hxxp://livesupport[.]comedydriving[.]com

Analysis

max time kernel
150s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
14/07/2023, 01:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://livesupport.comedydriving.com

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 5 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 5 IoCs

description	pid	Process
Token: SeDebugPrivilege	4628	firefox.exe
Token: SeDebugPrivilege	4628	firefox.exe
Token: SeDebugPrivilege	4628	firefox.exe
Token: SeDebugPrivilege	4628	firefox.exe
Token: SeDebugPrivilege	4628	firefox.exe

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
4628	firefox.exe
4628	firefox.exe
4628	firefox.exe
4628	firefox.exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
4628	firefox.exe
4628	firefox.exe
4628	firefox.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4628	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1516 wrote to memory of 4628	1516	firefox.exe	58
PID 1516 wrote to memory of 4628	1516	firefox.exe	58
PID 1516 wrote to memory of 4628	1516	firefox.exe	58
PID 1516 wrote to memory of 4628	1516	firefox.exe	58
PID 1516 wrote to memory of 4628	1516	firefox.exe	58
PID 1516 wrote to memory of 4628	1516	firefox.exe	58
PID 1516 wrote to memory of 4628	1516	firefox.exe	58
PID 1516 wrote to memory of 4628	1516	firefox.exe	58
PID 1516 wrote to memory of 4628	1516	firefox.exe	58
PID 1516 wrote to memory of 4628	1516	firefox.exe	58
PID 1516 wrote to memory of 4628	1516	firefox.exe	58
PID 4628 wrote to memory of 1668	4628	firefox.exe	86
PID 4628 wrote to memory of 1668	4628	firefox.exe	86
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4072	4628	firefox.exe	87
PID 4628 wrote to memory of 4852	4628	firefox.exe	88
PID 4628 wrote to memory of 4852	4628	firefox.exe	88
PID 4628 wrote to memory of 4852	4628	firefox.exe	88

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://livesupport.comedydriving.com"
1⤵
- Suspicious use of WriteProcessMemory
PID:1516
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url http://livesupport.comedydriving.com
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:4628
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.0.1167863216\866482615" -parentBuildID 20221007134813 -prefsHandle 1928 -prefMapHandle 1828 -prefsLen 20938 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {87c8f5fd-698b-4e43-8132-221ef6f7449d} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 2008 1aa537d5f58 gpu
    3⤵
    PID:1668
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.1.387228129\1335897230" -parentBuildID 20221007134813 -prefsHandle 2400 -prefMapHandle 2396 -prefsLen 21754 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6fcbd32f-4c01-4f82-bb8b-d30b58f6a51c} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 2436 1aa536fa258 socket
    3⤵
    PID:4072
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.2.1731688095\1720065102" -childID 1 -isForBrowser -prefsHandle 3264 -prefMapHandle 3076 -prefsLen 21792 -prefMapSize 232675 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {595c9797-3257-4153-9d83-6366e97d0355} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 3240 1aa53759258 tab
    3⤵
    PID:4852
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.3.261994356\613467423" -childID 2 -isForBrowser -prefsHandle 3616 -prefMapHandle 3612 -prefsLen 26437 -prefMapSize 232675 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {24acbeb5-d934-4fdf-995d-9c09714a8644} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 3628 1aa58b23658 tab
    3⤵
    PID:4768
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.4.193676961\1986135084" -childID 3 -isForBrowser -prefsHandle 4976 -prefMapHandle 4972 -prefsLen 26496 -prefMapSize 232675 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {90792f01-4be8-4610-8735-1ab779d653b8} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 4988 1aa59ee1e58 tab
    3⤵
    PID:1676
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.6.1330114501\706695277" -childID 5 -isForBrowser -prefsHandle 5316 -prefMapHandle 5320 -prefsLen 26496 -prefMapSize 232675 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {791f696f-5054-4112-bd3f-4922eea829ce} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 5308 1aa59edeb58 tab
    3⤵
    PID:4756
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.5.1744904027\472512282" -childID 4 -isForBrowser -prefsHandle 4964 -prefMapHandle 5124 -prefsLen 26496 -prefMapSize 232675 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4ecabfae-7825-4403-ac58-fff6d593619d} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 5112 1aa59edfa58 tab
    3⤵
    PID:1496
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.7.2098093729\1071965386" -childID 6 -isForBrowser -prefsHandle 3136 -prefMapHandle 3000 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4da03914-2802-4793-9de9-bd22e93679c2} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 3140 1aa5a859e58 tab
    3⤵
    PID:4324
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.9.921436466\1737173002" -childID 8 -isForBrowser -prefsHandle 4536 -prefMapHandle 6048 -prefsLen 30200 -prefMapSize 232675 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3d0a4900-8713-4866-9f77-088bac22341c} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 6036 1aa5d39ea58 tab
    3⤵
    PID:5392
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.8.1296250556\1899817840" -childID 7 -isForBrowser -prefsHandle 5236 -prefMapHandle 5232 -prefsLen 30200 -prefMapSize 232675 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bd931f3c-cb05-4786-9179-c5d158df3468} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 5208 1aa5d39d558 tab
    3⤵
    PID:5340
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.10.1530249588\246798110" -parentBuildID 20221007134813 -prefsHandle 6216 -prefMapHandle 3480 -prefsLen 30200 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9da7d8bd-51dd-4977-804d-fcdbc2d955b6} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 2928 1aa5a792b58 rdd
    3⤵
    PID:1556
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.11.226142005\1975523750" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4696 -prefMapHandle 1588 -prefsLen 30200 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4d015ef8-4622-4883-b02e-49f2bfc66657} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 6216 1aa3fc2d558 utility
    3⤵
    PID:1084
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4628.12.1855938517\1940112949" -childID 9 -isForBrowser -prefsHandle 5392 -prefMapHandle 5472 -prefsLen 30200 -prefMapSize 232675 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0ec44c0a-0e06-4486-8f38-2b2811661002} 4628 "\\.\pipe\gecko-crash-server-pipe.4628" 5192 1aa5af9f658 tab
    3⤵
    PID:5140

