc24bdea9eea779bd9e963b017c87a7a3ac0c246e108fb8894c113b93bddd097d30b3ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6ccc16cdc6734a50379fb7ead1186613 |
| SHA1 | a71fa2dcecd9304db64c142e129136ebbc383c6b |
| SHA256 | 086b50bd331c857b3ff04e7b8e2b3a34b310f31d6d7994919b0da62683a6b622 |
| SHA512 | d45049a491c281201134264d45205399ed356c26697f72b153f57eb9f8196322278c553eeb83eced16d693ff3e56d3dc5405d3e4c50d360cdc76156c4ad2e78f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 468b8f7af8042850578ebedc52eceeab |
| SHA1 | 6b446156732689887e1ce1f8e0619c49bc31388f |
| SHA256 | 5cad6df116394474195b92ce7f374c9533f4dbd6bd81de2ac9bec00fbd1906db |
| SHA512 | d182306d498d99daeac5272339db2ae1ef4eb54cc43bac28b3b4778df994c14128913cf2066a9889d62b2fcde7853cf32470196f9630d69e43bc91dd02352c33 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\f596f651-8835-48d4-b3f0-5f3119e2e2ba
| MD5 | 5e1b001aee4d20eb4f43a0454c653c47 |
| SHA1 | d919dfb6946baf4ee28cd70f749bc4153de148fc |
| SHA256 | d51660e1f826848fafd2f472218f3eec8ea22e71e9dfb3b1cab833971a73a025 |
| SHA512 | 907f93248cd116025f868958f0cea416e843ae425f57b65e3071a51becd1e9737693acd53b555aca0ac94438064118f461c83c4c43cf01768cb1974740539d1f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | f50233ada79acdbd134c0cc664c37b17 |
| SHA1 | 7f1456bed0f04cc35b0e874443c4e61a5bdb3139 |
| SHA256 | 3733a4b96d6f4522a6fd8813826bcd871308f5ad9538bb06d77e8f9c1df52bfd |
| SHA512 | 10817ef56911db148aeffb9228b18021c8fcd5d0a0defbf451098a2b380068910234dad83e077aa3141c095233ccca877a8cb8276db397280629fd14b9cce8e0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 4a859047a7a8f97ff00736b4f6354a7b |
| SHA1 | 12b106b29fe6bac21a27315602aa994614ce1c67 |
| SHA256 | 98830fa030e03baedd9bf94cc799b2301345a3ec4c881f445ccf8caa22014066 |
| SHA512 | 731a2704bb277f0d34baa1865812803646e324e60231ecd564ae6ee1d870fb9824090d1eb1cb05cfdeab3e9f476f5e79b17d64625b6a7e96bbc8de739b4aaf8b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\6766ce01-12f5-4056-88af-62cf233ed0a8
| MD5 | 8139cfd3b54261a0e2a852ff49b39507 |
| SHA1 | 7eaf816006a3971c22c929300112b2f2f531453a |
| SHA256 | 3558c831410cb08365f87105b1c6bd3e4da8465c003ca94293011aa64f34b965 |
| SHA512 | 18789907198dfc36b33059c0192ea221224f4853c9a055f7b8697f24805bcc4f4042ea147a3ad47844379641045ef6b670b59fd7e6748fffc13d86555d4036ed |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\pending_pings\3e79ab5a-307c-4125-8f4f-81065afbe7d5
| MD5 | 8c91eba2786a415cbccbe925253250b5 |
| SHA1 | 80a3649b177d5851dd0e16c3b9cd97ae1e77616b |
| SHA256 | 1af3272789d9f8120b962e0a78b6a7417bd5637018a2faa5e7bcc3ad8f2f0700 |
| SHA512 | 21d6023f5416c5e4a793b13b5f54fbd9ad5f0898d8d863b96065177e735a2f1d6ab583fbc9a4c1cbb323f05640f76c85987df6f9d0d09bd0c6a1611ce2e06974 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | f6ff7e5ec90c95d0c7bd6314acdd06af |
| SHA1 | 5c6611f5839bebbaf848bb43c2e523cabfc3ef91 |
