Malware Analysis Report

2024-09-22 14:42

Sample ID 220726-yyscrsdgdl
Target f83fb9ce6a83da58b20685c1d7e1e546.zip
SHA256 77b2731ff3c7a14b8b962ea387c41293415b3478e73973888851991105777560
Tags
maze ransomware spyware stealer trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

77b2731ff3c7a14b8b962ea387c41293415b3478e73973888851991105777560

Threat Level: Known bad

The file f83fb9ce6a83da58b20685c1d7e1e546.zip was found to be: Known bad.

Malicious Activity Summary

maze ransomware spyware stealer trojan

Maze

Deletes shadow copies

Drops startup file

Reads user/profile data of web browsers

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Checks processor information in registry

Modifies registry class

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

MITRE ATT&CK Matrix V6

Analysis: static1

Detonation Overview

Reported

2022-07-26 20:11

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2022-07-26 20:11

Reported

2022-07-26 20:12

Platform

win10-20220414-en

Max time kernel

33s

Max time network

37s

Command Line

"C:\Users\Admin\AppData\Local\Temp\e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684.exe"

Signatures

Maze

trojan ransomware maze

Deletes shadow copies

ransomware

Drops startup file

Description Indicator Process Target
File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DECRYPT-FILES.html C:\Users\Admin\AppData\Local\Temp\e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\44xc88m.dat C:\Users\Admin\AppData\Local\Temp\e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684.exe N/A

Reads user/profile data of web browsers

spyware stealer

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1804997378-2045782378-3882459628-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: 33 N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: 34 N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: 35 N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: 36 N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: 33 N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: 34 N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: 35 N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: 36 N/A C:\Windows\system32\wbem\wmic.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\system32\vssvc.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\vssvc.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\system32\vssvc.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3844 wrote to memory of 436 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3844 wrote to memory of 436 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3844 wrote to memory of 436 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3844 wrote to memory of 436 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3844 wrote to memory of 436 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3844 wrote to memory of 436 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3844 wrote to memory of 436 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3844 wrote to memory of 436 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3844 wrote to memory of 436 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 4128 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 3580 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 4668 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 4668 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 4668 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 4668 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 4668 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 4668 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 4668 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 4668 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 4668 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 436 wrote to memory of 4668 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Processes

C:\Users\Admin\AppData\Local\Temp\e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684.exe

"C:\Users\Admin\AppData\Local\Temp\e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="436.0.361985363\800174763" -parentBuildID 20200403170909 -prefsHandle 1540 -prefMapHandle 1532 -prefsLen 1 -prefMapSize 219987 -appdir "C:\Program Files\Mozilla Firefox\browser" - 436 "\\.\pipe\gecko-crash-server-pipe.436" 1628 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="436.3.618982236\1013072786" -childID 1 -isForBrowser -prefsHandle 2280 -prefMapHandle 2304 -prefsLen 156 -prefMapSize 219987 -parentBuildID 20200403170909 -appdir "C:\Program Files\Mozilla Firefox\browser" - 436 "\\.\pipe\gecko-crash-server-pipe.436" 2236 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="436.13.160214415\506856481" -childID 2 -isForBrowser -prefsHandle 3444 -prefMapHandle 3440 -prefsLen 6938 -prefMapSize 219987 -parentBuildID 20200403170909 -appdir "C:\Program Files\Mozilla Firefox\browser" - 436 "\\.\pipe\gecko-crash-server-pipe.436" 3436 tab

C:\Windows\system32\wbem\wmic.exe

"C:\x\..\Windows\oju\ic\..\..\system32\q\n\ryu\..\..\..\wbem\nqjmb\ktcsa\..\..\wmic.exe" shadowcopy delete