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\activity-stream.discovery_stream.json

Filesize
145KB

MD5
e1c9c5c80c1470b3d8568d1286178f9c

SHA1
2c134dfa30272fe0f545e48be092af41dfeb4c2d

SHA256
d6f0479e61afba3cb3fbf3c8a76ccae02712f90dc4eb6f8c9f258bfce414e886

SHA512
df4ab6485078fda7559dc3b071f13b5925784b266f0969c257a6d9917c38412529bc4e2f3de914a6080595256980298d575089e0d0aec12e60a5a8a5c66c7ce4

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\cache2\doomed\13189

Filesize
11KB

MD5
374e4451ac93e390616440c8247af154

SHA1
e6934f71c316f58ad6b76c2071e222d97b08d386

SHA256
a744e8936067730ab3af61d9fba0fa841b33040aaade541fc5c42d1ea92c728a

SHA512
28dc26878256e6d5f83f3ce1afbf41c7a136b103c4d95de44812d567aa4c03c5df09dc4aea46ed6f0b9212a9f89625af7fa7c2aeb5691cec11a43a413e30923e

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\cache2\doomed\5423

Filesize
8KB

MD5
a6a2c8a3284c50ef2bdb3fdd4985e6c5

SHA1
3af5315f85ae2ea93a29d0429c0501a761af2b39

SHA256
d20addb264b4d444940916e3fef83779354c5661a6743ab3873dc06c94d05fac

SHA512
1f066d42cbb39502d4d5f110127cca96e0696a26cb956747178f7502bbbe2d6f89dcd074cbcecffb05a9733f02e22b4674c55b6ff621e95f21775d0aaa956bcd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\cache2\entries\118BB2BA245AAA64B01692DF29396B97E11FC1A0

