Analysis Overview
SHA256
3759744039346620e9613f40f90e8f318e5f54ad49c070e2bd23b667f7e65bf6
Threat Level: Likely malicious
The file Mercurial.Grabber.v1.03.rar was found to be: Likely malicious.
Malicious Activity Summary
Looks for VirtualBox Guest Additions in registry
Looks for VMWare Tools registry key
Checks BIOS information in registry
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Registers COM server for autorun
Maps connected drives based on registry
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Looks up external IP address via web service
Drops file in Program Files directory
Program crash
Unsigned PE
Enumerates physical storage devices
Modifies registry class
Suspicious use of FindShellTrayWindow
NTFS ADS
Runs regedit.exe
Uses Task Scheduler COM API
Suspicious use of SendNotifyMessage
Checks SCSI registry key(s)
Enumerates system info in registry
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Checks processor information in registry
MITRE ATT&CK
Enterprise Matrix V6
Analysis: static1
Detonation Overview
Reported
2023-04-25 21:12
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-04-25 21:12
Reported
2023-04-25 21:57
Platform
win10v2004-20230220-en
Max time kernel
2700s
Max time network
2646s
Command Line
Signatures
Looks for VirtualBox Guest Additions in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Oracle\VirtualBox Guest Additions | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Oracle\VirtualBox Guest Additions | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Oracle\VirtualBox Guest Additions | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
Looks for VMWare Tools registry key
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\VMWare, Inc.\VMWare Tools | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\VMWare, Inc.\VMWare Tools | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\VMWare, Inc.\VMWare Tools | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Mercurial.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Mercurial.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Reads user/profile data of web browsers
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ip-api.com | N/A | N/A |
| N/A | ip4.seeip.org | N/A | N/A |
| N/A | ip4.seeip.org | N/A | N/A |
| N/A | ip4.seeip.org | N/A | N/A |
| N/A | ip-api.com | N/A | N/A |
| N/A | ip4.seeip.org | N/A | N/A |
| N/A | ip4.seeip.org | N/A | N/A |
| N/A | ip4.seeip.org | N/A | N/A |
Maps connected drives based on registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\7-Zip\Lang\fy.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ka.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hi.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nb.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-tw.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ba.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eo.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ko.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ms.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ne.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\va.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\License.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\es.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nn.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-cn.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sa.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\br.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hu.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\cs.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kaa.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sv.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\vi.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ar.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\is.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ku-ckb.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mk.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mr.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zFM.exe | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nl.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spc.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File created | C:\Program Files\7-Zip\Lang\uz-cyrl.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ku.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng2.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.sfx | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ps.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ca.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\co.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ast.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bg.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\de.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\en.ttt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ja.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ta.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\th.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\an.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ga.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\he.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\el.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\et.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pl.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tg.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.exe | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\yo.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.dll | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\az.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fa.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\id.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tr.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bn.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kab.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mn.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uz.txt | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
Enumerates physical storage devices
Program crash
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_VMware_&Prod_VMware_Virtual_S | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_VMware_&Prod_VMware_Virtual_S | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_VMware_&Prod_VMware_Virtual_S | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosInformation | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemManufacturer | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosInformation | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemManufacturer | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemProductName | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemProductName | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\Logical Unit Id 0 | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosInformation | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemManufacturer | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemProductName | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\Logical Unit Id 0 | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\Logical Unit Id 0 | C:\Users\Admin\Downloads\NebulaSetup.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000} | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip32.dll" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip | C:\Users\Admin\Downloads\7z2201-x64.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\Mercurial.Grabber.v1.03.rar:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\7z2201-x64.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Runs regedit.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\regedit.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Windows\regedit.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\Mercurial.exe
"C:\Users\Admin\AppData\Local\Temp\Mercurial.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.0.1067285243\46533827" -parentBuildID 20221007134813 -prefsHandle 1816 -prefMapHandle 1808 -prefsLen 20890 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {adf49d33-5608-45e8-a12f-c6083a6784ac} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 1908 270b44ecb58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.1.1635970855\1846211760" -parentBuildID 20221007134813 -prefsHandle 2296 -prefMapHandle 2292 -prefsLen 20926 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {44a569be-87ba-427c-aaba-770aa54540c0} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 2308 270a7571958 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.2.2007372565\1385662000" -childID 1 -isForBrowser -prefsHandle 3132 -prefMapHandle 3128 -prefsLen 21074 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c9258ecf-3e07-4d63-8a24-6e2fbd8d1961} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 3000 270b81ea558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.3.1968551024\894320823" -childID 2 -isForBrowser -prefsHandle 3616 -prefMapHandle 3612 -prefsLen 26519 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {00db634c-6c22-48a9-bdeb-02663239d2e3} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 3136 270a7561c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.4.791977873\1891623231" -childID 3 -isForBrowser -prefsHandle 4136 -prefMapHandle 3616 -prefsLen 26578 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {daf36000-a420-4a0f-b6b6-faea8e52672c} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 4444 270ba437558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.6.2110377506\1873162085" -childID 5 -isForBrowser -prefsHandle 5080 -prefMapHandle 5012 -prefsLen 26659 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {daa20dda-ab29-4e5c-8372-3ca9d81a411f} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 5112 270badc5858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.5.1367238829\1366216730" -childID 4 -isForBrowser -prefsHandle 5056 -prefMapHandle 2716 -prefsLen 26659 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {63e7cd34-8240-426a-80c3-13658a9c1b26} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 2708 270ba5dc458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.7.1695881245\841548441" -childID 6 -isForBrowser -prefsHandle 5476 -prefMapHandle 5420 -prefsLen 26659 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3610640e-dc94-437c-80ab-2f18699394a1} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 5080 270badc7658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.8.1713316784\738864850" -childID 7 -isForBrowser -prefsHandle 5932 -prefMapHandle 5928 -prefsLen 26834 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c588030b-7b26-45c3-b241-a80576766b27} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 5916 270bad9a858 tab
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3d4 0x390
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.9.1267424526\428943085" -childID 8 -isForBrowser -prefsHandle 5236 -prefMapHandle 6216 -prefsLen 27235 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {06710dae-ffbc-4c84-a323-9f9ec0386b92} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 5192 270bb61a458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4308.10.1043278984\1359836410" -childID 9 -isForBrowser -prefsHandle 5232 -prefMapHandle 2804 -prefsLen 27235 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3bbfe105-6769-4e0e-bc86-7e13276f3e01} 4308 "\\.\pipe\gecko-crash-server-pipe.4308" 5316 270a756c158 tab
C:\Users\Admin\Downloads\7z2201-x64.exe
"C:\Users\Admin\Downloads\7z2201-x64.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 1484 -ip 1484
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1484 -s 1080
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 1484 -ip 1484
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1484 -s 1512
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\7z2201-x64.exe
"C:\Users\Admin\Downloads\7z2201-x64.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.0.1545108982\2013496532" -parentBuildID 20221007134813 -prefsHandle 1708 -prefMapHandle 1532 -prefsLen 20890 -prefMapSize 232711 -appDir "C:\Program Files\Mozilla Firefox\browser" - {343a1f60-04c4-45f1-b21b-b00daa49500e} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 1788 1ca93a0b158 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.1.1454757210\1807024495" -parentBuildID 20221007134813 -prefsHandle 2132 -prefMapHandle 2128 -prefsLen 20890 -prefMapSize 232711 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aabbcb93-5b8a-4093-ad6e-a010a2f1167d} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 2144 1ca93ad6558 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.2.1551184087\152012001" -childID 1 -isForBrowser -prefsHandle 3148 -prefMapHandle 3144 -prefsLen 21437 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1904a298-4b89-462b-a4ec-eb2ab68b6d71} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 3160 1ca96fdd358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.3.2005630228\77233457" -childID 2 -isForBrowser -prefsHandle 3904 -prefMapHandle 3900 -prefsLen 26049 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a6f01feb-98a8-4411-b003-d9f8fcbd99bc} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 3916 1ca86e62858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.4.1150825155\632198426" -childID 3 -isForBrowser -prefsHandle 4088 -prefMapHandle 4100 -prefsLen 26829 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0855792c-b42b-4bd4-9df5-bf1bedc82e7f} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 4196 1ca949ac158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.5.355759944\165522006" -childID 4 -isForBrowser -prefsHandle 4396 -prefMapHandle 4400 -prefsLen 26888 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {267554d1-a1c9-45cd-b6a9-ffa82a81dd2f} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 4772 1ca86e6a558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.6.1854823011\1378828282" -childID 5 -isForBrowser -prefsHandle 4956 -prefMapHandle 5308 -prefsLen 27144 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {28a51158-dd1d-41f5-ab69-95ad2e35c279} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 5304 1ca9a442f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.8.1914702940\1236571542" -childID 7 -isForBrowser -prefsHandle 4860 -prefMapHandle 4844 -prefsLen 27144 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d794bef1-9834-4ab9-99cd-8c30c63fb278} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 5644 1ca9ac36258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.9.1914555920\361935991" -childID 8 -isForBrowser -prefsHandle 5336 -prefMapHandle 5308 -prefsLen 27144 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e1855413-5531-4bfe-a563-c15359caa884} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 5464 1ca9ac36e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.7.1692265269\467523511" -childID 6 -isForBrowser -prefsHandle 4880 -prefMapHandle 4800 -prefsLen 27144 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ec9d3be9-1c63-4dd3-804b-2f5d0ca90c50} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 5548 1ca9ac35c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.10.1548136377\1579400569" -childID 9 -isForBrowser -prefsHandle 4956 -prefMapHandle 4816 -prefsLen 27144 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2395409d-11df-4f25-a06b-d0fd95d10143} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 5524 1ca9adedd58 tab