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

Network

Country Destination Domain Proto
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 18.65.39.94:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
N/A 127.0.0.1:49739 tcp
N/A 127.0.0.1:49758 tcp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 search.services.mozilla.com udp
US 54.213.198.91:443 search.services.mozilla.com tcp
US 18.65.39.51:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 search.r53-2.services.mozilla.com udp
US 8.8.8.8:53 d2nxq2uap88usk.cloudfront.net udp
US 8.8.8.8:53 d2nxq2uap88usk.cloudfront.net udp
US 8.8.8.8:53 search.r53-2.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 52.33.232.236:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 cs9.wac.phicdn.net udp
US 8.8.8.8:53 cs9.wac.phicdn.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 52.43.46.140:443 push.services.mozilla.com tcp
US 93.184.220.29:80 cs9.wac.phicdn.net tcp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 snippets.cdn.mozilla.net udp
US 18.65.39.5:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 d1zkz3k4cclnv6.cloudfront.net udp
US 8.8.8.8:53 d1zkz3k4cclnv6.cloudfront.net udp
US 108.156.60.105:443 snippets.cdn.mozilla.net tcp
US 8.8.8.8:53 d228z91au11ukj.cloudfront.net udp
US 8.8.8.8:53 d228z91au11ukj.cloudfront.net udp
TR 92.63.8.47:80 tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.wikipedia.org udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 star-mini.c10r.facebook.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 www.reddit.com udp
US 8.8.8.8:53 reddit.map.fastly.net udp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 reddit.map.fastly.net udp
US 8.8.8.8:53 support.mozilla.org udp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 prod-tp.sumo.mozit.cloud udp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 prod-tp.sumo.mozit.cloud udp
US 8.8.8.8:53 dyna.wikimedia.org udp
US 8.8.8.8:53 dyna.wikimedia.org udp
N/A 127.0.0.1:49764 tcp

Files

memory/2388-118-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-119-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-120-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-121-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-122-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-123-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-124-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-125-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-126-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-127-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-128-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-129-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-130-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-131-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-132-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-133-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-134-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-135-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-136-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-137-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-138-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-139-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-140-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-141-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-142-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-143-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-144-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-145-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-146-0x00000000027E0000-0x0000000002839000-memory.dmp

memory/2388-147-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-148-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-149-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-150-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-151-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-152-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-153-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-154-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-155-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-156-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-157-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-158-0x0000000000510000-0x000000000056B000-memory.dmp

memory/2388-162-0x0000000000510000-0x000000000056B000-memory.dmp

memory/2388-164-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-165-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-166-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-167-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-168-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-169-0x0000000000511000-0x0000000000547000-memory.dmp

memory/2388-170-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-171-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-172-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-173-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-175-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-174-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-176-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-177-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-178-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-179-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-180-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-181-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-182-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/2388-183-0x0000000076EA0000-0x000000007702E000-memory.dmp

memory/3892-188-0x0000000000000000-mapping.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\ads-track-digest256.sbstore

MD5 42ecde5de1ae58773999a7d995b9a28c
SHA1 61f20a4a15e7b6e142817d86abd052da23891991
SHA256 1f5ae52ca1613c832406810d73395ceab467a0a41f18b04a8a3d89688ebf2b56
SHA512 52c519f19580816604757dd60cfa1fa89406bb864ee2c394bc43261acb593f7e167bf6b5e289ba8ca554c4f2ea3acdf2ecff8898d27ef9f7b1d91fa91ffe4b2e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\ads-track-digest256.vlpset

MD5 6c3605de4e50f585c2dad2819d138112
SHA1 4c647f39e09f9a3f16c982febbcca061ffa42652
SHA256 1983aa1c36d96d197aa522d6347f0ab6a62234294964f1d5889600c2ca6605d0
SHA512 b619f4fa7138b90ea92064fa9e614e978b014257a59a71738d2fd2382988d395c1d9d7aa362e90abe5acf82dbe786f860bdeff65684db16ab5b42ebd5f47fc44

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\allow-flashallow-digest256.sbstore