Filesize
14KB

MD5
d43e118c5f740bea5c25be0880201b9a

SHA1
6808f8def2f4ac44195dcc98991917fdebc8aa19

SHA256
fc2001f1c3f211a5237281e5e7ab20a551a48de55e32ca8a1b68ee68775802db

SHA512
468a79c65656bd45d6dd017221a7b4ad9da8d7644b9366d31d3f6216c6a481404ace7273bb501544ebd6e3b9b0aa1977152f0be3850a6162fa1a8527e502e44f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\cache2\entries\2958FBB336062018097FA96D6F94BA3D20FE8E02

Filesize
2.2MB

MD5
ebda9d742707434d251fb6b183bb9ad6

SHA1
ec2daa70cc495c5919c62a9b2a9fa81b986407b5

SHA256
b483df2781fbfa70874979ac64479e0444ee51dedbe36be31fd7218f28d0d2d3

SHA512
7b97baa4c2d3b7dd4cfc6ee5666c78e1a14bd584014a1e8f8751df6e1409235c3c00c91c3464045ec574b6cd6b38cde3e5a214e34fc1a51c70b8b23f1ac3f4db

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\cache2\entries\9B87607F243349D5AC292C58E332F95ECADEC6C8

Filesize
31KB

MD5
5cbfb8a7eafc817b2cfe4ae4a87288d1

SHA1
4b8e9a1af96fbc77ca2d36f93d5ba1af93640483

SHA256
89606f01817701fe454ca13f24af144025c4be47bb3065fadc86490d26e4f692

SHA512
26b98c82ab2c5b0bbbe6c6b361711f619de5a423679afc0188f4025b27e37feccf1153df8ed20b4c517d43cfe4127c65a18798d1f8263a25297f7bbc53e3a286

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\cache2\entries\ED9826654AE8BD972BDE17A9E0A449D3F881E430

Filesize
14KB

MD5
42db3dc4f640d590b06188daf296f517

SHA1
48f40db75c65ca678b0462b2e675a0d223084976

SHA256
aea9d5eda997713ce9dc50fe71333b1bcb2dfbeb9ab3f48c618c56b918130f8d

SHA512
dfae8ac4fe651c23817fe4760edc301bd01b1f90b49c1bb2f169109ee5378e2dea29920dc599035a62885afee63efb28111925ebf71b1961e59224abb25ee3df

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

Filesize
11.8MB

MD5
33bf7b0439480effb9fb212efce87b13

SHA1
cee50f2745edc6dc291887b6075ca64d716f495a

SHA256
8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

SHA512
d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\prefs-1.js

Filesize
10KB

MD5
28ad59cb37f36bc4bab56261f3243972

SHA1
2e021bce9322da2a714c2c2649289ab9233e59ce

SHA256
dfc26de63a3654ece1a06f9d43d77bc65f4a3e132a067a1acef07853dd0ebf85

SHA512
5e31c6fcaf2f89cb970a757d7ce59734ce7c4fe278469e93ae03efc20b4dcc6a4bc228bdabce0bb6980e0eaf2c1bc2d2c8863e380b80595c9c57f9759b7e7727

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\prefs-1.js

Filesize
8KB

MD5
87e3163259a836251035a4404fa92285

SHA1
7e4b0d216be76617e290cedb639b43c5b8c4fc3b

SHA256
dcc1736d068a91c5c1201e7c433f2322d98456c1c032347930db00a112f5f209

SHA512
c059a2975deb5dbab24b06d529115330c354005a76e18a6f8a0a39c85e0a3c6230d598d40618b80cbab221e2e3cf06dd48422f8f8f5d9e24d82e267f9bb37235

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\prefs-1.js

Filesize
6KB

MD5
9db6c6c98f41401fe1e30b6798d5f85f

SHA1
d2ad7560cb52bc8f868f98973b8e7bc34581e597

SHA256
b997d1ac167f21eb397134380ea455dfb1036f83634ec9803b3cd6813daf91fe

SHA512
545f90fdd5cffc00d5649f3481fbbab74d5b54ccfd252bda704218151966e57a4edb7b527f0c64d9b06ed09a4dcfc3aaf7f26c63b7c9f3f6d82ffe541bedfbbb