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap11185:108:7zEvent17236
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.11.1542549539\1440897806" -childID 10 -isForBrowser -prefsHandle 5508 -prefMapHandle 5512 -prefsLen 27240 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb84a955-9341-4a48-85e7-c72195f5421d} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 5260 1ca970f1d58 tab
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Mercurial.Grabber.v1.03.rar"
C:\Users\Admin\Downloads\Mercurial.exe
"C:\Users\Admin\Downloads\Mercurial.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 188 -p 3736 -ip 3736
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3736 -s 1756
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 3736 -ip 3736
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3736 -s 2132
C:\Users\Admin\Downloads\Mercurial.exe
"C:\Users\Admin\Downloads\Mercurial.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\20s04nhp\20s04nhp.cmdline"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES3C88.tmp" "c:\Users\Admin\Downloads\CSC97403635513A46E68978E6F8664753E3.TMP"
C:\Users\Admin\Downloads\NebulaSetup.exe
"C:\Users\Admin\Downloads\NebulaSetup.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.12.561170560\764795255" -childID 11 -isForBrowser -prefsHandle 6572 -prefMapHandle 6616 -prefsLen 30717 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b384c49a-dbdf-4939-ab72-7cce07478a25} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 6604 1caa15c3e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.13.1958588761\2104984706" -childID 12 -isForBrowser -prefsHandle 6560 -prefMapHandle 6584 -prefsLen 30717 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7ad5f2d6-015b-437e-9ef4-95eaf3edfedd} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 6768 1caa1568d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.14.1082175683\1171399823" -parentBuildID 20221007134813 -prefsHandle 4884 -prefMapHandle 6028 -prefsLen 30717 -prefMapSize 232711 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a8553f7f-4914-40e0-bb61-b44e6fc2a1ae} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 6016 1ca86e60758 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.15.351409943\1646551168" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 5488 -prefMapHandle 5904 -prefsLen 30717 -prefMapSize 232711 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0f9e5554-286a-434b-a858-fbd61b38ba2e} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 7104 1ca99bd9658 utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.16.1344038310\173725987" -childID 13 -isForBrowser -prefsHandle 5756 -prefMapHandle 5564 -prefsLen 30726 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {92c45ddc-f4c3-4747-b04b-132f37e6ca13} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 5460 1caa3663f58 tab
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3d4 0x390
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.19.687230543\2116389285" -childID 16 -isForBrowser -prefsHandle 4972 -prefMapHandle 4352 -prefsLen 30726 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9f85d639-ec02-4c1b-8799-695d53806df8} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 6992 1ca9b650258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.18.184165667\999166745" -childID 15 -isForBrowser -prefsHandle 6844 -prefMapHandle 6848 -prefsLen 30726 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {07314c65-ac18-4124-8830-2a009eb47842} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 6796 1ca9b64f058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.17.1759266387\619560750" -childID 14 -isForBrowser -prefsHandle 4196 -prefMapHandle 3468 -prefsLen 30726 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {94c5da09-8716-43e2-9db3-fa1f2f0e18a3} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 4352 1ca9b64f658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.20.1927176749\1547690191" -childID 17 -isForBrowser -prefsHandle 7288 -prefMapHandle 7284 -prefsLen 30726 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5d48fe31-32a0-4c38-817e-4e787ecf434c} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 7296 1ca9ab84858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.21.888015138\1548464692" -childID 18 -isForBrowser -prefsHandle 4084 -prefMapHandle 4092 -prefsLen 30726 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0f9e3cd3-220f-49bc-8586-d917c58a9500} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 6728 1ca9ab84558 tab
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3416 -ip 3416
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3416 -s 2336
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 480 -p 3416 -ip 3416
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3416 -s 2336
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.22.648868066\1778621122" -childID 19 -isForBrowser -prefsHandle 6468 -prefMapHandle 5732 -prefsLen 30735 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b14f1665-a2e7-4694-875b-9683cb89bb4d} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 4092 1ca9faf8658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.23.1114831301\2066180843" -childID 20 -isForBrowser -prefsHandle 5680 -prefMapHandle 5704 -prefsLen 30735 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {744e461b-94e8-4634-acc5-305d12311746} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 4840 1ca86e5e258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.25.711424391\616786658" -childID 22 -isForBrowser -prefsHandle 11132 -prefMapHandle 11128 -prefsLen 30735 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7d9ef5c6-d7f8-4197-880f-ffd2119d3d25} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 11140 1ca9afc8a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.24.690083586\997846619" -childID 21 -isForBrowser -prefsHandle 11300 -prefMapHandle 10960 -prefsLen 30735 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f4fec655-daeb-4603-a691-25c82a78e051} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 11292 1ca9afc8458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.27.2073240369\1424525571" -childID 24 -isForBrowser -prefsHandle 6848 -prefMapHandle 11260 -prefsLen 30744 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cc07fb8a-a546-4e63-a883-0e5ff4482efa} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 6520 1ca9ad0c758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.26.1805059215\332261945" -childID 23 -isForBrowser -prefsHandle 10820 -prefMapHandle 10876 -prefsLen 30744 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b9166ee1-be16-48ca-ab75-9aea68c03c28} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 10804 1ca9ad0c158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1372.28.758705368\1111750061" -childID 25 -isForBrowser -prefsHandle 10580 -prefMapHandle 6848 -prefsLen 30744 -prefMapSize 232711 -jsInitHandle 1392 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d173b874-22ef-49a8-a222-483508ca9424} 1372 "\\.\pipe\gecko-crash-server-pipe.1372" 10588 1ca9ad0e258 tab
C:\Users\Admin\Downloads\NebulaSetup.exe
"C:\Users\Admin\Downloads\NebulaSetup.exe"
C:\Users\Admin\Downloads\NebulaSetup.exe
"C:\Users\Admin\Downloads\NebulaSetup.exe"
C:\Windows\regedit.exe
"C:\Windows\regedit.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.0.1597097030\81777296" -parentBuildID 20221007134813 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 20890 -prefMapSize 232711 -appDir "C:\Program Files\Mozilla Firefox\browser" - {97cb838d-1b8a-4a52-bec3-929502e32710} 540 "\\.\pipe\gecko-crash-server-pipe.540" 1780 1d3e4b0c358 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.1.2031423387\454597685" -parentBuildID 20221007134813 -prefsHandle 2132 -prefMapHandle 2128 -prefsLen 20890 -prefMapSize 232711 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bd67e9d4-7d42-45ac-9927-9ea3dddbd2d3} 540 "\\.\pipe\gecko-crash-server-pipe.540" 2144 1d3e4449258 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.2.1884182949\578567255" -childID 1 -isForBrowser -prefsHandle 3076 -prefMapHandle 3052 -prefsLen 21437 -prefMapSize 232711 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {69fa91b4-f05f-4f29-bf02-70d9a57b2efe} 540 "\\.\pipe\gecko-crash-server-pipe.540" 3080 1d3e89d5958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.3.576959096\1055584170" -childID 2 -isForBrowser -prefsHandle 4060 -prefMapHandle 4056 -prefsLen 26829 -prefMapSize 232711 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8efb35a3-6d07-4ca6-9728-eedfa8a16059} 540 "\\.\pipe\gecko-crash-server-pipe.540" 4072 1d3eabbee58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.4.1866798066\1400410290" -childID 3 -isForBrowser -prefsHandle 4692 -prefMapHandle 4676 -prefsLen 29265 -prefMapSize 232711 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {abeffa21-8c2e-4fd1-b389-47b056168579} 540 "\\.\pipe\gecko-crash-server-pipe.540" 4764 1d3e8925858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.6.1477674165\1972652240" -childID 5 -isForBrowser -prefsHandle 5092 -prefMapHandle 5096 -prefsLen 29265 -prefMapSize 232711 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7e629193-7876-4ddf-bacb-a1e5f9893095} 540 "\\.\pipe\gecko-crash-server-pipe.540" 4748 1d3ecbad258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.5.937254705\1084849061" -childID 4 -isForBrowser -prefsHandle 4908 -prefMapHandle 4912 -prefsLen 29265 -prefMapSize 232711 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {38b7e143-a750-4ee9-90d3-4a968b95a8ec} 540 "\\.\pipe\gecko-crash-server-pipe.540" 4904 1d3ecbacf58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.7.337599476\300440531" -childID 6 -isForBrowser -prefsHandle 5520 -prefMapHandle 3196 -prefsLen 29519 -prefMapSize 232711 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c33278e4-425a-41cd-a551-1ce85977c8a2} 540 "\\.\pipe\gecko-crash-server-pipe.540" 5528 1d3ee8cd758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.8.2074432024\638886313" -parentBuildID 20221007134813 -prefsHandle 5732 -prefMapHandle 5728 -prefsLen 29519 -prefMapSize 232711 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b180745a-f5d6-4924-91e4-2dc1eb28db55} 540 "\\.\pipe\gecko-crash-server-pipe.540" 5708 1d3ecd40b58 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.9.403860893\1227414691" -childID 7 -isForBrowser -prefsHandle 5884 -prefMapHandle 5908 -prefsLen 29519 -prefMapSize 232711 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {957f12da-e4c0-4136-9683-5c135753c1ec} 540 "\\.\pipe\gecko-crash-server-pipe.540" 5888 1d3e4e2e458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="540.10.1782540199\436513774" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6076 -prefMapHandle 6080 -prefsLen 29519 -prefMapSize 232711 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fc2eb006-9193-47b0-91c2-60948f49be2d} 540 "\\.\pipe\gecko-crash-server-pipe.540" 6108 1d3e4ecc058 utility
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 95.101.143.242:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | 242.143.101.95.in-addr.arpa | udp |
| N/A | 127.0.0.1:49739 | tcp | |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 35.241.9.150:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 34.211.203.81:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.117.65.55:443 | autopush.prod.mozaws.net | tcp |
| US | 35.241.9.150:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 239.237.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.9.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.5.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.65.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.203.211.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.144.160.34.in-addr.arpa | udp |
| N/A | 127.0.0.1:49745 | tcp | |
| US | 8.8.8.8:53 | bit.ly | udp |
| US | 67.199.248.11:80 | bit.ly | tcp |
| US | 67.199.248.11:80 | bit.ly | tcp |
| US | 8.8.8.8:53 | bit.ly | udp |
| US | 8.8.8.8:53 | bit.ly | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| US | 8.8.8.8:53 | mega.nz | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| US | 8.8.8.8:53 | 11.248.199.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | na.static.mega.co.nz | udp |
| CA | 162.208.16.210:443 | na.static.mega.co.nz | tcp |
| CA | 162.208.16.210:443 | na.static.mega.co.nz | tcp |