MD5 dd0458514c9a922b45da6a8bebe47320
SHA1 2cee1d5be670877cf360e47f82f7e172d73e5311
SHA256 d27d5b27030f4725249377951beb89e84a90a0e8241f0d5fd80ea59c1606e761
SHA512 5ce1b1ea4152dec52ee9514f75f5f6c906763e0830a5f8f6832bbd7e76e7b36c10d8c9206249d30dfb931547497f4768f843e4b00b84e2b21ebc2e36d24de838

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\allow-flashallow-digest256.vlpset

MD5 de0d88480c24350c59e1e9a3583de0d1
SHA1 4e3c279344cb37deb5e893ab24770982de135789
SHA256 01ba9f0b913e04ed10bd7166796483dd4f72005f249d6ee68b12117be4b5d3c7
SHA512 f627c69598baa9bc60b036cea03fdadc8b4cc424ef8cdf93614275a336de05a60961f5e77553226c99c29ec2932272ae994327a4da77d75d2464f6722cb700aa

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\analytics-track-digest256.sbstore

MD5 aa9f0cb8a3a361814be786d5720c9eeb
SHA1 bc685ebe0062f53a8cefbed791bd5f8d447d02f2
SHA256 dd28e36af4f1f007fe29632f273186e865ab9c17da969427a3a689a0a5c601ff
SHA512 723aa95dd94a4894be1a39b2bc3cd4034cdd39bd15c68e8bd7447db1beec4a616a7302cd6d496040377f7436cdae690f0ac0adc2944cc189112def47d4978388

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\analytics-track-digest256.vlpset

MD5 2b077f437067b52d00d4280df1b248a5
SHA1 19c10d8bdf159b9e53db9855d1d97a658d92c994
SHA256 a8cb2ff713acaba0b4612c5bfece51a5e5d436a739c0455a3731d1ef8e0eae12
SHA512 ba03b93b68e5cc0de34f890d7d112a1df0a17dcb451bd9c0761e087260fe9b3cb2afda9efb0b9d075cb722b77a859ca0b27c570a6db62a08b2fa9d30a04d00d5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\base-cryptomining-track-digest256.sbstore

MD5 d6c5c2e242df3ec5ff8e17dd8ee15f73
SHA1 13f64ee01e7c32cccd0bcf9b9d4ad999c3efaf92
SHA256 f0c6512e42f2732b3aa401f9ab4df84c0a89c9755968b158796706a48b9f492a
SHA512 b942cc3ac555cc087102e9c03d160f3f1c05060e849ab4bf10c477b00778902b2b9ec2cd46ca979c97f017d217b239585403ddbadc5305ed3cf703e0268f5eaf

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\base-cryptomining-track-digest256.vlpset

MD5 f45cb33dfea35013b6d5951f464a7841
SHA1 21c9d73636871aafe063797059078fe2373d1233
SHA256 498ab828f2dff25b45deed474bebdbcfadac63a1cbba2e393162ab54bbc9f2e1
SHA512 88ff2955d709d53fe248b88beb3f6bc31a485c17c80c5ddb8ea91abf46b0a43bcaf7f357ea4ac09dfb1d7988f8b7b1034ded15c2861d9de01719c131cf72a27c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\base-fingerprinting-track-digest256.sbstore

MD5 10771f39395a6d65441fd2279979ced4
SHA1 8b612d85748082f2ba1c7461b9e0b4ab1825a350
SHA256 6c20c66f454d0e693df85c62a210888a6d50f1af5c8cc97e86108eb22734c055
SHA512 4dde944a44fc0f986a77d2b464fa40a8a5046af737a2f3887f997403f89cb0b3751b37c0a5cd67fa86e773670f55f6a7f7917de85285a50b6e7e5818c8e6bc76

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\base-fingerprinting-track-digest256.vlpset