| SHA256 | e37423d3d483817909153a1e7b0aa57aa1525f5301c29cc85da37fb5a25878f0 |
| SHA512 | d4d2e2aaa81f945faff5fa7779a9c6dc36a8d6438f05b08218aa2a4191337ab0c8f7d88c630f12f9f35bcd7d7eaa342ee9e0562b62a18c74a1e15c32a4a90d13 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\prefs-1.js
| MD5 | 180bca52f92f87528c1fd03ca0ab93ac |
| SHA1 | 414d609aed0ec92d3633b76d06e8eb9a9f6476de |
| SHA256 | 56e3fc7a81b0f76c842d62dfd8bf19397a74d7d18805b360856682e1563f01fc |
| SHA512 | 80b01b69d55631fbeabc34e18018f76ba76592d5af653fc92dbd4bf39eb38f74c9caf3adf1c05098f74d2bf0471807757e8628f50613758d887ffd7c4e2cfe67 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 001bd25068384e478c38a773289ad32f |
| SHA1 | 10d7d9f5ff61bc4691abffc760e8d94413c4f0bf |
| SHA256 | b62d2d213bdb48e46faaa640220332ca069518f2b17aab9629781ad46d45ce75 |
| SHA512 | 023ee2f13ee1baf953cdcd0100e0e86ade39235ff11a22024cea234132e4b832f9e8a5880758c9c6b8c58531d54472c1a1a79d318caf4428a24e5eaa3f539b16 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6ir3v68x.default-release\sessionCheckpoints.json.tmp
| MD5 | 362985746d24dbb2b166089f30cd1bb7 |
| SHA1 | 6520fc33381879a120165ede6a0f8aadf9013d3b |
| SHA256 | b779351c8c6b04cf1d260c5e76fb4ecf4b74454cc6215a43ea15a223bf5bdd7e |
| SHA512 | 0e85cd132c895b3bffce653aeac0b5645e9d1200eb21e23f4e574b079821a44514c1d4b036d29a7d2ea500065c7131aef81cfc38ff1750dbb0e8e0c57fdc2a61 |
memory/1704-3378-0x00000279734A0000-0x00000279734A1000-memory.dmp
memory/1704-3377-0x00000279734A0000-0x00000279734A1000-memory.dmp
memory/1704-3376-0x00000279734A0000-0x00000279734A1000-memory.dmp
memory/1704-3388-0x00000279734A0000-0x00000279734A1000-memory.dmp
memory/1704-3387-0x00000279734A0000-0x00000279734A1000-memory.dmp
memory/1704-3386-0x00000279734A0000-0x00000279734A1000-memory.dmp
memory/1704-3385-0x00000279734A0000-0x00000279734A1000-memory.dmp
memory/1704-3383-0x00000279734A0000-0x00000279734A1000-memory.dmp
memory/1704-3384-0x00000279734A0000-0x00000279734A1000-memory.dmp
memory/1704-3382-0x00000279734A0000-0x00000279734A1000-memory.dmp
memory/1104-3389-0x000001F6B6130000-0x000001F6B6131000-memory.dmp
memory/1104-3391-0x000001F6B6130000-0x000001F6B6131000-memory.dmp
memory/1104-3390-0x000001F6B6130000-0x000001F6B6131000-memory.dmp
memory/1104-3398-0x000001F6B6130000-0x000001F6B6131000-memory.dmp
memory/1104-3397-0x000001F6B6130000-0x000001F6B6131000-memory.dmp
memory/1104-3396-0x000001F6B6130000-0x000001F6B6131000-memory.dmp
memory/1104-3395-0x000001F6B6130000-0x000001F6B6131000-memory.dmp
memory/1104-3394-0x000001F6B6130000-0x000001F6B6131000-memory.dmp
memory/1104-3393-0x000001F6B6130000-0x000001F6B6131000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c2d9eeb3fdd75834f0ac3f9767de8d6f |
| SHA1 | 4d16a7e82190f8490a00008bd53d85fb92e379b0 |
| SHA256 | 1e5efb5f1d78a4cc269cb116307e9d767fc5ad8a18e6cf95c81c61d7b1da5c66 |
