eafd8f574ea7fd0f345eaa19eae8d0d78d5323c8154592c850a2d78a86817744

Analysis

max time kernel
282s
max time network
286s
platform
windows10-2004_x64
resource
win10v2004-20230703-de
resource tags

arch:x64arch:x86image:win10v2004-20230703-delocale:de-deos:windows10-2004-x64systemwindows
submitted
07-08-2023 21:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

zbxl.zip
Size

43.8MB
MD5

da596c5fa1bfe53dc6ef777e810c2e7d
SHA1

dc756fddd264eaadcc0c8e8576d11259bbe1c150
SHA256

eafd8f574ea7fd0f345eaa19eae8d0d78d5323c8154592c850a2d78a86817744
SHA512

bb7a10c4d9decee9687dfba5987939d1f55c3966bd80d06103d4bde6f61df3957d89392ac185b96ac668bc794193319dad33e34dde199df91eb2981e7e5f9fc3
SSDEEP

196608:rAA/coo9ZmMOfGI0QIdgCUlo1JKq5LJ2q82M/nSk827:rAHX9DQGI0Q321tr82MPl

Score

1^/10

Malware Config

Signatures

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4176143399-3250363947-192774652-1000_Classes\Local Settings	firefox.exe

Suspicious behavior: EnumeratesProcesses 44 IoCs

pid	Process
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2392	7zFM.exe

Suspicious use of AdjustPrivilegeToken 17 IoCs

description	pid	Process
Token: SeRestorePrivilege	2392	7zFM.exe
Token: 35	2392	7zFM.exe
Token: SeDebugPrivilege	2128	taskmgr.exe
Token: SeSystemProfilePrivilege	2128	taskmgr.exe
Token: SeCreateGlobalPrivilege	2128	taskmgr.exe
Token: 33	2128	taskmgr.exe
Token: SeIncBasePriorityPrivilege	2128	taskmgr.exe
Token: SeBackupPrivilege	2284	svchost.exe
Token: SeRestorePrivilege	2284	svchost.exe
Token: SeSecurityPrivilege	2284	svchost.exe
Token: SeTakeOwnershipPrivilege	2284	svchost.exe
Token: 35	2284	svchost.exe
Token: SeDebugPrivilege	3604	firefox.exe
Token: SeDebugPrivilege	3604	firefox.exe
Token: SeDebugPrivilege	3604	firefox.exe
Token: SeDebugPrivilege	3604	firefox.exe
Token: SeDebugPrivilege	3604	firefox.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2392	7zFM.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe
2128	taskmgr.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3604	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3444 wrote to memory of 3604	3444	firefox.exe	103
PID 3444 wrote to memory of 3604	3444	firefox.exe	103
PID 3444 wrote to memory of 3604	3444	firefox.exe	103
PID 3444 wrote to memory of 3604	3444	firefox.exe	103
PID 3444 wrote to memory of 3604	3444	firefox.exe	103
PID 3444 wrote to memory of 3604	3444	firefox.exe	103
PID 3444 wrote to memory of 3604	3444	firefox.exe	103
PID 3444 wrote to memory of 3604	3444	firefox.exe	103
PID 3444 wrote to memory of 3604	3444	firefox.exe	103
PID 3444 wrote to memory of 3604	3444	firefox.exe	103
PID 3444 wrote to memory of 3604	3444	firefox.exe	103
PID 3604 wrote to memory of 1692	3604	firefox.exe	104
PID 3604 wrote to memory of 1692	3604	firefox.exe	104
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 2252	3604	firefox.exe	105
PID 3604 wrote to memory of 3952	3604	firefox.exe	106
PID 3604 wrote to memory of 3952	3604	firefox.exe	106
PID 3604 wrote to memory of 3952	3604	firefox.exe	106

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\zbxl.zip
1⤵
PID:3848

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1196

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\zbxl.zip"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:2392