| US | 8.8.8.8:53 | na.static.mega.co.nz | udp |
| US | 8.8.8.8:53 | na.static.mega.co.nz | udp |
| US | 8.8.8.8:53 | 5.145.216.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.16.208.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.api.mega.co.nz | udp |
| LU | 66.203.125.12:443 | g.api.mega.co.nz | tcp |
| LU | 66.203.125.12:443 | g.api.mega.co.nz | tcp |
| US | 8.8.8.8:53 | lu.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | lu.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | 12.125.203.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gfs302n504.userstorage.mega.co.nz | udp |
| CA | 185.206.25.14:443 | gfs302n504.userstorage.mega.co.nz | tcp |
| US | 8.8.8.8:53 | gfs302n504.userstorage.mega.co.nz | udp |
| CA | 185.206.25.14:443 | gfs302n504.userstorage.mega.co.nz | tcp |
| CA | 185.206.25.14:443 | gfs302n504.userstorage.mega.co.nz | tcp |
| CA | 185.206.25.14:443 | gfs302n504.userstorage.mega.co.nz | tcp |
| US | 8.8.8.8:53 | gfs302n504.userstorage.mega.co.nz | udp |
| US | 8.8.8.8:53 | 14.25.206.185.in-addr.arpa | udp |
| CA | 185.206.25.14:443 | gfs302n504.userstorage.mega.co.nz | tcp |
| US | 52.182.141.63:443 | tcp | |
| CA | 185.206.25.14:443 | gfs302n504.userstorage.mega.co.nz | tcp |
| N/A | 127.0.0.1:6341 | tcp | |
| N/A | 127.0.0.1:6341 | tcp | |
| N/A | 127.0.0.1:6341 | tcp | |
| N/A | 127.0.0.1:6341 | tcp | |
| US | 8.8.8.8:53 | 196.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.251.36.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.251.36.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 22.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.7-zip.org | udp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| US | 8.8.8.8:53 | www.7-zip.org | udp |
| US | 8.8.8.8:53 | www.7-zip.org | udp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| US | 8.8.8.8:53 | 237.202.12.49.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.8.109.52.in-addr.arpa | udp |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 204.79.197.203:80 | api.msn.com | tcp |
| N/A | 127.0.0.1:50869 | tcp | |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | www.7-zip.org | udp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 34.215.121.165:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.117.65.55:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 35.241.9.150:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | 165.121.215.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| LU | 31.216.144.5:443 | mega.nz | tcp |
| US | 8.8.8.8:53 | mega.nz | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| US | 8.8.8.8:53 | 5.144.216.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eu.static.mega.co.nz | udp |
| NL | 66.203.127.13:443 | eu.static.mega.co.nz | tcp |
| NL | 66.203.127.13:443 | eu.static.mega.co.nz | tcp |
| US | 8.8.8.8:53 | eu.static.mega.co.nz | udp |
| US | 8.8.8.8:53 | eu.static.mega.co.nz | udp |
| US | 8.8.8.8:53 | 13.127.203.66.in-addr.arpa | udp |
| LU | 66.203.125.12:443 | lu.api.mega.co.nz | tcp |
| LU | 66.203.125.12:443 | lu.api.mega.co.nz | tcp |
| N/A | 127.0.0.1:50884 | tcp | |
| US | 8.8.8.8:53 | bit.ly | udp |
| US | 67.199.248.10:80 | bit.ly | tcp |
| US | 8.8.8.8:53 | bit.ly | udp |
| US | 8.8.8.8:53 | bit.ly | udp |
| US | 8.8.8.8:53 | 10.248.199.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | 232.138.159.162.in-addr.arpa | udp |
| US | 162.159.138.232:443 | discord.com | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ip4.seeip.org | udp |
| US | 23.128.64.141:443 | ip4.seeip.org | tcp |
| US | 23.128.64.141:443 | ip4.seeip.org | tcp |
| US | 8.8.8.8:53 | ip-api.com | udp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 8.8.8.8:53 | 141.64.128.23.in-addr.arpa | udp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 1.112.95.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 35.241.9.150:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| FR | 23.200.86.251:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.86.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| GB | 216.58.208.110:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.208.110:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r5---sn-4g5e6nz7.gvt1.com | udp |
| DE | 173.194.187.170:443 | r5---sn-4g5e6nz7.gvt1.com | tcp |
| US | 8.8.8.8:53 | r5.sn-4g5e6nz7.gvt1.com | udp |
| US | 8.8.8.8:53 | r5.sn-4g5e6nz7.gvt1.com | udp |
| DE | 173.194.187.170:443 | r5.sn-4g5e6nz7.gvt1.com | udp |
| US | 8.8.8.8:53 | 110.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.187.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.111.73.144:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.111.73.144:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | fennec-catalog-cdn.prod.mozaws.net | udp |
| US | 34.111.73.144:443 | fennec-catalog-cdn.prod.mozaws.net | tcp |
| US | 34.111.73.144:443 | fennec-catalog-cdn.prod.mozaws.net | tcp |
| US | 34.111.73.144:443 | fennec-catalog-cdn.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | fennec-catalog-cdn.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | 144.73.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| LU | 31.216.144.5:443 | mega.nz | tcp |
| US | 8.8.8.8:53 | mega.nz | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| US | 8.8.8.8:53 | mega.io | udp |
| LU | 66.203.124.37:443 | mega.io | tcp |
| US | 8.8.8.8:53 | mega.io | udp |
| US | 8.8.8.8:53 | mega.io | udp |
| US | 8.8.8.8:53 | 37.124.203.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.api.mega.co.nz | udp |
| LU | 66.203.125.15:443 | g.api.mega.co.nz | tcp |
| US | 8.8.8.8:53 | lu.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | 15.125.203.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| CA | 162.208.16.210:443 | na.static.mega.co.nz | tcp |
| CA | 162.208.16.210:443 | na.static.mega.co.nz | tcp |
| CA | 162.208.16.210:443 | na.static.mega.co.nz | tcp |
| CA | 162.208.16.210:443 | na.static.mega.co.nz | tcp |
| CA | 162.208.16.210:443 | na.static.mega.co.nz | tcp |
| CA | 162.208.16.210:443 | na.static.mega.co.nz | tcp |
| CA | 162.208.16.210:443 | na.static.mega.co.nz | tcp |
| LU | 66.203.125.15:443 | g.api.mega.co.nz | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| LU | 66.203.124.37:443 | mega.io | tcp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.138.232:443 | discord.com | udp |
| LU | 66.203.124.37:443 | mega.io | tcp |
| US | 8.8.8.8:53 | g.api.mega.co.nz | udp |
| LU | 66.203.125.15:443 | g.api.mega.co.nz | tcp |
| US | 8.8.8.8:53 | reqstat.api.mega.co.nz | udp |
| LU | 66.203.125.28:443 | reqstat.api.mega.co.nz | tcp |
| US | 8.8.8.8:53 | reqstat.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | reqstat.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | 28.125.203.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 184.28.198.179:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | 179.198.28.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| US | 8.8.8.8:53 | lu.api.mega.co.nz | udp |
| LU | 66.203.125.15:443 | lu.api.mega.co.nz | tcp |
| LU | 66.203.125.28:443 | reqstat.api.mega.co.nz | tcp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| LU | 66.203.125.15:443 | lu.api.mega.co.nz | tcp |
| LU | 66.203.125.15:443 | lu.api.mega.co.nz | tcp |
| US | 8.8.8.8:53 | gfs206n208.userstorage.mega.co.nz | udp |
| BE | 94.24.37.118:443 | gfs206n208.userstorage.mega.co.nz | tcp |
| US | 8.8.8.8:53 | gfs206n208.userstorage.mega.co.nz | udp |
| US | 8.8.8.8:53 | gfs206n208.userstorage.mega.co.nz | udp |
| US | 8.8.8.8:53 | 118.37.24.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mcd270n310.karere.mega.nz | udp |
| US | 8.8.8.8:53 | mcd270n310.karere.mega.nz | udp |
| US | 8.8.8.8:53 | mcd270n310.karere.mega.nz | udp |
| LU | 66.203.125.56:443 | mcd270n310.karere.mega.nz | tcp |
| US | 8.8.8.8:53 | 56.125.203.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.3.197.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| US | 8.8.8.8:53 | gfs302n130.userstorage.mega.co.nz | udp |
| CA | 162.208.16.40:443 | gfs302n130.userstorage.mega.co.nz | tcp |
| US | 8.8.8.8:53 | gfs302n130.userstorage.mega.co.nz | udp |
| CA | 162.208.16.40:443 | gfs302n130.userstorage.mega.co.nz | tcp |
| US | 8.8.8.8:53 | gfs302n130.userstorage.mega.co.nz | udp |
| US | 8.8.8.8:53 | 40.16.208.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bit.ly | udp |
| US | 67.199.248.11:80 | bit.ly | tcp |
| US | 67.199.248.11:80 | bit.ly | tcp |
| US | 8.8.8.8:53 | bit.ly | udp |
| US | 8.8.8.8:53 | bitly.com | udp |
| US | 67.199.248.15:443 | bitly.com | tcp |
| US | 8.8.8.8:53 | bitly.com | udp |
| US | 8.8.8.8:53 | bitly.com | udp |
| US | 67.199.248.15:443 | bitly.com | udp |
| US | 8.8.8.8:53 | docrdsfx76ssb.cloudfront.net | udp |
| NL | 52.222.137.33:443 | docrdsfx76ssb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | docrdsfx76ssb.cloudfront.net | udp |
| NL | 52.222.137.33:443 | docrdsfx76ssb.cloudfront.net | tcp |
| NL | 52.222.137.33:443 | docrdsfx76ssb.cloudfront.net | tcp |
| NL | 52.222.137.33:443 | docrdsfx76ssb.cloudfront.net | tcp |
| NL | 52.222.137.33:443 | docrdsfx76ssb.cloudfront.net | tcp |
| NL | 52.222.137.33:443 | docrdsfx76ssb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | docrdsfx76ssb.cloudfront.net | udp |
| US | 8.8.8.8:53 | 15.248.199.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.137.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js-eu1.hs-scripts.com | udp |
| US | 172.65.208.22:443 | js-eu1.hs-scripts.com | tcp |
| US | 8.8.8.8:53 | 2acdb9b66bb242618283aadb21ede6c1.pacloudflare.com | udp |
| US | 8.8.8.8:53 | 2acdb9b66bb242618283aadb21ede6c1.pacloudflare.com | udp |
| US | 8.8.8.8:53 | 22.208.65.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js-eu1.hs-banner.com | udp |
| US | 8.8.8.8:53 | js-eu1.hs-analytics.net | udp |
| US | 172.65.202.201:443 | js-eu1.hs-banner.com | tcp |
| US | 8.8.8.8:53 | 7c7b02d4bc3d48dd81a7c7738d4de1ab.pacloudflare.com | udp |
| US | 8.8.8.8:53 | 7c7b02d4bc3d48dd81a7c7738d4de1ab.pacloudflare.com | udp |
| US | 8.8.8.8:53 | 18ea70d2d9a945cfb97d818ba71817dc.pacloudflare.com | udp |
| US | 8.8.8.8:53 | 201.202.65.172.in-addr.arpa | udp |
| US | 172.65.238.60:443 | 18ea70d2d9a945cfb97d818ba71817dc.pacloudflare.com | tcp |
| US | 8.8.8.8:53 | 60.238.65.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | track-eu1.hubspot.com | udp |
| US | 172.65.240.166:443 | track-eu1.hubspot.com | tcp |
| US | 8.8.8.8:53 | e5de3d23065c4748b155c28e6fa36f3e.pacloudflare.com | udp |
| US | 8.8.8.8:53 | e5de3d23065c4748b155c28e6fa36f3e.pacloudflare.com | udp |
| US | 172.65.240.166:443 | e5de3d23065c4748b155c28e6fa36f3e.pacloudflare.com | udp |
| US | 8.8.8.8:53 | 166.240.65.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.optimizely.com | udp |
| NL | 173.223.112.148:443 | cdn.optimizely.com | tcp |
| US | 8.8.8.8:53 | e5048.dsca.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 148.112.223.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a16488430484.cdn.optimizely.com | udp |
| FR | 104.108.44.67:443 | a16488430484.cdn.optimizely.com | tcp |
| US | 8.8.8.8:53 | e4728.x.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e4728.x.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 67.44.108.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | errors.client.optimizely.com | udp |
| US | 35.168.175.58:443 | errors.client.optimizely.com | tcp |
| US | 35.168.175.58:443 | errors.client.optimizely.com | tcp |
| US | 8.8.8.8:53 | client-error-log-962704628.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | client-error-log-962704628.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | 58.175.168.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | logx.optimizely.com | udp |
| US | 18.208.67.18:443 | logx.optimizely.com | tcp |
| US | 8.8.8.8:53 | p13nlog-1106815646.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | p13nlog-1106815646.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | 18.67.208.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lu.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | public.profitwell.com | udp |
| NL | 52.222.139.11:443 | public.profitwell.com | tcp |
| US | 8.8.8.8:53 | dna8twue3dlxq.cloudfront.net | udp |
| US | 8.8.8.8:53 | dna8twue3dlxq.cloudfront.net | udp |
| US | 8.8.8.8:53 | 8.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | platform.twitter.map.fastly.net | udp |
| US | 8.8.8.8:53 | platform.twitter.map.fastly.net | udp |
| DE | 23.32.238.152:443 | snap.licdn.com | tcp |
| US | 8.8.8.8:53 | a1916.dscg2.akamai.net | udp |
| US | 8.8.8.8:53 | a1916.dscg2.akamai.net | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | 12389169.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 104.16.89.20:443 | cdn.jsdelivr.net | tcp |
| NL | 142.250.179.134:443 | 12389169.fls.doubleclick.net | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net.cdn.cloudflare.net | udp |
| US | 104.16.89.20:443 | cdn.jsdelivr.net.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 157.240.5.10:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net.cdn.cloudflare.net | udp |
| US | 157.240.5.10:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.162:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.238.32.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.89.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.36.251.142.in-addr.arpa | udp |
| NL | 142.250.179.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.linkedin.oribi.io | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| US | 8.8.8.8:53 | s.twitter.com | udp |
| NL | 52.222.139.9:443 | cdn.linkedin.oribi.io | tcp |
| US | 8.8.8.8:53 | d1ni990a184w7d.cloudfront.net | udp |
| US | 104.244.42.5:443 | t.co | tcp |
| US | 8.8.8.8:53 | s.twitter.com | udp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | d1ni990a184w7d.cloudfront.net | udp |
| US | 8.8.8.8:53 | l-0005.l-msedge.net | udp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | l-0005.l-msedge.net | udp |
| US | 8.8.8.8:53 | sp.bitly.com | udp |