| SHA512 | d92f995f9e096ecc0a7b8b4aca336aeef0e7b919fe7fe008169f0b87da84d018971ba5728141557d42a0fc562a25191bd85e0d7354c401b09e8b62cdc44b6dcd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e55832d7cd7e868a2c087c4c73678018 |
| SHA1 | ed7a2f6d6437e907218ffba9128802eaf414a0eb |
| SHA256 | a4d7777b980ec53de3a70aca8fb25b77e9b53187e7d2f0fa1a729ee9a35da574 |
| SHA512 | 897fdebf1a9269a1bf1e3a791f6ee9ab7c24c9d75eeff65ac9599764e1c8585784e1837ba5321d90af0b004af121b2206081a6fb1b1ad571a0051ee33d3f5c5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d362870cd467a9d5e1071f86d961de3e |
| SHA1 | 363f049922ab19a46348428ce4af6a0bdbf3c605 |
| SHA256 | 73b7e09d6bd2bbefd2296b68ea41703722b59762b53976734d654b7db29c7e24 |
| SHA512 | 2c95352d8a27c0753aa69a6048492eb6b125bbc55a6ae57b69e14c4b38b6e55cbe34bcbc1e2be4c72a413f86402928dc8853c38f9c8f3c1bc1e6e27e4b4d9cda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Office_SETLANG_EXE_15
| MD5 | 0e2a09c8b94747fa78ec836b5711c0c0 |
| SHA1 | 92495421ad887f27f53784c470884802797025ad |
| SHA256 | 0c1cdbbf6d974764aad46477863059eaec7b1717a7d26b025f0f8fe24338bb36 |
| SHA512 | 61530a33a6109467962ba51371821ea55bb36cd2abc0e7a15f270abf62340e9166e66a1b10f4de9a306b368820802c4adb9653b9a5acd6f1e825e60128fd2409 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Windows_Explorer
| MD5 | ab0262f72142aab53d5402e6d0cb5d24 |
| SHA1 | eaf95bb31ae1d4c0010f50e789bdc8b8e3116116 |
| SHA256 | 20a108577209b2499cfdba77645477dd0d9771a77d42a53c6315156761efcfbb |
| SHA512 | bf9580f3e5d1102cf758503e18a2cf98c799c4a252eedf9344f7c5626da3a1cf141353f01601a3b549234cc3f2978ad31f928068395b56f9f0885c07dbe81da1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d3b02378fde790d04fc2becefa41ebd3 |
| SHA1 | 0888c533ab182695425057e6d61cc7cb3e711c77 |
| SHA256 | 0e4c1547980a6c294a6fcb95a3a386336eb228835d36474a474b1a87ff1f7f06 |
| SHA512 | d540634eb86d8366ef78baa5d53a7e761c5c90abdabe1b8fd6a86bbfe357c71ba7e4853270c1636fd8fed6f8124617f03f063c407222b724bb5d5ecb3a4079f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a7b7b6925b98197fb0824151cddcd0a7 |
| SHA1 | 92e1b2e90c39f80f32e5fee09b6b74d5062cd707 |
| SHA256 | 5166e80c62e9fd3dcbe761f10f4ed15f37e1a5ec2d16cd94954251a2e35a07ef |
| SHA512 | 425b76a7395c96f7933803a85be4e05ba1e89106a566d2d0facf24d2d697f937cc41d2ce05dc93bfc6d3b82a0ad2b4dee8d7909fff3e52b19b7faf17dfd05ae1 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133750483171142433.txt
| MD5 | 3ddb1242ccbb1b5134fb439372e88d4a |
| SHA1 | a6e041b164d04e30a59417cdcaee75f4e37c1509 |
| SHA256 | 37f2a5018101cff2909ac334e8516e1baf94bf7f18d573c21b87c188ed2c05f0 |
| SHA512 | 88d57cdd0dd1c271f6d8eadca311d81a6954dada42a5ad29867839ac8b38e644550d4ec26b9e364877ba2d75b7bea71c4ecd035e2e1dac0ff6a71a1e0e15790a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3a975eccbcff4c5ff9eb85d7d056da65 |
