Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

URLScan

urlscan

1

https://prf.hn/l/zn4...

windows10-2004-x64

6

Resubmissions

10/05/2023, 18:15

230510-wwchesbd5x 8

10/05/2023, 18:13

230510-wtqx2abd4y 6

Analysis

  • max time kernel
    151s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/05/2023, 18:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://prf.hn/l/zn4AWvJ

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Checks processor information in registry 2 TTPs 5 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 5 IoCs
  • Suspicious use of FindShellTrayWindow 7 IoCs
  • Suspicious use of SendNotifyMessage 5 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://prf.hn/l/zn4AWvJ
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:5044
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5044 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3804
  • C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:220
    • C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe"
      2⤵
      • Checks processor information in registry
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3784
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.0.962584503\406952711" -parentBuildID 20221007134813 -prefsHandle 1788 -prefMapHandle 1792 -prefsLen 20890 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bac23329-07bf-4d8f-8324-c1d32e1d408b} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 1916 1ab14d16858 gpu
        3⤵
          PID:4416
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.1.1485556802\129768673" -parentBuildID 20221007134813 -prefsHandle 2304 -prefMapHandle 2300 -prefsLen 20926 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4250e35e-57fc-4767-9fea-c309ddabf7f7} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 2316 1ab06d71058 socket
          3⤵
            PID:4460
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.2.1141966986\2125825086" -childID 1 -isForBrowser -prefsHandle 3140 -prefMapHandle 1604 -prefsLen 21074 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {88386c41-950f-4c75-930a-5d7cde7fa2d4} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 3020 1ab17a34a58 tab
            3⤵
              PID:940
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.3.445565446\161489662" -childID 2 -isForBrowser -prefsHandle 2452 -prefMapHandle 1452 -prefsLen 26519 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6a56f00f-c5b2-4c3d-9833-e713881c47b3} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 1184 1ab06d5dc58 tab
              3⤵
                PID:4128
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.4.99686033\890107099" -childID 3 -isForBrowser -prefsHandle 4080 -prefMapHandle 4076 -prefsLen 26519 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1cfb35f4-c65e-4d23-a070-585dba8e76fa} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 4092 1ab18ba9b58 tab
                3⤵
                  PID:3888
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.7.435626272\1924775202" -childID 6 -isForBrowser -prefsHandle 5272 -prefMapHandle 5276 -prefsLen 26578 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {50a5842e-4393-4a18-8f78-4065905e5234} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 5264 1ab1a2ea258 tab
                  3⤵
                    PID:4488
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.6.1487175642\1903719553" -childID 5 -isForBrowser -prefsHandle 5084 -prefMapHandle 5088 -prefsLen 26578 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1925b735-25b6-479a-a793-1112fe6946fa} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 5072 1ab1a2e8a58 tab
                    3⤵
                      PID:3008
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.5.1295890709\673136456" -childID 4 -isForBrowser -prefsHandle 4940 -prefMapHandle 4936 -prefsLen 26578 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5642d3a0-6aa4-46fd-9911-cbcdb466aa35} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 4948 1ab19bb0558 tab
                      3⤵
                        PID:1552
                      • C:\Program Files\Mozilla Firefox\firefox.exe
                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.8.47195401\652502089" -childID 7 -isForBrowser -prefsHandle 4540 -prefMapHandle 4536 -prefsLen 26913 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2cee335a-5487-4e16-a700-d28c2805f446} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 5704 1ab189be558 tab
                        3⤵
                          PID:4112
                        • C:\Program Files\Mozilla Firefox\firefox.exe
                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.9.1051838062\1003009310" -childID 8 -isForBrowser -prefsHandle 4924 -prefMapHandle 6092 -prefsLen 27195 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c92600be-7a65-43bd-b7dc-455093bf3db9} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 4896 1ab1c7db858 tab
                          3⤵
                            PID:2184
                          • C:\Program Files\Mozilla Firefox\firefox.exe
                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.10.331940664\1942810460" -parentBuildID 20221007134813 -prefsHandle 6308 -prefMapHandle 6248 -prefsLen 27195 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {cceaf393-9455-4a44-aefd-96913c547cf9} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 6300 1ab1c61d558 rdd
                            3⤵
                              PID:3852
                            • C:\Program Files\Mozilla Firefox\firefox.exe
                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.11.1334217900\1378678241" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6528 -prefMapHandle 6520 -prefsLen 27195 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b91835fe-4f0d-498c-9736-0d9f2551bd23} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 6540 1ab1c6b8b58 utility
                              3⤵
                                PID:2080
                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.12.1820733636\101576862" -childID 9 -isForBrowser -prefsHandle 6704 -prefMapHandle 6780 -prefsLen 27195 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ae4fe6ed-7f62-44d7-98a7-9afb84bc904a} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 6812 1ab1cb88658 tab
                                3⤵
                                  PID:4564
                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.13.636084044\1177456148" -childID 10 -isForBrowser -prefsHandle 6348 -prefMapHandle 7036 -prefsLen 27331 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d616da7f-1415-4166-8b70-6221c32470be} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 6968 1ab06d5df58 tab
                                  3⤵
                                    PID:2412
                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.14.1440332580\60311921" -childID 11 -isForBrowser -prefsHandle 3616 -prefMapHandle 3604 -prefsLen 27331 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {804953ab-4908-4b6b-a22d-68ffff3bac90} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 1248 1ab1c590b58 tab
                                    3⤵
                                      PID:552
                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.15.2066970008\7350264" -childID 12 -isForBrowser -prefsHandle 6124 -prefMapHandle 6132 -prefsLen 27331 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {277a9373-5665-4da2-8b43-178d50b16040} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 5692 1ab1b730758 tab
                                      3⤵
                                        PID:2280
                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.16.903274770\1840660067" -childID 13 -isForBrowser -prefsHandle 7012 -prefMapHandle 6348 -prefsLen 27331 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dfc41ecf-59b0-4be4-8a99-5bf6db64b973} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 5368 1ab1673d558 tab
                                        3⤵
                                          PID:3604
                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.17.1897603647\1311439926" -childID 14 -isForBrowser -prefsHandle 4964 -prefMapHandle 6488 -prefsLen 27331 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5ce55dde-e9e3-4ba7-b855-d690b1b9ae49} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 5152 1ab06d6be58 tab
                                          3⤵
                                            PID:4756
                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.18.592310382\244350435" -childID 15 -isForBrowser -prefsHandle 6836 -prefMapHandle 6916 -prefsLen 27331 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {38b2aa52-5344-4590-80c9-eee0fef5fd2d} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 10916 1ab1c529c58 tab
                                            3⤵
                                              PID:3748
                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3784.19.1814680787\235962422" -childID 16 -isForBrowser -prefsHandle 4908 -prefMapHandle 10740 -prefsLen 27331 -prefMapSize 232675 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d6699c69-b863-4982-a602-db1c34420704} 3784 "\\.\pipe\gecko-crash-server-pipe.3784" 10732 1ab167b0b58 tab
                                              3⤵
                                                PID:4904