| US | 34.120.78.44:443 | sp.bitly.com | tcp |
| US | 8.8.8.8:53 | sp.bitly.com | udp |
| US | 8.8.8.8:53 | sp.bitly.com | udp |
| US | 34.120.78.44:443 | sp.bitly.com | tcp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 34.120.78.44:443 | sp.bitly.com | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| NL | 216.58.214.14:443 | analytics.google.com | tcp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| NL | 216.58.214.14:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 13.107.42.14:443 | l-0005.l-msedge.net | tcp |
| US | 104.244.42.195:443 | s.twitter.com | tcp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.78.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.42.244.104.in-addr.arpa | udp |
| DE | 157.240.20.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| DE | 157.240.20.35:443 | www.facebook.com | udp |
| NL | 142.250.102.155:443 | stats.g.doubleclick.net | tcp |
| NL | 142.250.102.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 35.20.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bitly.com | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.244.181.201:443 | prod.balrog.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | lu.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | lu.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | lu.api.mega.co.nz | udp |
| US | 67.199.248.15:443 | bitly.com | tcp |
| US | 8.8.8.8:53 | bitly.com | udp |
| US | 8.8.8.8:53 | bitly.com | udp |
| US | 67.199.248.15:443 | bitly.com | udp |
| US | 8.8.8.8:53 | docrdsfx76ssb.cloudfront.net | udp |
| NL | 52.222.137.33:443 | docrdsfx76ssb.cloudfront.net | tcp |
| NL | 52.222.137.33:443 | docrdsfx76ssb.cloudfront.net | tcp |
| NL | 52.222.137.33:443 | docrdsfx76ssb.cloudfront.net | tcp |
| NL | 52.222.137.33:443 | docrdsfx76ssb.cloudfront.net | tcp |
| NL | 52.222.137.33:443 | docrdsfx76ssb.cloudfront.net | tcp |
| NL | 52.222.137.33:443 | docrdsfx76ssb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | docrdsfx76ssb.cloudfront.net | udp |
| US | 8.8.8.8:53 | docrdsfx76ssb.cloudfront.net | udp |
| US | 8.8.8.8:53 | js-eu1.hs-scripts.com | udp |
| US | 172.65.208.22:443 | js-eu1.hs-scripts.com | tcp |
| US | 8.8.8.8:53 | 2acdb9b66bb242618283aadb21ede6c1.pacloudflare.com | udp |
| US | 8.8.8.8:53 | js-eu1.hs-banner.com | udp |
| US | 172.65.202.201:443 | js-eu1.hs-banner.com | tcp |
| US | 8.8.8.8:53 | 7c7b02d4bc3d48dd81a7c7738d4de1ab.pacloudflare.com | udp |
| US | 8.8.8.8:53 | cdn.optimizely.com | udp |
| NL | 173.223.112.148:443 | cdn.optimizely.com | tcp |
| US | 8.8.8.8:53 | e5048.dsca.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e5048.dsca.akamaiedge.net | udp |
| US | 67.199.248.15:443 | bitly.com | udp |
| US | 8.8.8.8:53 | g.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | g.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 35.241.9.150:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 35.241.9.150:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.111.73.144:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | fennec-catalog-cdn.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | fennec-catalog-cdn.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | g.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | lu.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | g.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | lu.api.mega.co.nz | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| NL | 216.58.214.14:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 23.128.64.141:443 | ip4.seeip.org | tcp |
| US | 23.128.64.141:443 | ip4.seeip.org | tcp |
| US | 23.128.64.141:443 | ip4.seeip.org | tcp |
| US | 8.8.8.8:53 | ip-api.com | udp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 232.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| DE | 2.16.241.76:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | 203.33.253.131.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.241.16.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:61415 | tcp | |
| N/A | 127.0.0.1:61422 | tcp | |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 34.211.203.81:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 34.117.65.55:443 | autopush.prod.mozaws.net | tcp |
| US | 35.241.9.150:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| NL | 142.251.39.99:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| NL | 142.251.39.99:443 | id.google.com | udp |
| US | 8.8.8.8:53 | 99.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.251.36.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| NL | 142.251.39.110:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| NL | 142.251.39.110:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| NL | 142.251.39.110:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | 194.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| NL | 142.251.36.14:443 | encrypted-vtbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| NL | 142.251.36.14:443 | encrypted-vtbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | 142.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| NL | 142.251.36.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| NL | 142.251.36.6:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| NL | 142.250.179.170:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| NL | 142.250.179.170:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| NL | 142.250.179.170:443 | jnn-pa.googleapis.com | udp |
| NL | 142.250.179.170:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 6.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| FR | 23.200.86.251:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.208.110:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.208.110:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-4g5ednld.gvt1.com | udp |
| DE | 173.194.182.105:443 | r4---sn-4g5ednld.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-4g5ednld.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-4g5ednld.gvt1.com | udp |
| DE | 173.194.182.105:443 | r4.sn-4g5ednld.gvt1.com | udp |
| US | 8.8.8.8:53 | 105.182.194.173.in-addr.arpa | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 35.241.9.150:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.244.181.201:443 | prod.balrog.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
Files
memory/1484-133-0x0000000000040000-0x000000000037A000-memory.dmp
memory/1484-134-0x0000000005400000-0x00000000059A4000-memory.dmp
memory/1484-135-0x0000000004D90000-0x0000000004E22000-memory.dmp
memory/1484-136-0x0000000004D80000-0x0000000004D90000-memory.dmp
memory/1484-137-0x0000000004D30000-0x0000000004D3A000-memory.dmp
memory/1484-144-0x0000000004D80000-0x0000000004D90000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs.js
| MD5 | f73e52d124620d05267ba934f3b312d3 |
| SHA1 | 34121aa291d9f88b3e8e3a2fa37cb1c06cac2d30 |
| SHA256 | fc898a91ae8ce9d241c586f5dee2e60450dcdc5a31f1a7015d6dc2f4fefe4ac7 |
| SHA512 | 4ef67626a2ba584817d707c71ddf7e7ce75a780921c3fcdfa8a03de0de9303c4b548ce3c3b493f1c4876d511271978bcd3cdbc2d1003b23c2459847180045d46 |
memory/1484-153-0x0000000004D80000-0x0000000004D90000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | a71c32e746d8bfc506c407238e07c71c |
| SHA1 | 65b645a5a52f52f637204ed6b5666ca20df8eb15 |
| SHA256 | 88e6c1502621fc29552a2091dd8249c65bf354120806ea15ea8d4686ce5e283d |
| SHA512 | f3e715de9f5df8c7b90fcd84b748e69bf186250ac7711d6401f1dd83cca1af8c734a5696f03e923b0cc4311545e52983cf083295619ecb2fff1df2544f241074 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 43e876f1c3191695cfbe5b3137516785 |
| SHA1 | 10632ed5401e36ed95fb1998c99384d75832e648 |
| SHA256 | 5b4789ddce7401e2b220ca68130d4badba8cb01392d7a32963afab6f7a01197e |
| SHA512 | 8b444a93ebfad6c3381d53e9d91d14d536f71a09a22894a64a5eed42489d651da239c4e76e10724178db7294e30e8ebeb07edb7100a0387fb2fc5028da378bc3 |
memory/1484-214-0x0000000004D80000-0x0000000004D90000-memory.dmp
memory/1484-240-0x0000000004D80000-0x0000000004D90000-memory.dmp
memory/1484-261-0x0000000004D80000-0x0000000004D90000-memory.dmp
memory/1484-269-0x0000000004D80000-0x0000000004D90000-memory.dmp
memory/1484-270-0x0000000004D80000-0x0000000004D90000-memory.dmp
memory/1484-304-0x0000000004D80000-0x0000000004D90000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 76d23a790c80567312c5e2f75cdadb64 |
| SHA1 | 778ed9ee3a93d60d20c1189331c30dd0479dcf92 |
| SHA256 | c9d32d7a7ca83976bc5935a1783dccd87f61fa9b012b97ab8fe6239a71194391 |
| SHA512 | 3e1b7bb1864875b136f82e2c945336826a05ee88c004711bd595eab99119b32f734185b3d86ba14a92624b6b5c04cbaa0e2c6ddcfadddea24607316d98aff6ff |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | b4dd6b6acc74fc1d6f06caf408bcba32 |
| SHA1 | 498123d5734e48a56c4d60cbe9142e8bd33db5c8 |
| SHA256 | e9989bf9c8638ee218c82e499e48815babb5ea35415fa9aebe8779f85c41b012 |
| SHA512 | 7d6cc4e11daa08fe4a40c4a1ac19b1f66fcc45e3a61f628390fcf0eb3f4356b0241ba7e27e91a88ba2dc68bc4315c59bebb7841633329bd528f1ddfa35199896 |
memory/1484-373-0x0000000004D80000-0x0000000004D90000-memory.dmp
memory/1484-422-0x0000000004D80000-0x0000000004D90000-memory.dmp
memory/1484-450-0x0000000004D80000-0x0000000004D90000-memory.dmp
memory/1484-461-0x0000000004D80000-0x0000000004D90000-memory.dmp
memory/1484-475-0x0000000005250000-0x0000000005350000-memory.dmp
C:\Users\Admin\Downloads\oJJUB7Nt.rar.part
| MD5 | 635903bad1ada856d701f34d3070ccd9 |
| SHA1 | 3ff98d91b9a3a47bf9f64bdf161efb9c5ac99fb0 |
| SHA256 | 3759744039346620e9613f40f90e8f318e5f54ad49c070e2bd23b667f7e65bf6 |
| SHA512 | fee2c64124c47bcb1251b7b87969a1ff493e24bc196633e3a301565b126f5ed2e2967d4d1426ff5d9be9466c852bacf405229308acf946368e00ca887a4ef015 |
memory/1484-561-0x0000000005250000-0x0000000005350000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | a839963d5e8165ab10321ad99840cda0 |
| SHA1 | b880e4c4191655e1d630edb10a8888eadf536911 |
| SHA256 | e76e7b647bd5bba8e81b67377041ec3cb5d482324e143336726c5ecef26f6a94 |
| SHA512 | b64b5a50fe250cb31bc8857970b1c342863247251e92d6a8b06da193ded25a58003660e096486405822aafc1aa3040da71d67fa514076cafe1f00deb62b29a7c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | f7bebf45b175aefeedd62073138dfb0c |
| SHA1 | 2b7d324b3ff3ecf91530f4e3afadaae178ba8f44 |
| SHA256 | 69e27f10f032ccd064b4b7c3c317e3342e03813c8e5a059c7b1bb8aea585121b |
| SHA512 | f87626aee7bcad0d7bb02accb2fe338d7fedbddf6848015847d46f47d1848eaf7fb063ea36257ac0feba34d7aa423508c1f186aea81c3c5131f68b5ebe106e88 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\storage\default\https+++mega.nz\idb\3713173747_s_edmban.sqlite
| MD5 | 3d82aa3d4fdb0826999c32a5bae7df4e |
| SHA1 | 09ae02ebe39fb4f5f2e61208fa35abcdd39a6205 |
| SHA256 | ba93128dcfc35baac833b062883980ddf70ee1fdb1d3173479677814d0a7f401 |
| SHA512 | c9137f1762b11482c993faf9b90994a0ae73bdaa0cb4a3517f3a7555e55c9a3bde8f5106ae724732b47cf97869124a4c3818399a285d49a22b2bc01a32340355 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 1efdb274750efa5089f18c3558574bec |
| SHA1 | bd014479e92797a7beda3322df7359386eca7ba0 |
| SHA256 | 2fdef2dead9ed527fa480f66be39602b221398bf44cb73722f4a2f322df9a750 |
| SHA512 | 9ebd209c59ea4bcb41bcab82b0a3bbe1e29d589bcb2e61d14dd726841462f649fb7decc5bc3d643eff0666f0f8bb0af18ab34094d3b6870de9bf3502788e6ae5 |
memory/1484-611-0x0000000005250000-0x0000000005350000-memory.dmp
memory/1484-657-0x0000000005250000-0x0000000005350000-memory.dmp
memory/1484-792-0x0000000005250000-0x0000000005350000-memory.dmp
C:\Users\Admin\Downloads\7z2201-x64.exe
| MD5 | a6a0f7c173094f8dafef996157751ecf |
| SHA1 | c0dcae7c4c80be25661d22400466b4ea074fc580 |
| SHA256 | b055fee85472921575071464a97a79540e489c1c3a14b9bdfbdbab60e17f36e4 |
| SHA512 | 965d43f06d104bf6707513c459f18aaf8b049f4a043643d720b184ed9f1bb6c929309c51c3991d5aaff7b9d87031a7248ee3274896521abe955d0e49f901ac94 |
memory/1484-881-0x0000000005250000-0x0000000005350000-memory.dmp
memory/1484-882-0x0000000005250000-0x0000000005350000-memory.dmp
C:\Users\Admin\Downloads\7z2201-x64.exe
| MD5 | a6a0f7c173094f8dafef996157751ecf |
| SHA1 | c0dcae7c4c80be25661d22400466b4ea074fc580 |
| SHA256 | b055fee85472921575071464a97a79540e489c1c3a14b9bdfbdbab60e17f36e4 |
| SHA512 | 965d43f06d104bf6707513c459f18aaf8b049f4a043643d720b184ed9f1bb6c929309c51c3991d5aaff7b9d87031a7248ee3274896521abe955d0e49f901ac94 |
C:\Users\Admin\Downloads\7z2201-x64.exe
| MD5 | a6a0f7c173094f8dafef996157751ecf |
| SHA1 | c0dcae7c4c80be25661d22400466b4ea074fc580 |
| SHA256 | b055fee85472921575071464a97a79540e489c1c3a14b9bdfbdbab60e17f36e4 |
| SHA512 | 965d43f06d104bf6707513c459f18aaf8b049f4a043643d720b184ed9f1bb6c929309c51c3991d5aaff7b9d87031a7248ee3274896521abe955d0e49f901ac94 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionCheckpoints.json.tmp
| MD5 | e6c20f53d6714067f2b49d0e9ba8030e |
| SHA1 | f516dc1084cdd8302b3e7f7167b905e603b6f04f |
| SHA256 | 50a670fb78ff2712aae2c16d9499e01c15fddf24e229330d02a69b0527a38092 |
| SHA512 | 462415b8295c1cdcac0a7cb16bb8a027ef36ae2ce0b061071074ac3209332a7eae71de843af4b96bbbd6158ca8fd5c18147bf9a79b8a7768a9a35edce8b784bf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore.jsonlz4
| MD5 | cee2271e03be73a7cb460d8b60457729 |
| SHA1 | ea77ec2e02bfc2f227a79215fba7bbd054fd0456 |
| SHA256 | a1d6b86f44b5edb2df597c526cfa26c020d7382020f11ac50fd565838ab51916 |
| SHA512 | a38f44974cbbd6bc9c790e266309440760a102b02a15596f64665350a374153760b69ac074ecce7d9563d86fec4f63ca38356d731a2d002452389f43c5c7ee9d |
memory/1484-1001-0x0000000005250000-0x0000000005350000-memory.dmp
memory/1484-1002-0x0000000005250000-0x0000000005350000-memory.dmp
memory/1484-1003-0x0000000005250000-0x0000000005350000-memory.dmp
C:\Users\Admin\Downloads\7z2201-x64.exe
| MD5 | a6a0f7c173094f8dafef996157751ecf |
| SHA1 | c0dcae7c4c80be25661d22400466b4ea074fc580 |
| SHA256 | b055fee85472921575071464a97a79540e489c1c3a14b9bdfbdbab60e17f36e4 |
| SHA512 | 965d43f06d104bf6707513c459f18aaf8b049f4a043643d720b184ed9f1bb6c929309c51c3991d5aaff7b9d87031a7248ee3274896521abe955d0e49f901ac94 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs.js