| SHA1 | 41888ce398fb8b8b4e03abbf4a05b9a7226313e8 |
| SHA256 | 81a6b086fd6c3cc436ed6631c5a9a1dbbaf0e9c4864d4367e0c6f90d706f2e48 |
| SHA512 | 198ee283ed7c0b3336457d3334a1fb87ad2a5c1983e125cb5c83e381aeb9bc13e35069f5181b9b67227ab660c3611845b3c7fc6c006c7a75d0dcf6572fc96d65 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3822cdd0d20913ab5c34e4f269b1c5e7 |
| SHA1 | d955cf8728442b16acc23de3faab16f28a9bf2fb |
| SHA256 | 5948e1e2bbadfb96751fb3c474efed799552bf2a51543795df3e01e1a7b65695 |
| SHA512 | 694f25cb6bf6c59f50aba27a2cd445044f93c80b4731d64bad0621ac2348c674fcd01236523b724897023115d413136235c1ddaa3665cb250f38f07de3ab238b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5c5ce50d4eadcd1bac1ad859bcc468bb |
| SHA1 | e62859652082fa150a883ed1a6c95186a84e441a |
| SHA256 | 975e7a1de6d34372bfc4d2d2c27b50fecfd83e28af6da6e46eaa5abd972b62e4 |
| SHA512 | c0279dbcfe997a23e0ff327ef91b6838b920b0d948147483b5e4beb47c58ea79671c552821a921fed4b76c4aa7eb11bb70e036a9261ec802eff5e7a9b2f38d59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 10531da4132184fec4b130d84af0a0bb |
| SHA1 | c4b27e9dcdb67a6abad625ee098e1a6c876d8813 |
| SHA256 | 58d742acc084e34f092ee187d44d3d34b81eb19877ed5eb547f44884596a4ff7 |
| SHA512 | 7f1e4e189145f90689dbf6dcc776d0d067401ee6e59d875063aef82de40b30e0f50218cba25b26564bbcbeeea30c7d45df0131fab50b16c9946f58f52b4ca65e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | eea36bd0498a9c3aff910502315e222b |
| SHA1 | 1d9504cdf8819bc34d32f35b98dcb019322d665b |
| SHA256 | 7147553f8186aa1a0e9a15633624cf6275c01dba4846bf05a9b9e461960bd9f8 |
| SHA512 | 4be10476d7ed7a5032ca3431c93612243144f32e229116b2ed8e6462a30d07821cc3c5f42852f9fde61e5aa5e8769ed5ecfeea7ceb17a36062405caf77e6d240 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 631ba9b3b548ea6e279d067d3ba46f6a |
| SHA1 | 5555d061bff35126a6b4474fdc7076dd5b64d88a |
| SHA256 | fdb404a8ae3dd1988a5d50872519563c2831bb2765ba01fb146146316d6cdb84 |
| SHA512 | f908e073480b73dfef2286cd7f6fbe9b90406ca7af9645efd6c10f86001088e6dab9cef112860aa34a31fbadfd3f229d166c7732127ddf3fb3ad394c8f3d3c49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0b6c950307d941293b98c201fef32d22 |
| SHA1 | 25cdfb2fea7a271ccda88caf43df295360fc64ae |
| SHA256 | bbc06ef58ec4c2a9f638c692141033d9df53840576365b963adc51e30da5fbfe |
| SHA512 | c6c8b8955287c005316befc3427be462bbea393faa1aa921fddfa7fe4795a450bc5a6b070e2f2dff3bec392a40a8683f0cac830519bedb9d48e307655d24d87e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ad780ead6687eff3ac8cebf3bc24708a |
| SHA1 | 6822eb601cdabf80335c5a901f9c75f334aa9c65 |
| SHA256 | 18ec0391814d0c677b3d48b891f59fd90be7722e9a323ef8855fe22ca1c6c723 |
| SHA512 | 0a80a0d5faf87152aac3abf8b8bccaf5f5f08435016a24f2f1c86f4ea87df0e54c8bd9873643820e8e9f81621a7d78fd9fbd6a45f247574ee3c92d209a864ab0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe682d66.TMP