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\prefs-1.js

Filesize
7KB

MD5
30a8c6f4efd1bca390528867a11552d1

SHA1
040d74871e26e7d2820f3dc1aa720fc3605619f1

SHA256
a719e07c5e71c35aec10e7b8f221f1be1c9b8d1239d266508d32ed8de8f6002b

SHA512
9a537c0a7bd0687a0b0fe0d80169a7cdff2ed26f4a7acc29e7e704c6feff7af8fa30eb616cc95487b4c6d877cb0266bcf2b9b1f69f23f1bc8b1cbfb64abf825c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
39KB

MD5
0a77179affb9b6dec4dfa9247b961cb7

SHA1
e4d4858523f7df94ae9fb92b4c5c939ffbeb1f7a

SHA256
b68f62e0960f246b0de3ca69c913c6451466c7e78276ee0368a8d41c13ee3f0d

SHA512
0eddf72ea0f9ff90f63c017909705ca46980ce52f1502ebe9c1bb6d4d17b127e8595434ca536802563602febdd90980acd959fff4f2fa4f37174a2d0c5f38769

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
3575093d8f75a7a8a506476b90a50cbd

SHA1
af72296b202aafd76f2ffea855e170f5954ed239

SHA256
f447f79bee47c0e69a8394dc35efd37bbbaf16d0585fe307cebaaa7e63d834e8

SHA512
067e66c5036ad21fdc4a3a1df57ce79453612dd5dc9a3ca32af8b95011ba0534c02095a7ac737d7c5dd0d833dc350c85fac157d6285377f980ab2a7e4b566d69

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
145KB

MD5
c895d59e9d15c279b7fa247ad7f43e5d

SHA1
54e94fe67e275b6fc8540ad3854d95b4f6c9616f

SHA256
d8c525a94bd725911e94573e35d584c08071e87b4259166f8c1938b10bf9b85f

SHA512
efb0415452ea27b70e8ae4336ebc3cd05200e16142315919810b849139f607232c0cb91b812c6c4608c7165e6560a2740d5d21d4bbfc807191b0468ae9e87f50

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
39KB

MD5
93a93be91e992bb02101c2ba79acd8b3

SHA1
337f23facde649bbb389a777e4b431cf2f53de67

SHA256
3ebe57d584ea450ddaf5c0bc1bc8e2ab4558c73dedf63df0bf6516f57e3150b0

SHA512
ed6364dc556d2abdce9668ec2bc51b88809e7f0183b54f11bb75fe236f554613d4e6ce46a8f0f798cecc4e4e698f482d612f57142c1eba1c23e9c98062ffeaf2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
39KB

MD5
2db86503836abfe87dd995e820b57a2f

SHA1
151a1938495474ecd6265a105b3767200e77c072

SHA256
61d7ea682776699c0962bbe466fc9fc0daa4eb9af1038bdf256c1c3e14d63543

SHA512
71a563e906b3a2d4703259d0046d07e2474fe6211efb6c69917bf5030a94b8768b9eb9a8e3e639ca3e211dcbc2d92ad7c3930e9fbf3d698f9d16bcb01b5e02d6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
39KB

MD5
f4765d08d85b4f85aae9159e3a497ce4

SHA1
9c5e31f404fe64555094019ef0105fbc26342d1b

SHA256
4a6336e2b26ccfd49f6b802e364bd3ce2c7af0ce148f3051e2704652e9cadec7

SHA512
617e8a90336fc42bce837a9742ec35a93a564e035a3c2dda36380305669fb76a84e595898ef234e60c22cd47519ff66fdca23aa9699d44c2d700180f8b6aaf8a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rzyhfx4n.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
145KB

MD5
cd776384919acd02b4122ed1528d4414

SHA1
80bc47526ba83013fb2429332c04307241ddd277

SHA256
dfbb0060ff98e0219873c4a0a2990f20226a11d4565f8b148bcf2c195aa6d9b3

SHA512
be89d95fa403c033719b1655031b32547e001c044660bb418a1bcbca82900dc4ae3d1a0b0a62138d9d836525489485aaf856b24260de87e3859cf52173639196

Download Submit