| MD5 | f73e52d124620d05267ba934f3b312d3 |
| SHA1 | 34121aa291d9f88b3e8e3a2fa37cb1c06cac2d30 |
| SHA256 | fc898a91ae8ce9d241c586f5dee2e60450dcdc5a31f1a7015d6dc2f4fefe4ac7 |
| SHA512 | 4ef67626a2ba584817d707c71ddf7e7ce75a780921c3fcdfa8a03de0de9303c4b548ce3c3b493f1c4876d511271978bcd3cdbc2d1003b23c2459847180045d46 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\startupCache\startupCache.8.little
| MD5 | a5e59bfa39139f96b0663420448a8531 |
| SHA1 | 553ac15955dd72a131cd6f4fc19f00feb139bab2 |
| SHA256 | d0af4da97fa8083683d04e80460ae5ec8440a43370c381b0fb5b25d971d8a23b |
| SHA512 | 18c7eb9370fad39b18810bf83f1aabadefbc65009ef2c9e253e5206adc095872d157efb90a166a9f268d465d8df3c1610258a7eff91f2ee96594bb49a5ca95d0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\startupCache\urlCache.bin
| MD5 | f6f677fff7ae332ea66f4894bcf548cb |
| SHA1 | 8c70d5932602fa6a235e754758cfb0923af8afa8 |
| SHA256 | 9cb2f28bca18ac42378fd69e5a77b46d3cf41835967ff69e4e2e62ac94ad2528 |
| SHA512 | 0c7a9582e0ee7e6430ffc9efb94c5a7e1afb35fbc4d6c42047d48deb1c892c1b9f1a5761f2f04d3782c8dd8d4405a7a7b009d9e4c9b67add8f80e95fe9c228ee |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\addonStartup.json.lz4
| MD5 | f250c684a241935c2794c30ae164ae52 |
| SHA1 | ea384bb1ba6744718b3bb8180800365d19887692 |
| SHA256 | ff08fca842608945bab874f225d809065a58d1eda82f37f80f727bff95bc00a7 |
| SHA512 | e16698db5705fb140ab0579c4ecbe51ba7fd2d494bf987c23bc5c46294e84749a3f1b43d0ef43fa75e7ce0d1b67ac3c22421717506be6fedb4dac49e2e7870ad |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\xulstore.json
| MD5 | 1995825c748914809df775643764920f |
| SHA1 | 55c55d77bb712d2d831996344f0a1b3e0b7ff98a |
| SHA256 | 87835b1bd7d0934f997ef51c977349809551d47e32c3c9224899359ae0fce776 |
| SHA512 | c311970610d836550a07feb47bd0774fd728130d0660cbada2d2d68f2fcfbe84e85404d7f5b8ab0f71a6c947561dcffa95df2782a712f4dcb7230ea8ba01c34c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\startupCache\scriptCache.bin
| MD5 | 1402a1f6e5d9c8ea91f6faac1c7cf929 |
| SHA1 | b0b0b2cdebd7fdee8649f469c57a10cf168b5844 |
| SHA256 | 8d5acee3829ba79d5a7871675c9850d0bb0ee5fc17853f08d8c04e3d9c7118b4 |
| SHA512 | bb3e6474e628934c8bb1ba4e53c96624030f57843addc7a11dd83ffbd5ab890de7b983338c6a0701128790b36e259f0268036c89de57daf88c0532c1b34df032 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\startupCache\scriptCache-child.bin
| MD5 | 67f22f27223d6a2da3760b5cf1a92340 |
| SHA1 | 70ec506cdbb71d9777baca2232c1ac27d9ea4c93 |
| SHA256 | 4cdd33a28c637663c53970683497e24af6acd0f8e3c8611b65caa3cff47bacd4 |
| SHA512 | aa218e6a5d52e175abd10da7fb2fcaa59aa1313acfdde24d8732554f8c036a540af8eb3660475b3b403494185e1a509cf42b3fce492b03b76e44d313ee2460ba |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\permissions.sqlite
| MD5 | 13e9d1e2d59b288227440f0cdc947904 |
| SHA1 | 8b59c6216a2f26f6f581087e34f0a62570bae938 |
| SHA256 | facc2c3a989bba238a4a7a365ec2e0ec339a3c5da35375cf90b4d05b484f4501 |
| SHA512 | 3cbe00694318fd4ee04d1d0c60cc9c490d9bb19d1498aa3635d991641aa0e867667ab38558deefa5f31194381a7ef740938e02db6e0cbccab296cbd18f583c6e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\cookies.sqlite
| MD5 | 223db9ba0e52b1a771ae6c07430c0ed5 |
| SHA1 | 5723101d4ba3d399310609c9a0bb4d8d73fcb771 |
| SHA256 | eb3aaee975b107e3479410940e11b0108fac0413ac5edb18dab652befba3bb57 |
| SHA512 | 4d664ba7fd81e683b0ff66424efba8ae8dc81a1720e1813ecaee30520b061b135e996f2b411a41bf4230b0a54babb5f15fa756128f4d0ec80c9d8e15e66fb414 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore.jsonlz4
| MD5 | cee2271e03be73a7cb460d8b60457729 |
| SHA1 | ea77ec2e02bfc2f227a79215fba7bbd054fd0456 |
| SHA256 | a1d6b86f44b5edb2df597c526cfa26c020d7382020f11ac50fd565838ab51916 |
| SHA512 | a38f44974cbbd6bc9c790e266309440760a102b02a15596f64665350a374153760b69ac074ecce7d9563d86fec4f63ca38356d731a2d002452389f43c5c7ee9d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionCheckpoints.json.tmp
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionCheckpoints.json.tmp
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 0747894845651652d9ff4101bf8d656b |
| SHA1 | 40ec7b525aaf9482b6171e25a82e04930907cb07 |
| SHA256 | edb701d20304b8649a311d387b71ea580b2809cb6e49bd58b8d6bedf56429e91 |
| SHA512 | 781efe1f3bc38d3926615efe9e13428288d3fe7c4cab3ee59cba38a060b7c3db5087a1713536e64af4fcc7695233bcb7b5c5006e3b3648150f7102c5d655983c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\storage.sqlite
| MD5 | b48f0ef3ac0a2761ddabab67ffcb5e85 |
| SHA1 | cbf2b7934e949f8595724934e87dc9cab9ee6528 |
| SHA256 | b428b677f9990cfc8da8efe5495e3942a3b375bc3a28a66e64473b80e55662d7 |
| SHA512 | b68ec47025a99783110e95ae98c70f819ba65d85bd63d66ed01022d11bd63d95ee7c5bfc2aab2a84744e8b80fc8fe6445c4bd587bf98f5f02d2a2dcf678ad87e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\SiteSecurityServiceState.txt
| MD5 | fec8f2855155c07da65bed52eb93695a |
| SHA1 | 5e277bdd6965031633f00b9151073e638cd972fa |
| SHA256 | 8189e0f5dddd00390d0922735f23d26c588af5a9fbb654c292c83a5c306e9589 |
| SHA512 | 52e91fb775a1f761a96288634c475946235df865dda15e5b6063eb508f854761bbef3d8e843d60beff8947ea387488de15470cc652075719e289d8d0a3f96306 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\cert9.db
| MD5 | 989e96a21309881cb01d727a9e769d9c |
| SHA1 | 61ed280356bba8ba91aa491a19cc7fdc0d4201fa |
| SHA256 | 60a010b102219698e4f807a9ea8487a51ec7fca6237c3196c011bceb7d3c22bd |
| SHA512 | 6bc96d4fd362504dd1dcefeb9ccfbb85a7371c1ff0d1010a122f0aedf9a0b767c761be14376f6c96b4d9d6561d15a1f00cab2996f10b996820a70d851e995c36 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\search.json.mozlz4
| MD5 | 033eb0645837c8b618a593f7b9a72642 |
| SHA1 | cf4c2e7ccaa275ee47cdd945a7bd1f8b57c61172 |
| SHA256 | 3409fd08295094b37673d748a0374cf0afaecf1671188b2ed012626cad67a582 |
| SHA512 | 27dd0743306b0845c06b3be3e3ae2f515777dced4bbf91a4864bb95c5873e2d6351d99be36d4762a2ba8262130c6d139db3f4f5272afb8717e02b09c1e39c2b4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\35CF8F0BACAFFC9656F3D3134E049835542C83AC
| MD5 | 2de5ab936bfee1f04ae0ef13c6cc69c4 |
| SHA1 | e0421c2e7f9b8dfa0d0a57ecfa1c28883acf0650 |
| SHA256 | bc61676d43fea50e7ba6c9541b5d3d144a22b7f3fb4967a65ed973e5bfb7079f |
| SHA512 | b0c56de31bd312e5d295208ac6fc9327ed15cb5ff161a1fa6bfae752726690a814cf3c45ef9d03b8848967b4ff2caeeacc70cd0211dc23a22bc887e1fec351df |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
| MD5 | 1d9ee450e1f3cd52705ac184807fbe48 |
| SHA1 | 54a20b5089f106b346a66ccf7a18573baedc2f65 |
| SHA256 | 797b8d852c833521aaf82e32169de04d37d65d12d36ba642aaa672d0b9224318 |
| SHA512 | e5b7aa2a5fd1453605f1681caa9f7124c73e2eb851c3c076bc82aab9910773c78fa9d708ad2212dbc9a3dadc829e5b1be1a8c756579f288c1df4fabdfe8ca72c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\activity-stream.discovery_stream.json
| MD5 | 8567c3b4ed3c1257e44564e23c7f8c44 |
| SHA1 | a68819d1cd78d26b1f7ebfcc66dc1aecb5f248dd |
| SHA256 | ed06529f67c0439b4fcec9229e00370ed69240fc0445ec43376e02091892ac20 |
| SHA512 | a53c8a40dd548b92de8eda1e6f9d367f8533ec5e797164489d0d9ee480fe6dca1a927c54afad6f6cde6b06fb1e2b1ec6516f0a0fe78010d5f29d43cbc5aa19a8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | 3e0e37c71d280b783591728b482e9630 |
| SHA1 | ee744f68b8f076e91ea582e4d8aa0dd862cf3aad |
| SHA256 | c3c39753d074bf2f14d5cde21cd3c6a46f268d5220e7048c442b1de78eae5011 |
| SHA512 | 3d3bdb31cf6ef26f072255cbb59d283ea94dd3ec84e7b998aace7290163f0b535c395e4e7fe23009ca771824f8f1e8de9fccade0f02436a50549c1cbf5365531 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\A3214108324DF7448BC2285E274CE48487034585
| MD5 | 5843312f6090ccc6b51637f53a531c2b |
| SHA1 | ece457e495594b5e860e355cc3dc29b8a2d79c32 |
| SHA256 | 6a811dccbac3e8caeb1fb92b3a1ae61da10af7940c66407d51a3be3a5e429642 |
| SHA512 | 8cfa7f04c75d47d0283076117e4a691ff767260575c24d198b1e7b7d42325c1786998f41f47145e55e7fe790b06ee571a340a70734f0d6aa5ca683f702189852 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F
| MD5 | b1c807aeb33978adc10c990444c78efe |
| SHA1 | 3cc3169dfe211d3bc496cfb798ea9e8bd2066dd5 |
| SHA256 | ef37e7ae36381b604dbe1799143cb3aacf9f401bde1fcdecd8be6feb738c0446 |
| SHA512 | f3eb19973b28545b3bcb465daa13dfeed9c7f07bd7b5dd2e4de95b63daceb9553e911381274725596faa0fc7920bf45e52c2696a64c2f03f19c6637b6198ca03 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\250EE2BC03AFF526F1A1C3DB212A79DE3EB60D5E
| MD5 | dae800a5c03e45e632b89e9165173c92 |
| SHA1 | 6b625b801f707245ad2b73bd578473b81aac3486 |
| SHA256 | aad28e47cd7bd0a0ba4abb29cf9c0f5926a0df7fba30e56a47700463ee64acb4 |
| SHA512 | 3028570ddef0e4737db807e591191b3e3a6149e6fa7546aa0806e4f06f1ed1ffa68d74073b5a7591c5dbeca72c51cfffd3645776cd52bee762a92d03eec7137e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\favicons.sqlite
| MD5 | c8c502c90e898b3551af55e4b674e561 |
| SHA1 | b956ec82ebf0304226bca05bd775c97cc776dd39 |
| SHA256 | 240735a521d1786cd534f5242f2825cd8bcf290447ea1035f5c8c45c679b2df4 |
| SHA512 | f7e027a1d4d0d0f48a1f24438b09c6f413c8dcad1d303fbda2a4e68d03d914b6c64fb0593a9e90ce52c742fb7ea6dbf8ac86029339dda96a411b3cf2ac0b54f8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\places.sqlite
| MD5 | 603b9ad9a8e2fd80479362b4bd8902ed |
| SHA1 | 160e316fd25d10bb1b521a6085b3cdae909283bd |
| SHA256 | 35f9374d11f30b66ad86ba0ddf34de3851ad490d871e16a042a7de618cfde524 |
| SHA512 | 1b8f09780cd60e37b9ddaa732f2d844a3b24fab1f81023055a5234bc52385d884d5598e11cbe73c119d59e741b7073d1739498e72332f2da6c8828158c4bdb9a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\AlternateServices.txt
| MD5 | 353f6fc88afd7e96657080167ba7d580 |
| SHA1 | 39535f69a3d044288912034d86fb2dde4937f053 |
| SHA256 | 0b7d3f7bd6504e78149abd9b9b382d357187ae1f8dc4bfde8fae3570c4907de5 |
| SHA512 | 44d1801dca9490c6517d8102a98e7064b09f4320b038fec7fc3d9def29e554a33a19f4bce952c541f3766f9dc94fb1b65b77b8765dfd38e252e5249115f9bb76 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\protections.sqlite
| MD5 | deeced8825e857ead7ba3784966be7be |
| SHA1 | e72a09807d97d0aeb8baedd537f2489306e25490 |
| SHA256 | b9f022442a1506e592bf51284091a8a7fe17580b165d07e70c06fd6827343a54 |
| SHA512 | 01d303232d6481af322137b44fef6c2a584f0643c48bab2836f9fe3193207015da7f7514fe338500ae4469651e3d9618293858ae507e722198a249257677099e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495
| MD5 | 681ce51ea764fd3e9bb680ef948f5d0a |
| SHA1 | 7b93e661d0dbf61bd17acd3c6a4d05b11ba5ffb8 |
| SHA256 | 4ebc5e1afc748d0a03208a3151e657e3f262bb5b00ca6b0b2906f2c823216104 |
| SHA512 | 62c755aa95443ba16234d58e46f470d17d422f09686a05b95109bb0cdc60c9af4dc0b0cb0ab95ec9a338267666d8fe1b2bd11a00e80c2bc18e4ff744c9227ae5 |
C:\Program Files\7-Zip\7-zip.dll
| MD5 | c3af132ea025d289ab4841fc00bb74af |
| SHA1 | 0a9973d5234cc55b8b97bbb82c722b910c71cbaf |
| SHA256 | 56b1148a7f96f730d7085f90cadda4980d31cad527d776545c5223466f9ffb52 |
| SHA512 | 707097953d876fa8f25bfefb19bfb3af402b8a6a5d5c35a2d84282818df4466feba63b6401b9b9f11468a2189dcc7f504c51e4590a5e32e635eb4f5710fd80b2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\storage\default\https+++mega.nz\ls\usage
| MD5 | 3053c20342048085db2ad3d8ea65dd11 |
| SHA1 | 80b5eab05af8c4c2af8ad6401fb84924c8d56143 |
| SHA256 | 2fb863a23a91612409def0d2965588c4a108c3bda4bb36cc7ddaf17fc5cd7fda |
| SHA512 | 61575c0b25d275211b20a3dc8090c1879505dadb4bb47443039fdc433a0dc37e558eb9b7b8e403175e1d53855f279936651aecbcbcb93cdab64480f00b6bb89b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\43D8C898124B7E76A3FD4F4FDE08FF8A93536C94
| MD5 | 79c666e9410bfaef134ef9a46497c0ff |
| SHA1 | 9222cd76d9ed77ce006802bb9630542c90c34e0a |
| SHA256 | 8f68a276bd376901c8740602ab770ca36e0eec02002cb03de4a59e690fadf390 |
| SHA512 | e83b7d980d4e90f8333d78aed1cb0006f7533b45e7818841371dfc0a9311cd022fc970fc09aa981686860a3e7b61e16cddb7ec11bf46af873af6770df0faad5c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\A2A7547BA527F9A7BB30DBEE99FEF93F4DBC54D4
| MD5 | 32c1d61a98a5ec3ec7ed023d6f5116dd |
| SHA1 | 2b9e38324dd06f5f48b8b688726a45efa7c6e6e6 |
| SHA256 | 09c8dcedddc808db8829916208edb8519ba94a358e9ae00d8b5bcd3a7bb8726b |
| SHA512 | f4661c7ea6fad92c698dd3b093ce260423916a994f79451b7185e7c496de26562c48caf150b56ed2b61c3a5a8d38d3cba502a772c8950eca9739bde160bdef0d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\4E59E9BA631981F353B998F3EAA32000A2D02112
| MD5 | 49492793327e471054e77e9356d81e12 |
| SHA1 | 03248a46c8845729523b474052115cacdea34851 |
| SHA256 | b75534620a391364e86f3ca6ec8d16a306921ca6196b1f83c6c870c5d07aa58e |
| SHA512 | 6b7e3b20a0a0e9ffb94b3bcf681fb2c1ecd040a9d738ad52fdf1d40ea1d893cb0f0449ee87d7842a6df63181d9c037d00c4c1c3e0e5311e34f668c4e63d33f13 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\storage\default\https+++mega.nz\.metadata-v2
| MD5 | 5119f1f1bc3dc6da3d7d78ff3c8bf40c |
| SHA1 | 80e9f18481c103c5be583a707638caf88e73f2a5 |
| SHA256 | 70a7839796d3e9df32e31c0abe269d0c1ea71a0fd2570b711f67fcfcbbe03852 |
| SHA512 | 54111044a64d9e8e197382277aa1fb925d56be42164b131da9b180f86239ad21bf78f97512e02c0f6af2f929c1e40c8c925a048a3a6f6b02f3a637e0b840af9a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 7005f80a98990e68fa2eb60ea3de0322 |
| SHA1 | e038e7a8207ac0bb6cd1497bad121ce6f8097932 |
| SHA256 | 98d4ac86621ec109f9272ab5732a085bfcd8f48491a6b2354a73b649800bcd49 |
| SHA512 | 3fcc06592cd2fdaa79fcfed9c9b83415900927bda7e5e46eea97e044ab3c1c2cc8f3d84db80e729bec11e9f51438b5b63e831353769a851bf0990b59dccab0e9 |
C:\Program Files\7-Zip\7zG.exe
| MD5 | 5ab26ffd7b3c23a796138640b1737b48 |
| SHA1 | 6dab8c3822a0cab5b621fd2b7f16aebb159bcb56 |
| SHA256 | eb775b0e8cc349032187c2329fefcf64f5feed4d148034c060e227adf6d38500 |
| SHA512 | 2b40489f46e305f7e3455cac25e375711a6a1733861ee7bf1b800b86eaad2f40871c219924ddceb69b9748ae3cf9de59f0edffd7ed7b5e7f35d1239fe0333a78 |
C:\Program Files\7-Zip\7z.dll
| MD5 | bbf51226a8670475f283a2d57460d46c |
| SHA1 | 6388883ced0ce14ede20c7798338673ff8d6204a |
| SHA256 | 73578f14d50f747efa82527a503f1ad542f9db170e2901eddb54d6bce93fc00e |
| SHA512 | f68eb9c4ba0d923082107cff2f0e7f78e80be243b9d92cfab7298f59461fcca2c5c944d4577f161f11a2011c0958a3c32896eba4f0e89cd9f8aed97ab5bc74f9 |
C:\Users\Admin\Downloads\Mercurial.Grabber.v1.03.rar