MD5 cb73b8baffcd07ff5d1df58f8477370b
SHA1 3bdda94d12aea19a659c3b4035d0e613e18ca202
SHA256 1e063a0cbc2d947925265cabbbb0da6721b7e05361b1171316fca37e906226fa
SHA512 f5004c43ba0b5b48fae0c45c5f61c2a608a4ca3c61362cf27c51da7335597f9862f6c5a04e137bba16e92f3523e1009b5ca2542f52d478f56b946cebf2140712

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\block-flash-digest256.sbstore

MD5 9f6b331aa1e070dcfeed473e76ce56c3
SHA1 6a396edc736905cdbb89defdfbbf77cd175d0756
SHA256 7dbbea2dd387eeb85e1f56e02fc9989acde570cd43bfef2c2a827093ba87da6d
SHA512 feafb312e3401e5230123573887fdbb78ff419b2b10fd282d143d9669481ece5340dba9c522f1da0b6abe507297554b1bcb7601acf715c091bc39426f8e2c0ac

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\block-flash-digest256.vlpset

MD5 53c75ba257a05bdfe94018cb61204ef1
SHA1 1b072f09f9ec4fb2a13e78fafe0a8356b1129e66
SHA256 f1086fc92c80a5e5b553577e831882679c851a55369efca0758b8fb4594c6d60
SHA512 ae659a31c091aecd7a2669b9d644510bb193da16e4e019fbfd84eddb6eab01b9865d77ad32ce0bc71cac7b21adf18f3041f3b5d666fed3c97cb1f1b2e01fb25f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\block-flashsubdoc-digest256.sbstore

MD5 b9556d03aff392142ad5691d2f867310
SHA1 cfb48c873e3f7e21b441bf2b435eda94a8460d32
SHA256 cfd3909b41c1ee3cbcb8b7d2b1378065e7d3b543fff1f2fb7a4f25c5ff41722c
SHA512 b2318b55d2be8f6143535a0c948086d8633bca51b0e01413939a8575fcb54823fe6f48ea4a82f64342c6ad94cf30240aa39776d20430356400bcde9797d4fbc8

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\block-flashsubdoc-digest256.vlpset

MD5 8af7178dbfe5400bc12bffeb421ed64e
SHA1 fecbe76659493e68a0ae7e62583d84beae6943aa
SHA256 7f0f54aa011c6c52df707d3747f9d0cea4d38113d7640d80e6a0f56f707efc6d
SHA512 c90bd011e5b33478ed2babd901a68fa69278cf667b684ab7ec6f5ccdfd05de2af8c9f222d258cf029570080d11d1fcaf29f649e033be40c00dc5548a7a3e31ab

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\content-track-digest256.vlpset

MD5 991d221f46ab16cf03aa9a837761fd3f
SHA1 4744a627e8d465a1b12e3baf7d4bf43c2529f8ec
SHA256 909ea33aaec44414e5fd40ca006d905ea4fdd85dda5e3fb83ed8c21fde0446c6
SHA512 a15c579fc8128b20750684fd47d5cb372c1e492c81c8830ae565bb3eeef49eb1499089157a9a5479d4cafc536409dccb7a9fd76402b817dee7ee8b9c30fb8c53

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\except-flash-digest256.sbstore

MD5 064f4550cb634663130f12682a29c748
SHA1 7d159e859d2a98ce788c04e78557c56260d8b6f5
SHA256 d1d4c751b0c16e5b0461052963c7b8a02f3aa3a6a4194988c6369229d85d804e
SHA512 5696251bde34904783e421810685756d354136bd36d1f653a6971fda02acaab6c57ad05ace3ba843050fcc9bf1d746c865add0abeb52d123b0bc0fa9bfa0bd8a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\content-track-digest256.sbstore