                                          Network

                                          MITRE ATT&CK Enterprise v6

                                          Replay Monitor

                                          Loading Replay Monitor...

                                          Downloads

                                          • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G1ORIWBN\unsupportedBrowser[1].htm
                                            Filesize

                                            795B

                                            MD5

                                            8376969e5faa046e5e14738801fc6f08

                                            SHA1

                                            952a8a571dc41bf1398279e637227c74d9e14164

                                            SHA256

                                            87ef5cf6b7a08353a095f0c8c91c419484f560bf0236c5730321a69d9b8c0870

                                            SHA512

                                            417b39f8a6cd907f901b75e2843a72d65090d304689b6b9f5a1fb1ac570f6f0758a40d82080c47b7f0281ef9c38204384d60513715686b2b231734e3df8ad89c

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6exu9k4v.default-release\activity-stream.discovery_stream.json.tmp
                                            Filesize

                                            145KB

                                            MD5

                                            59fb7a51efcb982c8242fcdd63b75109

                                            SHA1

                                            bc50ec07b7729ccd69068a08b5b90059e9bf3a14

                                            SHA256

                                            e4a287937a8e6cd7d68c136fc4f256b00e4356d1ed9394066977f228aa61d61b

                                            SHA512

                                            b8dfb2bbd04cab51df6fb1ebc6cb63d7b022d8a286bfc7a46244d92b66bd3ab5b1ac3f1d1f7c5a5f352936ce8eba76432b80e0d3eedb6a19dd0bfc684054e653