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2128

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2284

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3444
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:3604
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.0.251944397\1710589099" -parentBuildID 20221007134813 -prefsHandle 1900 -prefMapHandle 1892 -prefsLen 20938 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {66b47421-8b9c-4d1d-b0d3-a178b685ee7b} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 1980 2383c4e0758 gpu
    3⤵
    PID:1692
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.1.1315354880\1157627639" -parentBuildID 20221007134813 -prefsHandle 2376 -prefMapHandle 2372 -prefsLen 20974 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {af6ae05d-8122-4b2a-b2be-0560256838f7} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 2388 2382fc6f858 socket
    3⤵
    PID:2252
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.2.958908626\1716414949" -childID 1 -isForBrowser -prefsHandle 3168 -prefMapHandle 1636 -prefsLen 21077 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bf165883-fe7c-43b8-87e2-25f8a13ebe96} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 3148 238405d3558 tab
    3⤵
    PID:3952
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.3.314020590\230922162" -childID 2 -isForBrowser -prefsHandle 3588 -prefMapHandle 3584 -prefsLen 26437 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a5f44581-b526-4fcb-b66a-10bd1e5d0554} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 3600 2382fc62b58 tab
    3⤵
    PID:1340
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.4.1664286454\180901201" -childID 3 -isForBrowser -prefsHandle 3824 -prefMapHandle 3820 -prefsLen 26496 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b64e7a05-9969-4b63-9f6d-41c6a2378b7e} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 3836 238413b2b58 tab
    3⤵
    PID:3724
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.5.2130216954\1624074312" -childID 4 -isForBrowser -prefsHandle 5176 -prefMapHandle 5172 -prefsLen 26656 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bc5b0e5f-e8c8-4e1c-a8e5-21d566537540} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 5168 238413b4958 tab
    3⤵
    PID:3064
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.6.294362435\1191075786" -childID 5 -isForBrowser -prefsHandle 5324 -prefMapHandle 5328 -prefsLen 26656 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {60ef4853-8ebe-4226-8910-8d5227a13f5d} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 5316 23842ec2d58 tab
    3⤵
    PID:4884
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.7.113617489\545781280" -childID 6 -isForBrowser -prefsHandle 5516 -prefMapHandle 5520 -prefsLen 26656 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4202df1f-0251-4404-93f6-21bd5d6e9152} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 5508 23842ec3c58 tab
    3⤵
    PID:2628
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.8.1877047364\1388228758" -childID 7 -isForBrowser -prefsHandle 5964 -prefMapHandle 5960 -prefsLen 26656 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {460e90b1-511a-491c-a934-ac5e39c4f10e} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 5972 23844c32d58 tab
    3⤵
    PID:4512
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.9.1523317465\718461910" -childID 8 -isForBrowser -prefsHandle 6116 -prefMapHandle 5952 -prefsLen 26656 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {60ecf573-1554-4ec8-8ad9-cc592286a751} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 6104 23843fafe58 tab
    3⤵
    PID:3772
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.10.1916164668\1648787544" -childID 9 -isForBrowser -prefsHandle 3960 -prefMapHandle 3948 -prefsLen 26831 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {db3d78eb-8d7c-4b1e-a8c7-02caeddf0c06} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 3940 23844db7858 tab
    3⤵
    PID:4676
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.11.555708001\423327305" -childID 10 -isForBrowser -prefsHandle 3944 -prefMapHandle 3956 -prefsLen 26831 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2bc65a91-462d-4bc6-b92e-55725edaee44} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 4816 23844dba258 tab
    3⤵
    PID:968
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.12.1747777086\510178596" -childID 11 -isForBrowser -prefsHandle 6060 -prefMapHandle 6076 -prefsLen 27096 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8999198f-0fc9-4c9f-a4a6-2d25e072ec30} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 6048 23842e3bd58 tab
    3⤵
    PID:5664
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.14.279712773\1841708777" -childID 13 -isForBrowser -prefsHandle 10188 -prefMapHandle 10196 -prefsLen 27096 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d48fd4a6-e731-4091-b778-2ad9341bd59b} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 4524 2384f6ab358 tab
    3⤵
    PID:6128
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.13.1002450358\1433618036" -childID 12 -isForBrowser -prefsHandle 5264 -prefMapHandle 10372 -prefsLen 27096 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4a840658-c493-4443-ab72-34eb2a6469eb} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 5220 2384f6aa458 tab
    3⤵
    PID:6108
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.15.930699798\1229208338" -childID 14 -isForBrowser -prefsHandle 10224 -prefMapHandle 10364 -prefsLen 27096 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b80bdada-7dfd-4686-9342-88fbd918535b} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 10204 2384f6ace58 tab
    3⤵
    PID:540
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.16.1693698703\443306706" -childID 15 -isForBrowser -prefsHandle 3028 -prefMapHandle 2856 -prefsLen 27232 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e6cd6a79-b524-4d48-b560-15cc8f7ffddf} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 3924 23842e3b458 tab
    3⤵
    PID:4796
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.18.47314285\1032017827" -childID 17 -isForBrowser -prefsHandle 5232 -prefMapHandle 6632 -prefsLen 27232 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a0890cb1-6ffa-4553-9ab3-e205d416c59b} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 6628 23842e3de58 tab
    3⤵
    PID:5276
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3604.17.1783927459\930061200" -childID 16 -isForBrowser -prefsHandle 4256 -prefMapHandle 4216 -prefsLen 27232 -prefMapSize 232675 -jsInitHandle 1428 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0f2ab424-10dd-4f2d-9288-7e93bf29a6e6} 3604 "\\.\pipe\gecko-crash-server-pipe.3604" 3988 23842e3cf58 tab
    3⤵
    PID:3928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\activity-stream.discovery_stream.json.tmp