| MD5 | 635903bad1ada856d701f34d3070ccd9 |
| SHA1 | 3ff98d91b9a3a47bf9f64bdf161efb9c5ac99fb0 |
| SHA256 | 3759744039346620e9613f40f90e8f318e5f54ad49c070e2bd23b667f7e65bf6 |
| SHA512 | fee2c64124c47bcb1251b7b87969a1ff493e24bc196633e3a301565b126f5ed2e2967d4d1426ff5d9be9466c852bacf405229308acf946368e00ca887a4ef015 |
C:\Program Files\7-Zip\7z.dll
| MD5 | bbf51226a8670475f283a2d57460d46c |
| SHA1 | 6388883ced0ce14ede20c7798338673ff8d6204a |
| SHA256 | 73578f14d50f747efa82527a503f1ad542f9db170e2901eddb54d6bce93fc00e |
| SHA512 | f68eb9c4ba0d923082107cff2f0e7f78e80be243b9d92cfab7298f59461fcca2c5c944d4577f161f11a2011c0958a3c32896eba4f0e89cd9f8aed97ab5bc74f9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 0a18ecc4861bb01892391083ce393480 |
| SHA1 | e6ad79cdd55540b3dc3c793d8c150b88916cb1a3 |
| SHA256 | 3ed91cb0af452f165bee6527cc68d180262dc8647862495eaf584ea7d90f4c30 |
| SHA512 | 3c5e416787c179316aca4ae01f8badfabaa24ccac5285fc96b8a67e1319cf693ebb1226d9cf77e2e67d4f862272f38b7add927f3cfe0b57343a7fa84fdbdbc2a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore-backups\upgrade.jsonlz4-20221007134813
| MD5 | cee2271e03be73a7cb460d8b60457729 |
| SHA1 | ea77ec2e02bfc2f227a79215fba7bbd054fd0456 |
| SHA256 | a1d6b86f44b5edb2df597c526cfa26c020d7382020f11ac50fd565838ab51916 |
| SHA512 | a38f44974cbbd6bc9c790e266309440760a102b02a15596f64665350a374153760b69ac074ecce7d9563d86fec4f63ca38356d731a2d002452389f43c5c7ee9d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 99eaf156596c1cf003a95ea3fcf9912d |
| SHA1 | 8d84d8f494602d892df4a48bb929078580536681 |
| SHA256 | 37fa570185a9b1a803de9f425d1b816638a6296966d0a3df0f12671ddd86a995 |
| SHA512 | da728e1991ab20d32aabcbf8efed4dfc06e448bf421e4097ec9537ca87bef5ed48e1dbaa74bc7876822d7e51e8d92fc85e4820357c45e44a4abc2efb602df39b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\6D81B5E71B11BB91239B760C682E5E832DDB7B9D
| MD5 | 6caa04d45cdd88be9ba379cff82b910d |
| SHA1 | 72eb9a6bc05edaa15a933906b241a6763ce9ca7d |
| SHA256 | bca06a9d06881ff630f7eb666047f364143619111a2e8a0fc2f07bb0b67c612c |
| SHA512 | c01727634b1ab99acaf766896046367003c381d9b7478fbf48f056b1e41134fe3ee139c6e285ab509474cc319eb4bdeef300da390fa883e8cb1ae1b121b350b8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\thumbnails\b91c4063098e54247979b4ae504ed20e.png
| MD5 | 373038d43871bcbcbf77b59683dd04ca |
| SHA1 | f60629699d7aae1e1f4d7dd607d91345b49ea70c |
| SHA256 | 9aba2e4d4d4fccc721fd6bbc84ebe5de9eda549a9ca96e3fc6d7165230e97671 |
| SHA512 | 81f566cf65e4431f0f56ebeabe1e96f638b1304a39065ce121cf5d24648a88ef9e19b0da70dcc24852744f77406fb745c85ff0d01c88c416d6cfd261c43356cc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | b2a98bbea7fb5f76396360a0a87f9f83 |
| SHA1 | 0fb243bf091388d681625733bb8d9f2de6342a35 |
| SHA256 | 3df74c4bba898ed727f7905112064553732825d3ffb5a60fe2bb8b7ea3c4c853 |
| SHA512 | df4dc6df15d40459cb7e13df0d8ba43e694c5c835a71b2a3fe3067bcfeda68f1b514166ae47e2caaa89e17d7c24ce4f1218c3864ffac2908e57050994bf40fac |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 5cf2321079e50451c2caa593b9c2448a |
| SHA1 | 7240b8944018900353529664e3cbf03a904f6aee |
| SHA256 | 73dc7f185020cfd92e92fd223999b8112b4db3c144ca94985cf13af752b25fcd |
| SHA512 | 1476afc3b212af46e1078d4f1fa35210ea4b143938449d24cc3c72b6550030b8904badee28e6db22a6ad1f4ba0c506ae65facc4590d4dfa999633fcfd38c4a24 |
C:\Program Files\7-Zip\7zFM.exe
| MD5 | d36deceeb4c9645aab2ded86608d090b |
| SHA1 | 912f4658c4b046fbadd084912f9126cb1ae3737b |
| SHA256 | 018d74ff917692124dee0a8a7e6302aecd219d79b049ad95f2f4eedea41b4a45 |
| SHA512 | 9752a9e57dd2e6cd454ba6c2d041d884369734c2b62c53d3ec4854731c398cd6e25ac75f7a55cda9d4b4c2efb074cb2e6efcbf3080cd8cc7d9bc8c9a25f62ff2 |
C:\Program Files\7-Zip\7-zip.dll
| MD5 | c3af132ea025d289ab4841fc00bb74af |
| SHA1 | 0a9973d5234cc55b8b97bbb82c722b910c71cbaf |
| SHA256 | 56b1148a7f96f730d7085f90cadda4980d31cad527d776545c5223466f9ffb52 |
| SHA512 | 707097953d876fa8f25bfefb19bfb3af402b8a6a5d5c35a2d84282818df4466feba63b6401b9b9f11468a2189dcc7f504c51e4590a5e32e635eb4f5710fd80b2 |
C:\Program Files\7-Zip\7-zip.dll
| MD5 | c3af132ea025d289ab4841fc00bb74af |
| SHA1 | 0a9973d5234cc55b8b97bbb82c722b910c71cbaf |
| SHA256 | 56b1148a7f96f730d7085f90cadda4980d31cad527d776545c5223466f9ffb52 |
| SHA512 | 707097953d876fa8f25bfefb19bfb3af402b8a6a5d5c35a2d84282818df4466feba63b6401b9b9f11468a2189dcc7f504c51e4590a5e32e635eb4f5710fd80b2 |
C:\Program Files\7-Zip\7z.dll
| MD5 | bbf51226a8670475f283a2d57460d46c |
| SHA1 | 6388883ced0ce14ede20c7798338673ff8d6204a |
| SHA256 | 73578f14d50f747efa82527a503f1ad542f9db170e2901eddb54d6bce93fc00e |
| SHA512 | f68eb9c4ba0d923082107cff2f0e7f78e80be243b9d92cfab7298f59461fcca2c5c944d4577f161f11a2011c0958a3c32896eba4f0e89cd9f8aed97ab5bc74f9 |
C:\Users\Admin\Downloads\Mercurial.exe
| MD5 | a9477b3e21018b96fc5d2264d4016e65 |
| SHA1 | 493fa8da8bf89ea773aeb282215f78219a5401b7 |
| SHA256 | 890fd59af3370e2ce12e0d11916d1ad4ee9b9c267c434347dbed11e9572e8645 |
| SHA512 | 66529a656865400fe37d40ae125a1d057f8be5aa17da80d367ebbe1a9dcea38f5174870d0dc5b56771f6ca5a13e2fad22d803f5357f3ef59a46e3bdf0cc5ee9c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\000A0FEFA4002BA4C4E7DD0373412C9B8768AEDB
| MD5 | c3d364f7d3a9711a1769a146c93af823 |
| SHA1 | 810edadb3e07f30d9b5316d5fc5eed91ba9784aa |
| SHA256 | e08dae243893bf07203df0a67d1f2859e53a9eb9a7b76870279a43a28edefe0a |
| SHA512 | b2e8215d461c40584f546d6d4a86ce9bdcca61e95958bec19fd0c29c13eaaead4f484110af146b8daba01d4dd3406eea22bc970e6c33e784c70cb35ea9d5eaba |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\0215C8DE8F05D6937B55FF8157DBCD99B7899257
| MD5 | 1983e7da3bbe6a011bc614e7b01406d8 |
| SHA1 | 492d22b20c537a994ae902cffd1e7f801177f3f5 |
| SHA256 | 7d514328173dae5bdda4560cfe67e6644000edd8d5a560be7c7d107ccb179761 |
| SHA512 | 993932f10fb1b8bad7b6a7ae19e69303c17b9f473e57f54b97c4e8b4c7761ac7c4ded36282c93403a201f3198aac10d749de7eb56a4ae696f067ef7879d97e71 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\1A701ADED0D8045B96E404ECFE81BEB8D2D5CA43
| MD5 | 01b2badf573804960aee2007c857adf9 |
| SHA1 | f40c5941e76d2d2e472d1fe3119f8c015566b864 |
| SHA256 | a19426083220d94f2ac2e3b37aa726b88f064b091b99ad34eb09d0600c374301 |
| SHA512 | 889ae0672a328ba442a4a037044b78c39f7735e58335ed8d9b77608f7359faf2309adbc543b4658a75ae3b3fff4c8b474482a9343fdcecbdbf48bad5346573d6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\1FEA972BEC302391762B719E216B977191C80344
| MD5 | 9fcb0d65fc4f9bf128771b5695d9033c |
| SHA1 | ec4ac0bd9481a32f6fef364b6c79e8e7b34e091f |
| SHA256 | 704bbf1523da91a78f64dc6989f4aabbeb8b986f59b174eb0d3bb6c3da63de0e |
| SHA512 | 3e8d3588cc0a78de9d47907e5062ea32e1840b9bc5e16889b33968d92e5bbb50195a8fae5bab3df7973a9c331f2e54958e7d220089ef3be0a81f1c3158b9660b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\150A1D3929D9968E9FFD912A054CF41FBA90325C
| MD5 | 4ede58cf42f49b001ee356b0f521441a |
| SHA1 | d87eb775debce128755c7acd7d519a5af31f05a8 |
| SHA256 | 214a362a1395da40e9d4322dbba5f92fe4307618f095bbf5112ea1959f43453c |
| SHA512 | 2bf88685f78521cedc65f742cff7b364069b7eeea05d869424ae28e507701b09d9f2c57f32dda298cf8fd2c63df9f652e98bf7fcde962be1b3d5b55308dc73f2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\13375980190C97C081E81367CC560267B2F3EE5B
| MD5 | ff6e18740b00f7ea947411d74f8171be |
| SHA1 | cea8be1f479961a65684e0f58243af4e4e0ff846 |
| SHA256 | b8b4dbb86362a0a6c6aac84d4dd532cc44242086fcaf5a0d67908be06c1c2098 |
| SHA512 | 011fea21a6074be88223a5c0d897dd16d5d4ab03a2eb3970653a7b623483251065bf4d0aece009e170504e26e6cb22716e8f63ad6b336d72a66ada42fe252e0f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\0D4EFB51691578F19FB67447FB970F8AE9938C7C
| MD5 | c76b7d77735f380de59687f520021cb5 |
| SHA1 | f3bffa0c11cda89f6eb4efce7e16bfcf935d0d33 |
| SHA256 | 8c093f876890e25bf55231826bda1681e66e55747709142b12d182ff55d9e8c9 |
| SHA512 | 6b6b774716816ebf33ea3f874cf0024b2510356f6972ad4b28e07012dc989beeac59b49bc50d3631e557db10a8419a32adb26429c33f521bef8795552678b1e0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\0BABF52A64DC7B1FCCDD563D131A086B80FE77E0
| MD5 | 445ac8e20d1ae84ab72ac31d24143eb5 |
| SHA1 | f931beaa4e1acfb7ded4b82e704b09986c0c4672 |
| SHA256 | 36715277f3cba5c16f127acb704905d386b58c64497475ade9b938b664394915 |
| SHA512 | 87352b561b8e717e3a8b1d255daa3ba56f52e844e3be83a63db2f8293227b762ff3fbb74f0d4310adb72ca3605484420bf559e1646da976cb906cae2856b3eea |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\0AE70713715ADDC709BF5E28617D4AA5FAC51607
| MD5 | 2f115ce167faaf1e2c13b4048f15c558 |
| SHA1 | 71676c922939374a7037e29e12cb80589c1de4f4 |
| SHA256 | ead2da4cfcccfe33f991569b51ffc0a3e4bfc8e41e647c9846215ae2b55becf9 |
| SHA512 | c1e78d437068cda1ca3ca408957e7b138578af7d7f462b614e86ce278e4b8d7e4d93b7dee263be7bfe91f3b5ab1ce07aa79891d91a3801cc1e00e0738b5e2315 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\0695492D440F57A0C6A77A5F02FADC5E1531620C
| MD5 | 28ebc4f35515efef9db4f452c34f44b8 |
| SHA1 | 68e79ea823b50ce902040365c293370845e8c88b |
| SHA256 | 8eaa79e26166833117f24f05e4a51ddf43cdeb7d7e66ea0470a61aebddbd6300 |
| SHA512 | 53c77f777b694e25ba1fcdf808e23af4c1ab4557245e289f5ee994c375534982372acc7eb069c6f41c89b56e86cc81cb0f0157bc878b965c4ba689ec1b6dcbfa |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\05C496ED52B190E9BDADC9B7D9B35C435584BEFD
| MD5 | 829a660588c86f9fcde4d88fad04bcdb |
| SHA1 | af5588cf4b7ec8c99d061cf3bfdeffb4a77864b3 |
| SHA256 | 6283077ae5d257db777c8907771fa18f2d38d5c36cbebd1e5dd11c9516116d65 |
| SHA512 | bc30123ba950fe150ac7e4477a952ed678befb4dfccec1d90041bc5c18cfdbf5f075365b73a3463a32ffef06c10023b9b9dd1fcd467195355e1f868396284395 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\037778A55E1B7E9BED3390289866D09402D6C913
| MD5 | eef5f61df2a824d14695ffb910d2d09a |
| SHA1 | 2f1a7f9dbaa6d314714533783a7d812c3f4e0ed5 |
| SHA256 | 39502361f57c5005f256b7b3ba3ffe17024dd05d2dd22b8ee5e4899ccb34bb87 |
| SHA512 | 691f2a2b9ce616d549d7bd8cf4fd7ad8c61c8974170b5789f845f77a4394453544c009221630e1b62292a984bb4601f1dd552b2d68c59c6660102b308b860db1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | f7ae9977f0af0dc515e796f580656171 |
| SHA1 | 05fa20c032c4826a92a35a4efc83ccc1b1cc25df |
| SHA256 | 9977ff6ca9ed32c166c285bc952d9a4d7d0375f751df3a99ae24673865159233 |
| SHA512 | ff38f8e5b68259e33bc2bdae3e3548fe4028e1b1a9c4bc4a4f993b31397d883a922d2e09c7177886cfa9fdbd5a174739c9219b1089b014b54780bb9fb7b9bba1 |
memory/3736-1902-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-1915-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-1916-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-1936-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-1943-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-1962-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-1969-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-1970-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-1980-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-1981-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-2000-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-2007-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-2023-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-2030-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/3736-2031-0x0000000006070000-0x0000000006170000-memory.dmp
memory/3736-2074-0x0000000006070000-0x0000000006170000-memory.dmp
memory/3736-2093-0x0000000006070000-0x0000000006170000-memory.dmp
memory/3736-2103-0x0000000006070000-0x0000000006170000-memory.dmp
memory/3736-2134-0x0000000006070000-0x0000000006170000-memory.dmp
memory/3736-2165-0x0000000006070000-0x0000000006170000-memory.dmp
memory/3416-2217-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2230-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2231-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2245-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2260-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2279-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2286-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2293-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2306-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2307-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2320-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2324-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2343-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2350-0x0000000005920000-0x0000000005930000-memory.dmp
memory/3416-2357-0x0000000006540000-0x0000000006640000-memory.dmp
memory/3416-2394-0x0000000006540000-0x0000000006640000-memory.dmp
memory/3416-2419-0x0000000006540000-0x0000000006640000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | e495fba3a13b8f09b49d559aea264b6e |
| SHA1 | 44abd7a5bb99178da277ead33f89a4e86901e2dd |
| SHA256 | 229b325365c951d06574ef72e5c3770a5e88c49474ece8e5d8a0c80fc03adcdd |
| SHA512 | 82ed724cf7204b6740d6dd9b3f00dd37c2ba9f0a7a6e26746d6abf0deda5622a30f8dac639d992ed979026d1efc5e5b038ba222d59d12b0a8b3a7fe560f2ac4d |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\250EE2BC03AFF526F1A1C3DB212A79DE3EB60D5E
| MD5 | f54f190b74138fafcb7743f246afb65d |
| SHA1 | 1b4ef84ed12375d39babf9f72ebb85b58b3df98d |
| SHA256 | abdce8317c4ab18690202e01c33fee04df174012e6841a7e5d2eb2ad65c5fc99 |
| SHA512 | 539c62d423977e23fdfdef50249b4dd568cac904cced7b62e4ea5cff2127e32a1bfd8a547f937a7510112ddb9a0cbac69c18940ca92440a16732be58a8816bbf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | b671a98854978a885e073a88bdc13145 |
| SHA1 | 86bbb98edcb838829f1e34703a88d6585f616d1f |
| SHA256 | aa5baeacd29edc747a134c743b57dc4a146146596cc76f34931af16727308bf4 |
| SHA512 | 06c7e2861f1fdd25cbccc2a00e76cac48d7432cacd17faedfa29697bab75fc378d287f538bc35be7902ecbdfd5f1ef9a9c241d338dda4b760338b511141229a7 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ccf2ad90f97ab6a59493c078318becc8 |
| SHA1 | 5a596dcee909daf6ae615ea612db51b00f99459c |
| SHA256 | 1696a4d36841fb6e9e7411a5f9c6ddb371de77d7476b0ea9b049caabe1c8b252 |