| MD5 | 304191202bc4585c2085a3b2833e091c |
| SHA1 | 5578e1e2d7e25a7575e5ffbd56676220285a76d8 |
| SHA256 | 175c417527af8e84449c642ee9d8172acdc913cc3fd7202654ffe69bb3f6aa05 |
| SHA512 | e1148e2ae06c12400a3c1bcff3dfd97dc71a335d2cc6a593b09629188b298203ccf0ddf6dea9537478b9ba7d2be1530cb81bae42e3fbf624f27b9c6292cf1f4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dba95f812f8c4303f2e45acbb211153a |
| SHA1 | fccfb7fb94e6fcbe148d83b2d7a7d5ffe92bb663 |
| SHA256 | 730e13cbdc9cb9f0b474afed44d78794dd3d7b900e8715aeac32b1f656b65aee |
| SHA512 | d9b46c7e68ce571d96c6d9dda871b0be4b0797f615a1f14dad1273adec0c4bf3f2d6b3f19893766d3ecb34c2bfecae3cf47dc24ea53fefff52c4b2f2c13f2d30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\91f111c0-0ddf-404f-ba67-c44ff36f8489.tmp
| MD5 | 095c9b3cc9ec86eb5fa44cbf52b33924 |
| SHA1 | 844e2cd5a67275aec0a8632ae2be1e567bb106b1 |
| SHA256 | 98bb34e9dec8e7391bad4c6d6a97dbe96e42e52ad296da9fb558edb323161079 |
| SHA512 | 18c7792d4d7bf39c75f53738831fe8e1ad210c48bf0f820ff837c356bc5f6b1d298be5c4eae67985b739e738dc4324e58a934b9ebffd5961c94bbcea9cea94bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aaea0b4935f440f5c54a71f0817289d1 |
| SHA1 | 06d9e15d83cc5813dcad46b98fcb9e12ab0be176 |
| SHA256 | 5299f52c55b0ce254f2add72dd7027e379d56e07d7d2160f8fab87a81a718982 |
| SHA512 | 2f5d0aeb32f08efbb25825dd71c0a2ff73b9f89533180df3fc61a72c95aa79929053b912f31f5fa6ef3481856826d74340a08aea9bd8cb98b61132b091b80b11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a306e0444a92ffd810b5c998f0b6a8f4 |
| SHA1 | 5ac2f96d81720e523f2183a82f90205ace1ccf8e |
| SHA256 | 8f50dff7da0d66583536adebbb1b9aee6e1dedb05f110a15e6e462d5093b311d |
| SHA512 | c8180483d540367513d7575ef6cc1357e23750369c4e5ff943ddac80101ccfe49eba57b4cddbbd753ef0a974bc3f64f5bfc7528015b73dd3401a61aa8f8f1113 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 054c815acdea5bb477f98a8656312f50 |
| SHA1 | 1976ea56b93cf3a6060cbd6f43f6038453d875e8 |
| SHA256 | 572228ff86c3dcab66a7d809b325804ead6486e3b272bba69bcaf18d74868fcb |
| SHA512 | d0de17316f14ad224e30e0969dabe3e3b5406ba7ec6cec123282561a9ec66d5d434d99c4a50e7294a39375db51d6841e85f52415b8f5345d93a666c919d71809 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2a338bfd155af7c70b8d7659c77af132 |
| SHA1 | aacc1b855c3593790c0b4468afabf398e9280126 |
| SHA256 | 7d391e81b483bc02c2ce969dfebf99cce72427f383c5487c069789fb72bd3d60 |
| SHA512 | 48f1e4c6b1e4534ff8ad8993a15a8e04d284f15c4d20c826bfc49459d58a6c0d3bd1a3dff9698bfb77447201a57b5a95f53b8b120ef2db10e5db183d0d584d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | bc3d6eb545e0858053476ab42b193755 |
| SHA1 | 9c50229ff3d4f59b67a307d485468860b734c90e |
| SHA256 | 0aedb5e8b5c4c16b1ed7eb9011cda5a963dd7e21eaef0b9228d9a16a5dac0b39 |
| SHA512 | 99e8cf82c6f6c78c1f727978134542228ad1f243c615a69e0be67001ecf7b80033bdfb8980cef750c83ebc6611405c6d15b1553568cb8962108c3e3c7c915549 |