Filesize
159KB

MD5
f5ffb326a7c6e48d15c3976e16500188

SHA1
7cc481caa7689675f1fb5dfa2f93cc6887188305

SHA256
54cc71be9eb631e8da0d9167be32adfba796a99a0f8fb7445eac151f70d8b3c0

SHA512
9fbb2958d3d93ba7e40c2520b8487db04540191893bb2be655b1521fe2f0b634c34a9c769162f61ea1ed1db848977b389476c58da9cb410a0f0d52b70dd58d06

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\doomed\14343

Filesize
9KB

MD5
e289516dd79cecf6c3ccaac6d0897597

SHA1
acda344981195078d2221fb0c7269fc8e0f5e36d

SHA256
096783a751c7489eae79977bc90b4237a36056c70810aeed5f60763ddb7e22c9

SHA512
7cac14a194c45b866d60aa8e9bec491dd100017a39642e7923a0aaf26825d792585476e93297f78070858c3148ca77d068fdc6dc3aa9c74c905017215f3e1892

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\doomed\17674

Filesize
7KB

MD5
ee86d1c141dfbaef673e60ad2249c656

SHA1
0d84bb22400c707f09c431f84b462f21d301bd44

SHA256
0a348f63b4a809c268da705f7ddb34db8864c1524fc3e40f954904d5e7acd82a

SHA512
223bed2eef25fc69f70f7f00de15da00fcff69c45c8dcb50827e738db32360a97a688f35e7867ae94da3770c1ec111320d90256e9d4c41a7cba6e5b8856aac41

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\doomed\20278

Filesize
9KB

MD5
65c75d2810e897b1131608cb6c3d0dea

SHA1
9941d8fd1df3f1de211f8d43aef1bdf6284b7993

SHA256
4b910b038ed9dfbed104ea7fdc272cd28e3adab886d8027f85b81b75fa8543e7

SHA512
72b9dba43eaaf01c43994fd985d7293073a7316cc919f4c19f2083dec0238483505b202ad28748adecfe55dff6ddab0a1435a7a803e6220a372f60427378d522

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\doomed\2109

Filesize
14KB

MD5
65a68db6febfe03f11290d64a1d91c48

SHA1
c0cb70a2b1dad3fd540b1ca9a1e9b29040b31309

SHA256
0e3d5e5bdc77596dd92337a847734a653d3d4d62441df79e90902079115369e4

SHA512
7220bde96a4b73d40782e2a0dba63098f41fe2bb46665f6d336650db81f1b501cd4f5730fd7b97bacd687be1a89d0a567a89c206afebe639aaac4f7a9f929182

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\doomed\21725

Filesize
15KB

MD5
a1542e5d7d033c7d64ec20842a3d2607

SHA1
a559518f70bb050c6b327a78b5273500b74ad5fb

SHA256
8b10ea2186aa5f8a0c8a65cc318554350999033ed431a0d3d1be55800dc459cd

SHA512
1d3bb1b01f057ee5ff23e2ff32922930e07371416cb95cbe237fca75b93f0fcacaa3d1711accb66686c70bcf8b8963e48468290e757f498edc7e0c21309bce53