| SHA512 | 2ccab53a3100ecc10ca8e87a5dbaa02dc0c290209b8c14e0a230fa293ba975914278fca2019fbb0b880c8efe086438a2dca3ea8a91cf2520a50657f3c3e64b24 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 27ab292d7b71881a71717d487185beaf |
| SHA1 | bc938ff9d21fd07f2836a15973a0efdd49b4ad08 |
| SHA256 | 729bccbd5b9bccdec6c6ac22b8b1e217378579524a2ad8000de32ec854579f94 |
| SHA512 | 4b231f9e001d589a8e57f123e91c2a6b85377c9ff57e68c8db6313b64e3ad5a2a158054ac51705ae560363613b1c08702b9d47d55b06bf89d18beee1849a032c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 1c09f1681800866e33e69adf228ed5ec |
| SHA1 | 53d83dc50e86bbc6c7f78d54bbbb91b9e433ad04 |
| SHA256 | c4ee9ec160d996b5f34bf5fea2747ad4ae1348393879acfe9eec4001e0c35c43 |
| SHA512 | 005c329b59b95495dc6204bc6ca2a32d43c1f02ac9b492cd71cfcb986a782c22edb10e3471e324d8af7180496e643100aea779de1a546c003de9ada41e684d2b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 38a0f935df031932b71dd3dff8ebaad9 |
| SHA1 | ae8c6e8d67feb6ffdec6eedb4f08ee76c9443401 |
| SHA256 | bf113b05b39c879aacb70ddb10e102de9b970c5108628784362a16682ec4ee6d |
| SHA512 | 36a58b983f65d0e87e07eba8e7d9efc57962e4a7f2fe769e46f7e9d5912e25000c05f49475c6e99affd8b0c2d2c7685ceeb7ea5d63ac743abd4c8fde7d4f1126 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\52ACDF6A227197C103843ECC9309C07E7D40130F
| MD5 | 1064d89b45fa2fe1923e3583c564d319 |
| SHA1 | cab85fe8602c64841785f1b6248eb113baf0ff8e |
| SHA256 | df93924f05091fca013c78bfcc41828861b4fc21e50bc4dfc37f26c18aa81cae |
| SHA512 | 61bc60072e4ea852f2d9be9d54e1ce8c3a31344eb1755a5465168aec5d5e616bc09633e628366249b8822fc1345f42f1dab6cf9eba79f7f7f723c4ce86d065f1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\thumbnails\c9e626258b56c126eeb9839a3833c741.png
| MD5 | 7b4a4086cbd9f0e3e22b073ea02fd91b |
| SHA1 | d80b1d32ca8c792e43257c0853a1a017a6645223 |
| SHA256 | 25ec220fabe477a8ee98bb5edbbc3547f66c8bde8ce1a9d6c1028d53adff86da |
| SHA512 | 59a75d329c0486005945000a45664bde3cefd64e5078bf1caedb5404d9e1998f6b5330d61540bab6e264d1336b937c6fbe8f70a6bc1e52bfef7d4823c82d3ee7 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | d936d38220ce72727a57ec44668cb6f2 |
| SHA1 | e73e949f851f85bc00ed56514d608a1433a47b55 |
| SHA256 | 68af55bfd825bd9468030e5649df56066898a1874c752f8a7b338dd78958da48 |
| SHA512 | 02e19aec99c7efa2f6bf3cf5e6539b0b02bf8b39328ebd7676228d8a0c1db0cdd2bd349d270420c548083497a9263a6d810d46c644dcde3a61488ced4ec7fcbf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 7fceab4dffb7bc3865c619ca011dfb9f |
| SHA1 | 95f78f06b8fc7b3cc954bf086101d1312150ff50 |
| SHA256 | 2717e2800369db68317531eadc03f0d79490395d21fc6a2d4fd5d0886904ffac |
| SHA512 | 7fb6855692b422cd6b51138d2772564017e787680a5c06194c9a72a66c70e5ab7179c88479f8e2f4e58d2062bc4f1ca7f63e346ac8e0bc1bf31bbe5481819485 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | c359f2c87e43ad6e1e8fae9042bfd561 |
| SHA1 | ade0ed633b20feb2557303ab52fc8b6212f4a62b |
| SHA256 | dabc4c4512543316df7c21a22a192c77493254a608a476c1990495990d3fe428 |
| SHA512 | 03920484f1b3aa2353220bbd87ec62fc31d133eacd94fe146012a5f33697aab815a41cd7d0530f01b4f53c75ed04c4bc9698308793f162c318a310cf3ce6ed1b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\5E3F231055825CEC7AE91E91A990320D4AE9B0A7
| MD5 | 3ccb9cd260d0c82986438dc04d55f0e9 |
| SHA1 | 411d4a28ef3725db49116673ff31d785a700b7f1 |
| SHA256 | 1533a2242bd15f8fd67baf5e515aea0e594f8fdcff3311a218a098b02759e35c |
| SHA512 | 6c423bf20cb6e2739a4df9b537721269606c0f4d93b5980d94821595feccae54838d3f661d50a413b98e483054ad02eff416e064e1ae02e128ee385686b6650e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\46452CEA1D6AA2BF58B5942C88BD664FF9175EFC
| MD5 | 12f6060da194f6e0849438adfdf6ca6c |
| SHA1 | eb71f3eef37d14028427de78770e4c4ac9fba4f2 |
| SHA256 | b44fa6d108327298539a4711ff8477f1255de3900cd1ede0aa432f937c28ed73 |
| SHA512 | 4fb23fed23a5c0f0c89f7d0566d096c813a0f40e3193c07000e9bcd0deba4087baf847633814751cf4acf5368bd87c39a625aaa9d1d1e64764d789130f28f6a5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\5F7216BE067F23FC46339B6A8BB34CFFFBC1F64D
| MD5 | ce67968033093fee1d193b1807fda0cb |
| SHA1 | 21a1c2d50973f9095137b01acd989b7e54ba8f33 |
| SHA256 | 694986316c3693f3c49aec6167ff3b4859af61f29aacc105005d3a04e52d1451 |
| SHA512 | 541ffcef147df739a9bb740862a3efe65ebadcf9fffc1d63d9e12f889c722a9a412dedbc5549f3380ea1f3adec83be3f49c324b2257d5906bf040ecb36e192eb |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | d5734cb7ad7f27e8d11381c25eb96496 |
| SHA1 | 98c7cccb04a6bb20e9b30faf104cdbc20718aaaa |
| SHA256 | be11b9fb73070c9dcf8f5bfb7772e3d66b7bd5ccc3552a2da3a244f191bd961b |
| SHA512 | 242002a509d94998ef0c011b7ea3d957ef98824f6206085656c23bd245e78db25fd1101ba47dd827081fc3428ca17cd3dd4141590a4ba1e2535fb5c371f40d62 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\jumpListCache\cpjcLGDSOntlwGmTyN141w==.ico
| MD5 | 88a2dd6219e96abc4f0287585b87920f |
| SHA1 | 59876829dc29a91c7011f7264e31ffe9feacd5e6 |
| SHA256 | c98dd841910c481f11f6084c7d1f96b69672d67e6cedbfb4fc6c3a9a66798a64 |
| SHA512 | 4f5fc0c9102c625fdfad58406d30685d085a626344aec3af56c4326ddf0ba80c77c787f2bcf368893e3fda553e5e58e0cce8b1ebaca684120817d6abe9697b51 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | f848d53a52b94abe66acab8ce6f1aa6b |
| SHA1 | 0eb2f53d40724717845c6c9058b2f6e2aec33440 |
| SHA256 | 7da7092811ec506d79cbd2539198949b9e60b6b737f30116473eee2dff215a58 |
| SHA512 | 2e364320365375124ea8d8505d40cd1a0f670a9b0110141e55e6bedf777d5ce2c1160f60fa289c7befc14a92a0f5814683442a4f10d63cf7374060b8abc8fecc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\thumbnails\b227cffe21e41ca3fd1074d88bf4310b.png
| MD5 | 867a4f264840ee14096f97384783ab90 |
| SHA1 | 5d457f5c191a3aec6b79a8c39c08a94fd3b8edcb |
| SHA256 | d9c2702a846cafa946e346ce47df20102af6d4b602753729299a54408d92cfe2 |
| SHA512 | b7e394c9f239baba188b5ccf2e8414e2700467d9b6c0c866c8c9c5245abab5312e2c4c8f43f509616dfe174dfff578ed6091884123b987841e911ceb6d0464c2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 1e0fa40e21c40a3997cce0409c065371 |
| SHA1 | abd1fb478d230b7d9632e9aac3a0985188bdd493 |
| SHA256 | 3ea1f65d307637587ceb78a6080eb7044bbeb48bf170d783d6ef84124ecb4e87 |
| SHA512 | 2196011213c53af7c5fbd39193d5192e7163eca97eed5fe4d5fa4e9db5c0ebb115aa39fdc54e350ff912b8cf8e5d29befd8511c36ebcc4a093891bfa1c2e4f3c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\broadcast-listeners.json
| MD5 | 72c95709e1a3b27919e13d28bbe8e8a2 |
| SHA1 | 00892decbee63d627057730bfc0c6a4f13099ee4 |
| SHA256 | 9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa |
| SHA512 | 613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\extensions.json
| MD5 | 2c3184c50a316326153fe7900e01d8f2 |
| SHA1 | 2208bd31827ed3b7f61b367b307d06946fc360d3 |
| SHA256 | 9eb5d9b22ebba6c3f880b43a0539fce4760f2496aea9f07094e70a03b368eb5b |
| SHA512 | dbe61d9270aa74f8457eeaa02584f1a7f4653ff7a4c89ee2271d1166d7fe7bd0ec8aefbad6b6d47669e6f03b28870978df86d3aa4bd126e49cad91c69883bb03 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionCheckpoints.json.tmp
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\recipe_attachment.json
| MD5 | be3d0f91b7957bbbf8a20859fd32d417 |
| SHA1 | fbc0380fe1928d6d0c8ab8b0a793a2bba0722d10 |
| SHA256 | fc07d42847eeaf69dcbf1b9a16eb48b141c11feb67aa40724be2aee83cb621b7 |
| SHA512 | 8da24afcf587fbd4f945201702168e7cfc12434440200d00f09ddcd1d1d358a5e01065ac2a411fdf96a530e94db3697e3530578b392873cf874476b5e65d774a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_travel.json
| MD5 | 48139e5ba1c595568f59fe880d6e4e83 |
| SHA1 | 5e9ea36b9bb109b1ecfc41356cd5c8c9398d4a78 |
| SHA256 | 4336ac211a822b0a5c3ce5de0d4730665acc351ee1965ea8da1c72477e216dfa |
| SHA512 | 57e826f0e1d9b12d11b05d47e2f5ae4f5787537862f26e039918cb14faff4bc854298c0b7de3023e371756a331c0f3ee1aa7cebbbf94ec70cdfc29e00a900ed1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_shopping.json
| MD5 | 97d4a0fd003e123df601b5fd205e97f8 |
| SHA1 | a802a515d04442b6bde60614e3d515d2983d4c00 |
| SHA256 | bfd7e68ddca6696c798412402965a0384df0c8c209931bbadabf88ccb45e3bb6 |
| SHA512 | 111e8a96bc8e07be2d1480a820fc30797d861a48d80622425af00b009512aacb30a2df9052c53bfbf4ee0800b6e6f5b56daa93d33f30fecb52e2f3850dfa9130 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_computers_and_electronics.json
| MD5 | 6ccd943214682ac8c4ec08b7ec6dbcbd |
| SHA1 | 18417647f7c76581d79b537a70bf64f614f60fa2 |
| SHA256 | ab20b97406b0d9bf4f695e5ec7db4ebad5efb682311e74ca757d45b87ffc106b |
| SHA512 | e57573d6f494df8aa7e8e6a20427a18f6868e19dc853b441b8506998158b23c7a4393b682c83b3513aae5075a21148dd8ca854a11dabcea6a0a0db8f2e6828b8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_sports.json
| MD5 | ce4e75385300f9c03fdd52420e0f822f |
| SHA1 | 85c34648c253e4c88161d09dd1e25439b763628c |
| SHA256 | 44da98b03350e91e852fe59f0fc05d752fc867a5049ab0363da8bb7b7078ad14 |
| SHA512 | d119dc4706bbf3b6369fe72553cfacf1c9b2688e0188a7524b56d3e2ac85582a18bbee66d5594e0fb40767432646c23bf3e282090bd9b4c29f989a374aeae61f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_science.json
| MD5 | 7a8fd079bb1aeb4710a285ec909c62b9 |
| SHA1 | 8429335e5866c7c21d752a11f57f76399e5634b6 |
| SHA256 | 9606ce3988b2d2a4921b58ac454f54e53a9ea8f358326522a8b1dcc751b50b32 |
| SHA512 | 8fc1546e509b5386c9e1088e0e3a1b81f288ef67f1989f3e83888057e23769907a2b184d624a4e4c44fcd5b88d719bd4cca94dfb33798804a721b8be022ec0c6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_jobs_and_education.json
| MD5 | 2d69892acde24ad6383082243efa3d37 |
| SHA1 | d8edc1c15739e34232012bb255872991edb72bc7 |
| SHA256 | 29080288b2130a67414ecb296a53ddd9f0a4771035e3c1b2112e0ce656a7481a |
| SHA512 | da391152e1fbce1f03607b486c5dea9a298a438e58e440ebb7b871bd5c62d7339b540eed115b4001b9840de1ba3898c6504872ff9094ba4d6a47455051c3f1c5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_real_estate.json
| MD5 | 9899942e9cd28bcb9bf5074800eae2d0 |
| SHA1 | 15e5071e5ed58001011652befc224aed06ee068f |
| SHA256 | efcf6b2d09e89b8c449ffbcdb5354beaa7178673862ebcdd6593561f2aa7d99a |
| SHA512 | 9f7a5fbe6d46c694e8bc9b50e7843e9747ea3229cf4b00b8e95f1a5467bd095d166cbd523b3d9315c62e9603d990b8e56a018ba4a11d30ad607f5281cc42b4cd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_people_and_society.json
| MD5 | b1bd26cf5575ebb7ca511a05ea13fbd2 |
| SHA1 | e83d7f64b2884ea73357b4a15d25902517e51da8 |
| SHA256 | 4990a5d17bea15617624c48a0c7c23d16e95f15e2ec9dd1d82ee949567bbaec0 |
| SHA512 | edcede39c17b494474859bc1a9bbf18c9f6abd3f46f832086db3bb1337b01d862452d639f89f9470ca302a6fcb84a1686853ebb4b08003cb248615f0834a1e02 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_autos_and_vehicles.json
| MD5 | 39b73a66581c5a481a64f4dedf5b4f5c |
| SHA1 | 90e4a0883bb3f050dba2fee218450390d46f35e2 |
| SHA256 | 022f9495f8867fea275ece900cfa7664c68c25073db4748343452dbc0b9eda17 |
| SHA512 | cfb697958e020282455ab7fabc6c325447db84ead0100d28b417b6a0e2455c9793fa624c23cb9b92dfea25124f59dcd1d5c1f43bf1703a0ad469106b755a7cdd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_internet_and_telecom.json
| MD5 | 36689de6804ca5af92224681ee9ea137 |
| SHA1 | 729d590068e9c891939fc17921930630cd4938dd |
| SHA256 | e646d43505c9c4e53dbaa474ef85d650a3f309ccf153d106f328d9b6aeb66d52 |
| SHA512 | 1c4f4aa02a65a9bbdf83dc5321c24cbe49f57108881616b993e274f5705f0466be2dd3389055a725b79f3317c98bdf9f8d47f86d62ebd151e4c57cc4dca2487c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_pets_and_animals.json
| MD5 | 5b26aca80818dd92509f6a9013c4c662 |
| SHA1 | 31e322209ba7cc1abd55bbb72a3c15bc2e4a895f |
| SHA256 | dd537bfb1497eb9457c0c8ecbd2846f325e13ddef3988fd293a29e68ab0b2671 |
| SHA512 | 29038f9f3b9b12259fb42daa93cdefabb9fb32a10f0d20f384a72fe97214eff1864b7fa2674c37224b71309d7d9cea4e36abd24a45a0e65f0c61dc5ca161ec7c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_online_communities.json
| MD5 | 37a74ab20e8447abd6ca918b6b39bb04 |
| SHA1 | b50986e6bb542f5eca8b805328be51eaa77e6c39 |
| SHA256 | 11b6084552e2979b5bc0fd6ffdc61e445d49692c0ae8dffedc07792f8062d13f |
| SHA512 | 49c6b96655ba0b5d08425af6815f06237089ec06926f49de1f03bc11db9e579bd125f2b6f3eaf434a2ccf10b262c42af9c35ab27683e8e9f984d5b36ec8f59fd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_books_and_literature.json
| MD5 | df96946198f092c029fd6880e5e6c6ec |
| SHA1 | 9aee90b66b8f9656063f9476ff7b87d2d267dcda |
| SHA256 | df23a5b6f583ec3b4dce2aca8ff53cbdfadfd58c4b7aeb2e397eade5ff75c996 |
| SHA512 | 43a9fc190f4faadef37e01fa8ad320940553b287ed44a95321997a48312142f110b29c79eed7930477bfb29777a5a9913b42bf22ce6bb3e679dda5af54a125ea |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_games.json
| MD5 | 4182a69a05463f9c388527a7db4201de |
| SHA1 | 5a0044aed787086c0b79ff0f51368d78c36f76bc |
| SHA256 | 35e67835a5cf82144765dfb1095ebc84ac27d08812507ad0a2d562bf68e13e85 |
| SHA512 | 40023c9f89e0357fae26c33a023609de96b2a0b439318ef944d3d5b335b0877509f90505d119154eaa81e1097ecfb5aa44dd8bb595497cdecfc3ee711a1fe1d5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_finance.json
| MD5 | e95c2d2fc654b87e77b0a8a37aaa7fcf |
| SHA1 | b4b00c9554839cab6a50a7ed8cd43d21fdaf35dc |
| SHA256 | 384bf5fcc6928200c7ebb1f03f99bf74f6063e78d3cd044374448f879799318e |
| SHA512 | 9696998a8d0e3a85982016ff0a22bb8ae1790410f1f6198bb379c0a192579f24c75c25c7648b76b00d25a32ac204178acaccd744ee78846dfc62ebf70bf7b93a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_beauty_and_fitness.json
| MD5 | 0ed0473b23b5a9e7d1116e8d4d5ca567 |
| SHA1 | 4eb5e948ac28453c4b90607e223f9e7d901301c4 |
| SHA256 | eed46e8fe6ff20f89884b4fc68a81e8d521231440301a01bb89beec8ebad296b |
| SHA512 | 464508d7992edfa0dfb61b04cfc5909b7daacf094fc81745de4d03214b207224133e48750a710979445ee1a65bb791bf240a2b935aacaf3987e5c67ff2d8ba9c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_arts_and_entertainment.json
| MD5 | 6c651609d367b10d1b25ef4c5f2b3318 |
| SHA1 | 0abcc756ea415abda969cd1e854e7e8ebeb6f2d4 |
| SHA256 | 960065cc44a09bef89206d28048d3c23719d2f5e9b38cfc718ca864c9e0e91e9 |
| SHA512 | 3e084452eefe14e58faa9ef0d9fda2d21af2c2ab1071ae23cde60527df8df43f701668ca0aa9d86f56630b0ab0ca8367803c968347880d674ad8217fba5d8915 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_law_and_government.json
| MD5 | 80c49b0f2d195f702e5707ba632ae188 |