MD5 704076066b0398c0c78d6a0868c98888
SHA1 1cf335674c0649be1c9007cd7affddf16910d8f7
SHA256 8edb29075a9dc47c012ca8813414f2245735fe4df7caf868bd66f4e261e62e6d
SHA512 f3b4f9d9358aee9e1985db27107ca2edc580707d222828e04c11fe57d745a7f7ebc4665b9af3c6d701660e7707d3a390e41c4e91a5ef93fb87dba82a0b642ac5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\except-flashsubdoc-digest256.vlpset

MD5 7362948839071afeacfc9eb8d5feb391
SHA1 c746cfa92b7fd88f3a8670c34a84ffaa039046f0
SHA256 22e0d8eb4eaf242fb08c25b8b6206348c7a6d809cd571f74b9115d551f52f8b1
SHA512 80ca757016d5cd4e7729e3f2645422bdcb83d771a516f388f6a73f62ea7eaacc997d59953f3b31946ebd682f531fe1c23f8eec874fcea7e66f453eb917b80cd3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\google-trackwhite-digest256.sbstore

MD5 1725dadc087178563f13b80f3a11c209
SHA1 ee534a3f79f63cae045ae96a707d0a33e4790aaf
SHA256 b3b1eb2b41f8c34d5270223ef1140e0f207978e2f5be33fd2009fd1b4af5deda
SHA512 210e19d2408ccef20b279fd2030a1b3c91200f96696e2dfe083fc70330fa53dd54bb5122488712357a7b34071346d4a22fe3748a0087e15d958d756a6cc20e67

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\mozstd-trackwhite-digest256.vlpset

MD5 d25e46ec787f0ab1c3d9f0b05300fd33
SHA1 4e6eec0ed609db3b5574706d011b390bff21423a
SHA256 94994c4231222337f0a795e4b188a89ecd6fff31aa356faca065499eb49ce7e3
SHA512 4f52da3eb5e415ea84d101ed2241f14a1759d12a9d0e2baf71e66da86b6716f692df42426e1126771de0cce16e4c66a8c5c3fe047b35bba9f180616b50a76716

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\mozstd-trackwhite-digest256.sbstore

MD5 e6dd621c0fda52413db9cd6e2c171718
SHA1 f67ff4f11a4ea20a95daa95b4f2c61cf03170acf
SHA256 0cca276db306d4f05cdc001f681564e83372aba6aa91e409d274c597ec36facf
SHA512 af8cc71b9c031c515c8a8a0cc2adc8c4d01b665685e476c50945e5e758b7854254690806c3a34bc688433ffa8d8b76d9786cf9f6742a28f8c9bfad64cfad17cb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\google-trackwhite-digest256.vlpset

MD5 7e73b8519222dc378176f92fca3a05a1
SHA1 c1d13950fa1678ce99164fe8c903a2df928a85e3
SHA256 8d142f7ec90932d76c449c046f790ad86b975ccdff60f77f9676eb8d8436568c
SHA512 9932d4a30b3556954e0f48f882bff49749820275b059af95d0f99287cc202f42ab68e814b1f1770c1fbcd9a67d46e556ab2bf447c2a3e5d35860e46e056686db

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\except-flashsubdoc-digest256.sbstore

MD5 41b9d870320b9a7148c5df7c65cc62c7
SHA1 49e0eb1ed174d000b4844f84057f59fc16b1fbfa
SHA256 6312bbec57a291d4816487e034707a83e5b13e87cefa18f137527282df1b7b59
SHA512 41c901d01a0879e194b567913c0a8cafe4da90dac84230ae8740eea86966b5bdf8f7402edf58b817ead2e03ab26920b0a969223a03652530cfd8a6267054d1cf

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\except-flashallow-digest256.vlpset

MD5 db30ece7b857820764bdd27bb1308717
SHA1 c4db05a525c98f7a0ee3d0722467fd2d4aa497ba
SHA256 489973fd01f9191520d62a6cb78103aee4275c51f11681e891fc56cd93773790
SHA512 8c9538d51b3e9a43c51966876825d20089d3692235f4a6af6596f9dcffd96e6e81cd76402ab4b53a8700cdaa52ab73c6b6b016a3906c713ce81a5813ab253b74