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6exu9k4v.default-release\cache2\doomed\10899
                                            Filesize

                                            13KB

                                            MD5

                                            50ad5b357285eb5f49a3d5ab031d91bd

                                            SHA1

                                            926faaf6921eb8a9004572316fca203835141392

                                            SHA256

                                            77b765263f967fd76b5cd21db0042289d3be4d676dc217e11cd8e5b64f29091f

                                            SHA512

                                            46c065854420e1eefebe0dd22229413a2716dc022dc73073c930d53500082d99aaf64e027300680101bb3ecdacb1808df9446d87752bf1766433b0e84a387af9

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6exu9k4v.default-release\cache2\doomed\26866
                                            Filesize

                                            18KB

                                            MD5

                                            0a9c0f79781124dd4d883074adcf1daf

                                            SHA1

                                            c0644f8610fced13a4124e0b5d977bb749912668

                                            SHA256

                                            55eb311b3d9a9e8d1ef979f283002d2e828ea6abdf488990a7892324e5015910

                                            SHA512

                                            69e34204ce27c05615e5c95d67b1ab93d377474c52641fd56a5d0bdd5c7a66ed471bdbc866c4cf1a0e17afbb49a7ab2dbc629fe46f5901ca84333caab851168d

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6exu9k4v.default-release\cache2\doomed\27786
                                            Filesize

                                            13KB

                                            MD5

                                            fd2afd91c36d46e6e347d5e75c05e882

                                            SHA1

                                            e2addc3a46805dbeb1b4d6d83d13343eecf4edf7

                                            SHA256

                                            da8b1c1ac64930547b935f3e4d9776860f94ec6020128a5b4fe5f9b67f0e6ee7

                                            SHA512

                                            9fbe57af7ff15a2c2bee695369ae218465385c148b314c2c8bd6211e1ac4ccf76f470b947f6f483f17be1b45f27c160ee7dccffa2b4bc4659f73aa5a2acb9a2e

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6exu9k4v.default-release\cache2\doomed\29866
                                            Filesize

                                            15KB

                                            MD5

                                            9399130f17d40dccd8d80b1b8ef755c3

                                            SHA1

                                            f348ea3ec1ae6e7330d50e517c346d70d3619c1f

                                            SHA256

                                            c3e3394740065705f343924ef4395471a3ffb6c6b258b259fa64d4536209bf7e

                                            SHA512

                                            ab2e8c1d8441fe5104eafa2d1180b5a8c2683f3c109e80f6413916c9ff5b8e87f0cd8f4cbf6a0883b5b39c7bbd47ef7f28a771c8222108e50ca3fcf203c360f7

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6exu9k4v.default-release\cache2\entries\3144C63326074BA16816636045F137CF28BE23A6
                                            Filesize

                                            41KB

                                            MD5

                                            6732f7a7fcd3982e0dad5830247ab770

                                            SHA1

                                            1b7945277690ec4d6b1de1eb7932a04d1be566c1

                                            SHA256

                                            8485809a60380cc05d07f9cb0c8ce90c05f7b3145d36728e28e4ec63ed0eac9e

                                            SHA512

                                            bd5afff2d72035910e74de0f7a817d5c439af87e884c253ee43e0392a114919d68f1f82e30ae25bcff4852f1de82dca6c7b4f60ef69a9e291028dbf7be4e08be

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6exu9k4v.default-release\cache2\entries\B0985743595C953E243D1553684FEF0F659DC28E
                                            Filesize

                                            32KB

                                            MD5

                                            b2c0a13297080683b12eff96b48e95d7

                                            SHA1

                                            e1e31dd5baa6bcc8686472cef28f8dbe255be121

                                            SHA256

                                            df00e09f99c2578555f44f3c1967a15f08940835cd79d91bf6d1ce3d7dfc9559

                                            SHA512

                                            e0f24d25c63bde571fd8cd9f79edc9527d91665bf368f9646fb8c3b25a578a0641f2c05fdffefb3274d198928baf07a0c374d35b0348351d6fec7a57592a56bc