| SHA1 | e65161da245318d1f6fdc001e8b97b4fd0bc50e7 |
| SHA256 | 257ee9a218a1b7f9c1a6c890f38920eb7e731808e3d9b9fc956f8346c29a3e63 |
| SHA512 | 972e95de7fe330c61cd22111bd3785999d60e7c02140809122d696a1f1f76f2cd0d63d6d92f657cdec24366d66b681e24f2735a8aabb8bcecec43c74e23fb4f5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_health.json
| MD5 | 11711337d2acc6c6a10e2fb79ac90187 |
| SHA1 | 5583047c473c8045324519a4a432d06643de055d |
| SHA256 | 150f21c4f60856ab5e22891939d68d062542537b42a7ce1f8a8cec9300e7c565 |
| SHA512 | c2301ed72f623b22f05333c5ecc5ebf55d8a2d9593167cc453a66d8f42c05ff7c11e2709b6298912038a8ea6175f050bbc6d1fc4381f385f7ad7a952ad1e856b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_business_and_industrial.json
| MD5 | a92a0fffc831e6c20431b070a7d16d5a |
| SHA1 | da5bbe65f10e5385cbe09db3630ae636413b4e39 |
| SHA256 | 8410809ebac544389cf27a10e2cbd687b7a68753aa50a42f235ac3fc7b60ce2c |
| SHA512 | 31a8602e1972900268651cd074950d16ad989b1f15ff3ebbd8e21e0311a619eef4d7d15cdb029ea8b22cf3b8759fa95b3067b4faaadcb90456944dbc3c9806a9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_food_and_drink.json
| MD5 | 70ba02dedd216430894d29940fc627c2 |
| SHA1 | f0c9aa816c6b0e171525a984fd844d3a8cabd505 |
| SHA256 | 905357002f2eced8bba1be2285a9b83198f60d2f9bb1144b5c119994f2ec6e34 |
| SHA512 | 3ae60d0bf3c45d28e340d97106790787be2cc80ba579d313b5414084664b86e89879391c99e94b6e33bdc5508ea42a9fd34f48ca9b1e7adfa7b6dd22c783c263 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_reference.json
| MD5 | 567eaa19be0963b28b000826e8dd6c77 |
| SHA1 | 7e4524c36113bbbafee34e38367b919964649583 |
| SHA256 | 3619daa64036d1f0197cdadf7660e390d4b6e8c1b328ed3b59f828a205a6ea49 |
| SHA512 | 6766919b06ca209eaed86f99bee20c6dad9cc36520fc84e1c251a668bcfe0afcf720ea6c658268dc3bbaaf602bfdf61eb237c68e08d5252ea6e5d1d2a373b9fe |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_home_and_garden.json
| MD5 | 250acc54f92176775d6bdd8412432d9f |
| SHA1 | a6ad9ad7519e5c299d4b4ba458742b1b4d64cb65 |
| SHA256 | 19edd15ebce419b83469d2ab783c0c1377d72a186d1ff08857a82bca842eea54 |
| SHA512 | a52c81062f02c15701f13595f4476f0a07735034fcf177b1a65b001394a816020ee791fed5afae81d51de27630b34a85efa717fe80da733556fdda8739030f49 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_blogging_resources_and_services.json
| MD5 | c82700fcfcd9b5117176362d25f3e6f6 |
| SHA1 | a7ad40b40c7e8e5e11878f4702952a4014c5d22a |
| SHA256 | c9f2a779dba0bc886cc1255816bd776bdc2e8a6a8e0f9380495a92bb66862780 |
| SHA512 | d38e65ab55cee8fef538ad96448cd0c6b001563714fc7b37c69a424d0661ec6b7d04892cf4b76b13ddbc7d300c115e87e0134d47c3f38ef51617e5367647b217 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\personality-provider\nb_model_build_attachment_hobbies_and_leisure.json
| MD5 | bb45971231bd3501aba1cd07715e4c95 |
| SHA1 | ea5bfd43d60a3d30cda1a31a3a5eb8ea0afa142a |
| SHA256 | 47db7797297a2a81d28c551117e27144b58627dbac1b1d52672b630d220f025d |
| SHA512 | 74767b1badbd32cacd3f996b8172df9c43656b11fea99f5a51fff38c6c6e2120fae8bdd0dd885234a3f173334054f580164fdf8860c27cbcf5fb29c5bcdc060d |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | a4a699ce30114e1b7df84b9eef0e8ecf |
| SHA1 | 88553fe5c82c4560967fcb8cef681c242861aeda |
| SHA256 | 4f70af590aab5d5bc041d608f75289d76e21b062f9bf4acfee01a1cba0a03007 |
| SHA512 | 28a4b029b5dba9f2bc760aece3bf19478ab120ba1c22a86349d256646c0b89265e94c41afaaa6b06a56f25fda81563684714a754be1173be2166488eaabe1411 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\bookmarkbackups\bookmarks-2023-04-25_11_thoKC1ApEP-+BgLfLlfjTA==.jsonlz4
| MD5 | b2b2915d6081f7808ebede03e2e04d30 |
| SHA1 | 0d039b73b50cc94beee2f1d73b100d7a6bcac68b |
| SHA256 | 8e663627d0af4ec65e63cad998ba2d83addc8dd1a413fa4d2e4833046c8b5efa |
| SHA512 | 230bf0145fe380fb3a8cc4331264200c155100f88a303d655cbadcc2865b63d29a4a1f1205c3a8dc5fbfbdb521c5da748a75f963bbd03a0e9f8c32d139325153 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 4f3753999058d75e50f62c208a8bbb4d |
| SHA1 | e41871f0abd0be300f4d2e345df1f40e33864ee9 |
| SHA256 | 380bbe7e87cd9480995109294327eb9fe3b7e696d9a76c9b3ddb6556d01303ed |
| SHA512 | e72cbbed13a16637b8d55945adb5745cef2a45aa84f482dc5129af7ca63c6d96043993ae3ebf441332ae9d32049c353539d707d9c76ec5233c78f44507d73b30 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore.jsonlz4
| MD5 | b94d2a50c91f1a3824fce5d9723fe6ca |
| SHA1 | 8202dddfeeb233323dc34c8111e86d504dbbf751 |
| SHA256 | 6919032dd70e3a338eec7ab04ed5b071f401ec3f4dbddcd4bfdd4bca146c2fe4 |
| SHA512 | 762b45541074f3ccf86cb5c227dd8e071d87ec69647e77f141706352f4284241957177eea89b953b30d56e445132335277f5af7e5f356a4736e3656706bc4493 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\favicons.sqlite-wal
| MD5 | 394b400a4bbbf1d69129f2fdd662d61a |
| SHA1 | 0db1b2c70775324a89b660983e2438ac931bee26 |
| SHA256 | e95ec887be82a80438ec7ad102f5957a90f1514e8f43994ee2f7c60158deaea8 |
| SHA512 | 18db1a8e6baea1f1ddc7079f4aaea035fd1278cd27eb97b60681ad493f7ac736b72adf4c78313dd3123c169d8768ed0f001b0baf02e75b7a8b150e291ed5833b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\places.sqlite
| MD5 | dc143c230c004b707ceb6b3c9b10d70a |
| SHA1 | b7ef92a2b0c9ae0af56c9885e0dcb3bf08e5c2b1 |
| SHA256 | 7c3108a673a5dd33ee54ccf875683401fd057a219dca3410001ce5627b631bf1 |
| SHA512 | ea41e69d83c3867328a7de955a4a0dfacfc22853d686ae00caf048721cc4935ab46501c4ddc6ed80e416dd4fcd742185c6cf8cc139580392f23ae70b9d92ef30 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\places.sqlite-wal
| MD5 | 837b5fb0ef5e99527d518321f5f62e62 |
| SHA1 | 792be1d782bad49fe232f2c06660dc924654b639 |
| SHA256 | eb5096921ea23db82452a1c20505092acda851028b4dedcfc21c571bdefc0540 |
| SHA512 | e03251337299bbabd270ab2a4e6c002cd42f8663c783508006bdfb5a83c96f1778857a340f602aa1033e8f72a52eabfcec3a0fd9dd5d0d2dc07db4f075845b0f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 68ce7754c252ecc86cfcc263d5a05295 |
| SHA1 | b4451f08c81cfc7a6c433cdb7230c833dddd1f9f |
| SHA256 | 197fd0e8ab643202cd6014f8f8bf727e9012494fc29dec612c3e05590b3a6afa |
| SHA512 | 83484af60d731389bb703585bbb30973e5339d1a529a780122ced36d8ab40f2413cd7a8130b50a1d09d692ecb4484b7465125a05f4a0621e2435a1b253788720 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 2c09da6de7985d381b605d99183cc421 |
| SHA1 | 06739c049630067f8d523900cebe9adafc3748d5 |
| SHA256 | 495530a2940529a0e80d8f6bdd04f72441f3ea895f2dea61bf113ca365beb99d |
| SHA512 | 99587bf44e3224b1482a4717741433140af8186da20f694ca5723b70f2af64029b875bb1eb16d990224927285a01b65efe3969ec298c2f5ccf3870839e819b09 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | ed24a6a1e188ad8bc3290dba356af1eb |
| SHA1 | ff434eee3d6f1850392cdf05ec9fff57fba45a0e |
| SHA256 | eb159962028e7911d363fd68c6110745f98b58c12a5458f1be2246b8f87932e3 |
| SHA512 | f2dbb769e41decc462ab6a0468a3da4c8ca3902e7a36548ef3546b6617c01aa89215eda02aee034398a39acebbbead103ca7c7ac29d0b631b1f0e711838a12ad |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\broadcast-listeners.json.tmp
| MD5 | 5429f45616b044c4a8af796341b9ca5b |
| SHA1 | f8d9129f99e5b8042d7e60fcc1329395159fc1e4 |
| SHA256 | 51c24ee4f65276cc59e6e2a5f4642f73ffe8eb14c166505cae8caacf6b64a75f |
| SHA512 | 50acc14d919ea5bb82c72bf9b2b0f21f677e840a45ab878b192cb37fafcf21a6f701d1a9f1c119759c7524fe75d363e9ee85155814c7ad8f5f05ca4aa167fc23 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 88025c033ddd8071584c8e691b6e4482 |
| SHA1 | f2bf55024d75a692c9d6bafcee24137e3d6a59b9 |
| SHA256 | 67aeb12bd8e84980d25f5396800755de2076c5447f22e23e2978268d60081023 |
| SHA512 | 2886a7644e97016b58af907e003b0c529c4742eec15386c0885073defa8e813856692342b97c391ca40fdf5c877b7ea8aaff3702166f594050e2815ec893c1ab |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 12c88612b2fe6385f7c0171e524d0664 |
| SHA1 | b19226af0d431991940417ae83ccabfe9bdd2ddd |
| SHA256 | d0fd0f420f55c6416e0a1bcecf61096d3fdc0b339dc13307cf425abfdcad9d34 |
| SHA512 | 87ddb8fcab5b3416c584c2c2c3c274e0454078c4089c52f1be4590faf78b18388d538807dba6c48d38f137c46154a97548770a57d55f0e5585387d88705e0a24 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | fc8ec3e2db63e53b7c1d46ebf56797fc |
| SHA1 | f51807de7395226c00da05464bb8548ea397f36a |
| SHA256 | 9bf0b0eafef0ea849be405cb48cc0f4aa80914f73c01b285dd2141af5baec826 |
| SHA512 | f80cc26ca1724fd09b17c2402bda1a28c7801eb6b808d6de653772eb03947b922967605ab714745128656e870845a6b9f7654a81b317e87dc3689814cb204a24 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | f6ab3180101fd22a5ad819ddb4c1dc09 |
| SHA1 | f74df73bea952ef7a706312b54fbf989316b14be |
| SHA256 | 12bf64d3ce6fc01fb98b772e619afc78438457560e6db8eabba4c7cf36a36316 |
| SHA512 | 2ca7e5ea4fd9c53631c7ddb889f3f530b4dfda30001b3515b6783246daee4584f676a4a339a90c76cf4e02576b899697db5605d793b23e14fa8b9ce1e298993a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\crashes\store.json.mozlz4.tmp
| MD5 | a6338865eb252d0ef8fcf11fa9af3f0d |
| SHA1 | cecdd4c4dcae10c2ffc8eb938121b6231de48cd3 |
| SHA256 | 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965 |
| SHA512 | d950227ac83f4e8246d73f9f35c19e88ce65d0ca5f1ef8ccbb02ed6efc66b1b7e683e2ba0200279d7ca4b49831fd8c3ceb0584265b10accff2611ec1ca8c0c6c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 910df1e73e05f001de4b391829f03f49 |
| SHA1 | d97b5392aa11204f624157fd424e03d2e37d6711 |
| SHA256 | 5aaf4ac9b69510018262995e5d365cf182f1780f416aa5fad81c72ce449a8edf |
| SHA512 | 1b7249e12078151160ef2d2d699991fe715be2d3bbb588d6e0cde4fed927837bfdd926782d61744ccd15e5fb4fbb8e875dc2e0391bf2d66015b880fdb257843a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\40371339ad31a7e6.customDestinations-ms
| MD5 | 1c3f32451ca67544cc9aea1d8a5216a3 |
| SHA1 | 117201928ccbe09c088acb0b345847f0e0a80732 |
| SHA256 | d6daa214ee89c886d185c29aaa1bb0bb5a5f71f1ccd9f7819bdeeb498f76e275 |
| SHA512 | e2a0dea2bc95535fd1edfbc1cfb561e86ca079d5ee08ffbdddf8a1e962a85e0d057ea6a933580298573ee1b59dd3d07d1bafb2ceb166049aef380e807b0220b8 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 8c01994e1278f295b805c154353a925a |
| SHA1 | b83698d0e1f3495740e6002d71374904ae01ee2f |
| SHA256 | 2672a6bccd4390ff6db8c1874a673541fa65b7a9fd6be84e76d54358da462b58 |
| SHA512 | 60aa43c341db9c1dd9d1c2613438a60664953a327ad3c24d54850e8d1b4010a68e888547e39bd8ea927917ddb50d3449167efb870108f0dfa0df9af3bd99fd51 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 83736bc0d6b18cf715e6c0bd1493eebb |
| SHA1 | 9dd7288bf3abe49e2b90398e6a32f78a6702ffd9 |
| SHA256 | 5a10d71f98d722010105b05c941eceb88f44e57dfa6d7b16ed84231cfc5be715 |
| SHA512 | 216bf8f3c5317ca6daa465bf7506624dc99d8f770375707f0b1e10bc468a43ffff5468307d5c88bb684d17c2a675e0995abd1c31aed7732182ca927eaa251bba |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\5BDCAA308EA0EAE912B0F679E47174ABE7C2F7E0
| MD5 | ac7d418306843cf46a4fba6367b5dc9d |
| SHA1 | 613ade096cc95b2712787c8a928ef507c3b25c5f |
| SHA256 | 6e7c90808edc04d68077fd0b1c1f660bc896cad9936900f5136faf5df0e4e7b4 |
| SHA512 | 7cca421c7e4bd43a8854c15e797a65561c194682cea97fcc19f769bc2b83a0f3ee2c2f6c3d01149ee83649bd1d1b93357ee581d845277db2b66d401b99826388 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\C01A5A91B3215B34E7411A2001698454305F7026
| MD5 | b0c55aaa23fa3d214935e14b48b29060 |
| SHA1 | 9f600ffe00230f50302e13e99670a9eac2b8f2b6 |
| SHA256 | 3205cf9726aaf515a6ac09a5ba7adb4db8f6ea3303407962f76c2d8b5159e779 |
| SHA512 | 8078357162f49014b4291703ebd0977d3cbfc94bbf82a7244c41fba7daa8f19fe239ea41f8a2e2491a18bac835de4d8ee97cc788ae8c14555987718e6e934511 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\85C3231D5BF2A0AADDAD774DF4322AA8FF187907
| MD5 | 747fd0b5437c0d669171d3636065d299 |
| SHA1 | 00559fe38d6babe6c37a1df5aea40fc38bd0b885 |
| SHA256 | f27051c3c97097a11bd48ff19b3a3795ed73769755a55a57b6a3286bef521e07 |
| SHA512 | 753b4b5bd6cf9d626de7c1937a5c310cb661c080a70b2a0aba798eec423dd74a6406c43567821c8abf4d6d85ec3a6718ff5852ca69f544cebed558b2418ed481 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\F96A1A8368D3C3DD1FA81D170326E6C1C65D342F
| MD5 | c5929cad34e6b6cf03f89414f307d7c0 |
| SHA1 | 4878007d9858b6e9d2e07700ee830dd7752c0d66 |
| SHA256 | a6b82bc45ebdf9ae9ccfc3ad52cb73b463bf81e85dc7509f9ec33605de21e954 |
| SHA512 | fdd6f96e829b4b53c79f8ed42e707692cf6119d8940a503a2ae80f449f467f31cef5c4d496c28d987f585f83cd41ea5a4aecafadc6d477be4226e2cffbac2b81 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 651481d5ab6092ce3ffe0d77546f36e8 |
| SHA1 | f60a934ea2cb70665f6094fbcdd8305049be3c14 |
| SHA256 | ecf1ee1eeab14c861e81a52a5ffac4ea41f267f091cffbeabac7a20c9e36bb97 |
| SHA512 | 2b78b938a50109e3bba269dd33fc4f5107424c5ee4f75503c1e26559b9f39020ec9f86209475db6f612de0ccc0f773d8da6cbf96aa9a2f3a2a63639ecda759a6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 948628eb00b0e52d14d41b9c0730518f |
| SHA1 | a14a5af3a25ba6f38da5c637fe32e1c8450f5ea4 |
| SHA256 | 83fa03c0508ff18f9079da94f9c6f773d332349d39b615fb75b87073e9ff1459 |
| SHA512 | d639fd4088a5e718c20c9e87d82cf2310a67af9e737c1e802a32b3462aa1b80a0e54fb6b69913ff1ecf0ba50053a12f4a3baa28ac7f1344f8dc2f43f2e34ccf5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | 01f937cfea0316f4797421923372b471 |
| SHA1 | 112353e19e0d7070145ee64255e3faaa6d622995 |
| SHA256 | c0761f4a8ccd08c182cb512942c08348e032bcdabe5fbc95312e59f90bb86e96 |
| SHA512 | 7ff74d513f008bfae3aa893a1927a5c6bd68fe8f871ccb9c0cef4bbd60ee9fb8c66c83f9133b75b78a9c7388147aa5f9b83cd83980509619aabce2984acf5630 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | a1829423758ce2c1b208b9b3dfe1a953 |
| SHA1 | 192fcd5982296326780d20a60ce9273fb9f65e45 |
| SHA256 | 90b5aa3339cdf177f0c4e0c26002d0112d6dac0efb52ec016b43b48a563f0eef |
| SHA512 | 4275d2d702d8ab48ccb0c87bc5d0aa8ef3d23119fee3eb5889c3a3141b4054d0372368d593247fc698dd9c3f3cccd64cb8280f6389b01829df0a20cbe61f5c8d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js
| MD5 | b3e99ff646fd7ce1b16f4e945ca5337e |
| SHA1 | 92fa445a652893ad91a7f86fe34c5c4aadfcd364 |
| SHA256 | 4c27a087d16cbd9951518157b2b9d2a300ec366a9fbfe5930a2d2514d6e6375b |
| SHA512 | f4196ce2376af6ed211d86ed1a187f94f4c2e36c18abd740231c58f6573650ba8db54c3a67d16acb58548eb7945c5d94e7b67995db98e3c37045a1f0265a002d |