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\except-flashallow-digest256.sbstore

MD5 300c229d00a94692248dbffa4aabb3cd
SHA1 80666288b21fd0e284c234d025097337fde22319
SHA256 e67cb5eaeb4238480cb7712a4994f3bbb16dba2fe8a580b8e7b9e583f07c4eee
SHA512 15cd74ec8f5ed3fa0058f64f9ac84453cf9e217747bbbe7dc5d1324ea882e0393f54c836dd573ec8733365705c6a5891569205061618c831ca1eaab30b673f5e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\except-flash-digest256.vlpset

MD5 e801fa591470978177b7a30eec9a11fb
SHA1 e396e08e95cd448d9c3cf7212cd8db73e1d42fa5
SHA256 984e9747d7736fd58e3a19355f3d635fe344aa86152082c93f47333afd6cd246
SHA512 39d7814e8038b7e720caa9c8b6a75e07cece8ec5d3a5004e238c81c71ec4c5c7a713393705015e9b8ba7a2dd6596b0fe1d9f8e421d7b36126f2d9c3018d9797b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\social-track-digest256.sbstore

MD5 4bdeb878f7b4b9789ddcdc287791060e
SHA1 cda0a1a4116069de57c91f28a5e4957a0bd6e0c9
SHA256 5aab2806c6dc8e359aa00b09f76995ce87b7798bf44df374e16f2e3db3c2d47e
SHA512 e44c57fea594cb763fd798cb47296821ac0ab853b7be78ce65d9062dfcb067bf3b337e4e25f0d75cf2b8af3a054b20839144e2d717f72149a81a873e150ddcf8

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\social-track-digest256.vlpset

MD5 90656c5b857bf44bd725d38add99937c
SHA1 b94e0bc424e95880b2c1a0fb6bd42907f79c870b
SHA256 8e60923290c73f9a4196fb5071d222834e22f86ee9bca433b728196555438a0b
SHA512 1201a14f65da04733ff7241983475a26cb1d336150f4798ee528441cd6b1c0d8a85ed09b9cc3a8aadd6840a4c6bc0a9164cac8c5aa18a1ceb04b3b25c8f2da2a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\social-tracking-protection-facebook-digest256.sbstore

MD5 9df57a5f032cefd03897dbab18d84867
SHA1 92127d1a0889a49e566079a42ffbc89c218c1a84
SHA256 0ec660d9744b0937ed4774d1c18fb29270b033a82e8aa979bdc97241a5f6a896
SHA512 c9d178105e85dfd0c397acc778210cbccc02c655fab0efa7d75a82b9c663fcb1a006dd08166000df4a220e2fe90b19c4394192445685ea84de01a17390b2b5e9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\social-tracking-protection-twitter-digest256.vlpset

MD5 d4472d17680dfba2717a447940cb263d
SHA1 a991d4c07f05774e2a697c1a7b100eb048746833
SHA256 f970e5b9a4b32989164df0a974540ab958b21ed8b12afbded3ae0766d7b86464
SHA512 0c1ca3c39c547ed9944f8f033670e6383dfe7e67376cbec811ab72d748a063b62ba73ac432cf7de68d3f4fcdd4fba0af2bb9637416d3c4d9cffb193ee86997d5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\startupCache\urlCache.bin

MD5 b1f9aaf1802128701dd7d61fe6bff8b0
SHA1 d00d3bcfc2fa8f4e7f656c2f090c6f196040024c
SHA256 7b31050a182cbb37570029072f7771ea25f675e148f54e10e42b87c1b4676e43
SHA512 d7b399d8b9e11abe872546dd609d9543cf4e95e96fe545dc79f80188a0d5daf5baa9a4d3208f1633fc9fc3778a67c84d51996ac1af276e68e8a0e43073c80225