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Temp\~DFC04AF11B7C6E2F61.TMP
                                            Filesize

                                            16KB

                                            MD5

                                            d18932e789bc84e148e3196429e535d6

                                            SHA1

                                            5202857d6809c7a1a7a6eff8fa836463794bdc34

                                            SHA256

                                            2a3201617fcfc776110f6cc27816a69bde1a0d121e021b988efc21e8d1961e05

                                            SHA512

                                            cc1f062765589761c109eda423ebbd21d431f6d4e358a954e544639b3be6457a49b6c099ba4269b13ca5e70a5208869612967bb3817eb799b2084c749b3d3320

                                            Download Submit

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6exu9k4v.default-release\prefs-1.js
                                            Filesize

                                            7KB

                                            MD5

                                            f606c0ac16b49fbdcad43d7fceacb286

                                            SHA1

                                            01e88638a4a33189aca246d05c699fd68f049d8b

                                            SHA256

                                            a8ea344c4e7c659f6829e1879cc7b0b183faa4573f6bf2bcdbf5c62e999fef86

                                            SHA512

                                            a09a3ec9a154794d2295407b820ed257f7d57b1379fa2000b67236472f448df28840a2371f85e44a6f24da2c89216b77ae655d01d89a38570544e7b31ff917ec

                                            Download Submit

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6exu9k4v.default-release\prefs-1.js
                                            Filesize

                                            6KB

                                            MD5

                                            527a75f1de2caba42a4b6a7d62b2b91c

                                            SHA1

                                            84c19be43ff2692a763e44b033a8e393087c2244

                                            SHA256

                                            ab0a2472b019f96912200226ead7b01986e0f953aa1c431dd47d5dbedd26852e

                                            SHA512

                                            5226e11ccc6534412619182842bc3dbc21b78aff9b287cda0c18ddeedfe1f563ce33a096f6675be4778614dbfbfbcfd569afe704f25faaed85dcc8d79d865b14

                                            Download Submit

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6exu9k4v.default-release\prefs-1.js
                                            Filesize

                                            6KB

                                            MD5

                                            491e13563a645fba18484476fe6ff25a

                                            SHA1

                                            52527cb9949b1fb3a4d19967bb7468cded7a332a

                                            SHA256

                                            d420023b893793f5563234241485ddf12864eb9958bd04b1aeb962598d362091

                                            SHA512

                                            a69093526a2b7bdbd038c16bac7e458f2ca3ffa58f29dec98c2b2752c45a3a00874e287e9f1648b474e37b9aeaed9acbe5d0096419dd7448038a3e9cf351b7e8

                                            Download Submit

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6exu9k4v.default-release\prefs-1.js
                                            Filesize

                                            7KB

                                            MD5

                                            61cf9a1444e06cabe7a43b3735ad55e8

                                            SHA1

                                            6fa52e957f25dd70265b97f081f480aede8c8772

                                            SHA256

                                            527e5fec19952e37d269f61c10975b21588651ddeef110ffcd0452267c4c51b8

                                            SHA512

                                            4ae48257fd1ceb0d5b0db481c41d2216523c21d612bb6e10a1d2904ebce71b474db02d183b7c5a4efe471c1884dcec56aafa65202da25159bd8da5ebf55d0716

                                            Download Submit

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6exu9k4v.default-release\prefs.js
                                            Filesize

                                            6KB

                                            MD5

                                            108b97b1ff7efbdb1aecce96d55ff2e5

                                            SHA1

                                            bb72b2e0c3d859fe5e821632307a32df331b55e1

                                            SHA256

                                            c5e19d4313b524fffc4859f4fac05ea3dcf408714a736dbd0bb7fcdf5131f80e

                                            SHA512

                                            e0f7678424e68957a1cb521786e9e4e54c179f9a263b04d0c6a96147cb1e242b58bda3e74e6f142dcd9b6dd313a0061c3050af334b149eab9a8040f923da84dc

                                            Download Submit

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6exu9k4v.default-release\sessionstore-backups\recovery.jsonlz4
                                            Filesize