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\startupCache\startupCache.8.little

MD5 597b0e8f4575ef589a40fb416fc50bdd
SHA1 c3aad818f426c93b8ce5edad21af8e9d62a2041f
SHA256 91ed07b538bfaa8c5c6adbb6e0716bddef38c0fa79021a730cab9f0ca5ab5f38
SHA512 ede9b20c7a56ae5adb1922e719478faf4e86b929a35d4015578e169b14f99744052fd19d47e7386f20123d77eb5a09f61b922b81f437177fc72e2f2084943a2a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\startupCache\scriptCache.bin

MD5 a27e198d2e7031805209a5ec4dd8f4f5
SHA1 88acf47f81afd0a0eb93dff64ba2f2ddef0f6dc9
SHA256 e55ae53e8cea939eb9981fdd3228179727ea42a5fa90157e8fee3e8ffb055bd1
SHA512 8f462ea8be1f93e32889cbf0eee0c50c867a374d4472debb8d1970d988ab118343b40d23636db5e90c820d743b41e0762ba462b375f7f5a087ee6911411d0857

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\startupCache\scriptCache-child.bin

MD5 59b42b3dec878e9f6d0a079f8f77ea31
SHA1 441e89552612bb15ba69b1c93f8495e2129aacf1
SHA256 c626af2e916772ba7367cf5505eab969061352f0132e666e7b77c57129e9b951
SHA512 3e58deaadbc738e81c19a51491acef3f250c49765ac9cd84b034e4d3ae62f0fa125a201a111b53f92f78689c17d641be69c95c498986094f83c4c98a04133f21

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\social-tracking-protection-twitter-digest256.sbstore

MD5 5459e0f3bb26f8a42ed107a518b4af7c
SHA1 3bb4167a09843635b1fe173d6c3f1f96bb32a24e
SHA256 b195c972360e5ba1b8eeb5dece2383459629dad771e873789492103131be6a8b
SHA512 e17624fabd1c46c6deb70a4a57e68f843267ba10b0bfc8bdae427929721c0d604ccce1f28b3b7d8a58cb5d5cb59e34593ea2ad025c16bc7324ff3c8fe32f77ef

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\social-tracking-protection-linkedin-digest256.vlpset

MD5 8a85e0ecc9a984f314e67eeee78df1c5
SHA1 b2bd810423a77a944d813bba66c718095548eeca
SHA256 56896fa7bdd2e63eafa09385ed26ba6c58bbeaff4f686ff319a6ebd5fa5a1dea
SHA512 13661b4d98161199a2cf710633ea8836b9bf937ed534a328df4f8e05b1aa6098af50e1266600ec9605294948dd32af5c4588347bbe4f4753257d6cd442ac8cb2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\social-tracking-protection-linkedin-digest256.sbstore

MD5 df0d50e1b32764ebe6a9803e89ec2118
SHA1 7d0169d540174ffc159a22728ab4767a54e331ba
SHA256 fa77f0f92480dbeacb6e49069a58ab311035cbaf03776ae265a3023af59fab4e
SHA512 27909b31d659cdcddf777ed757afbe74b68f6efe3b34589248e38679f589cf44b8534f3c074b9352863972b8ec2ac9e5dc80d2c1e8aa393f2c7ac7865b8d8310

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\uk1t0mn4.default-release\safebrowsing\social-tracking-protection-facebook-digest256.vlpset

MD5 ffce334ec2d69533d4b2e9c8e68971e0
SHA1 43d6cfb9e1618a1c0bc625e62731fc434bcfb691
SHA256 ef762d4b495cf8c55aed896485d2f7b24cac44525fd4c60a2c7ff4d90afc1f66
SHA512 fd0fda7051b7efb6b6fd35fc96eb584a79c656789d4d40abb53f0613f51ed96bd6fa7a7607a42bc50277e76026a031454c40aa076ce1f1a42f74c1aa4a2b0a4e