                                            3KB

                                            MD5

                                            dec39467c657989b17d019acf7d17474

                                            SHA1

                                            130b76d75e812370b1d6e48ed23fea08c6929806

                                            SHA256

                                            1da7513d0a09174aac54d9d86d663e1865ebb30fdbbcf92514a66852c1fcdd93

                                            SHA512

                                            8d683b0068110242cb5294121b648550d0f15462900b6e26972f159e08680e3dc07104c712ecd66101d55e0404f5e6dc942e8ba4cce1a16b613a1a3edea1eae8

                                            Download Submit

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6exu9k4v.default-release\sessionstore-backups\recovery.jsonlz4
                                            Filesize

                                            4KB

                                            MD5

                                            6f3dcc64fbf744786c36e558509c6383

                                            SHA1

                                            956c815192283cff82292e3b2d2f7c8f454618cc

                                            SHA256

                                            eaf139cbc038fad1106f7b23c68c64c2821d160c5e3bf9a78508cfbce18d15a8

                                            SHA512

                                            0a237d10a4ec3527c78d5db17038b0f5919318a7bacfcad328bff6dc74b5f546bc352a215c6737965de63ec4f2cc10bd71816f3a0212ea077c8a33688d8eaa0e

                                            Download Submit

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6exu9k4v.default-release\storage\default\https+++www.youtube.com\cache\morgue\124\{3f230188-8380-417f-9a29-d5b1daf6877c}.final
                                            Filesize

                                            3KB

                                            MD5

                                            e2818c9575a8ccbc29f217b01fd48f6d

                                            SHA1

                                            4204c40076ffa22b6fa8b614633f86872465d638

                                            SHA256

                                            c522d314fd4fedde382db5299ff77f5cc826643ae8237de20194e0d20b73c672

                                            SHA512

                                            865b0e27ba7759b355a9124eb41d40a2914646c18e0dc70b48a3fe403bc01ace2f07aff4ad2ff3825b5e3ce327dae81a3d94646ced44c4cd882e3c65a19a0490

                                            Download Submit

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6exu9k4v.default-release\storage\default\https+++www.youtube.com\cache\morgue\130\{9167a419-31cf-4300-961f-b0b3097a5282}.final
                                            Filesize

                                            65KB

                                            MD5

                                            e40db394155932ab7b3157d5c4e0b2d9

                                            SHA1

                                            d337d51af91e1c2b82c94733005f9db2a71f2662

                                            SHA256

                                            d03c8c02a5de2bc976535cb9173858faaa0c4d8df550b68a081ea16adabf201d

                                            SHA512

                                            4dc480b92d6df7a2c869a32a2889d8891b267c974bf9673d2deda87ffb774e3494c29395553c0d078c8e95b31abd8b7d23d202d3597627172d98f8ce9277d3df

                                            Download Submit

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6exu9k4v.default-release\storage\default\https+++www.youtube.com\idb\1644498090yCt7-%iCt7-%r7ecsap3o.sqlite
                                            Filesize

                                            48KB

                                            MD5

                                            dea0f302656ba2f3a8a67d6251a063cb

                                            SHA1

                                            beea780ab1e5ca2a2ba41d752577f0ff858a49b2

                                            SHA256

                                            2e3a6c0c388ab1a3044bd1b7043d070b29b28eead69cac576b8a0b689148517b

                                            SHA512

                                            a7914fd323ba476a02559ca3f34db23a15ec6a1d75f3ac465b207d186fedcb5c1978a5255b9e0c4f68589c2ff255a2e5ee6ecd3ded59ca75ed9385a4f6331f2c

                                            Download Submit

                                          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6exu9k4v.default-release\storage\default\https+++www.youtube.com\idb\3211250388sbwdpsunsohintoatciif.sqlite-wal
                                            Filesize

                                            40KB

                                            MD5

                                            94c79c8fe7044b41c8e59eb056b36fda

                                            SHA1

                                            73b00ff37a861fd90e1451070e337fd8ebfa406a

                                            SHA256

                                            c2a46826b3bcd3634e666656c80883aee412ab94bd3b23c07243b5adbaff694e

                                            SHA512

                                            b6c7aca89ad285722fbd85f33373604d0e99f3c9d6c7eb2292a82e1ef35246c3560f2759492eaa84421b7fac971c5136aa8473c8a29ded173dbd77279d84166d

                                            Download Submit