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\doomed\24902

Filesize
8KB

MD5
ebb4f9c8189fad19d6dbe2a49cb208aa

SHA1
2168c494e44a33a7928bdb472e9f8ed31d6553e8

SHA256
0336f1e90ad99f2d3c3e491b95c610289d3e1ffc9918f8d97eff3d379ddf72fe

SHA512
c758b788e78e97885585c5f2b4692b52d8e04c921f2d539fabb4c89e1aeabb14e20ff92fafc75668324f0462521520b0790e668e5413441c3ae4318f1431aa7e

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\doomed\25362

Filesize
9KB

MD5
d424cac33052a576a1eb5621c6403d10

SHA1
0270f29fbbea3af45e22acf44ab713bc55f24369

SHA256
ac91f4abfadbca90191b52405d8ef2365874849f09dfb0ee70cb4de344e1ef2c

SHA512
82e5ea5286a918a5108420e6a499fe5fb771aaeda6a84d66199f47d0bc432cde95c15cadc55ec52e629ee6fd682b7a2989f960082cc6a645039955088eb09759

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\doomed\31982

Filesize
8KB

MD5
85b432b6121c928bbafd9fb05e47820a

SHA1
ace12e3a2956d40ecd38790b39ce9798281579cc

SHA256
a402e6e41509afac5775c51c10399cef998985393158e3f8566159836cbb8841

SHA512
fa682a426cb7e4593bdfdee5b62a1615632bdfb645967caf0195652a16a3076edaafaab1d5c6f8c75e4302fd538d6c95896560405834a93bb302744ca6b2576f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\doomed\6795

Filesize
3.2MB

MD5
91dfc9d15bcd0554e8be23ad4567d158

SHA1
923ced129c36b5f390c4a597dd6b7973427d5916

SHA256
6b51284578bbc5faeb7786394a3567baf671a16ca3f81571822911bd26e5d0a7

SHA512
b310a8f88cc8b14dae8603c595739c15915b7be10c503f0c66751325cdf3bd8dfc47d11137f917e42b3c556c71b04b099933a940010acbc6f268d6222876f0fe

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\doomed\9557

Filesize
9KB

MD5
111bef784f0da1962dfb5d6e1d108d3f

SHA1
2e69b9307ad8873d72abe4494ff083200b4c71a4

SHA256
502bf1782d86d4e2ad5e435c558d02b31dbe8272660e86b1ae0f59160341d331

SHA512
63fc08f2be31a3f0649294a72e0d2245b27a9926ca685dbdb1236c2f334ad78760fd4851d87a766a2ea370995e2fa6f18c7268115fa5e951f2d4b97aadfcf9ca

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\entries\07F4CE42CF726C3C10BC82243B86CD38CE0F7A89

Filesize
1.9MB

MD5
3381a9521b45593cd7ee70c2dcda2b73

SHA1
29367ea92696080fae4da97fdefce61ba7cbbe92

SHA256
6c8b813b10a69b31880598a37050f14164d567a0b3c4141620526c6ea44b5f79

SHA512
fce8f2275187d5e452722441aa72bde5fb81571eee4dc7ed011934fa464b76985b4da8dd9980e5b80088f9a2b21435b9a32646a97bce20cbd99c33bc49bc332a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\entries\08DDF53D36DAB20180B648DD01765C164CB4CA07

Filesize
13.5MB

MD5
5a1a7e2350dbf26deb3b4bf5236ee301

SHA1
d1fb59ca4b99e3810d0d270b53e215d65b238d5d

SHA256
28b5d1a493b0199dbac792e74c64c495f046c5c73d0d9c62e3b5d648d4c3b3ab

SHA512
1360c9e08c4f5d80b7ad264cdf9962bb3222d0db4a517a4170142d03bc925706ef6fcc123b03bc92c88b7a9cedd69636dbdd3f4a975447b510c6032bd18c76bd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\entries\5AF9F09661AF4602F4AEE363F331033C9A1B4E74

Filesize
100KB

MD5
71acef3ca9394fce60254c497b2d8fcc

SHA1
b32e0c0e5f3311fe5bafe95e939f213ce0576e46

SHA256
4673cb2c7de6a2dc66e1b82862a206dbd847a09a433253a3a6d9165f690c608c

SHA512
b86201d9c1ec0f77eafb34b9e1e61fd9adb07ce72d810c6abf504cbf11fd714f47afeb7e8e15c983e20f4f37c4ac059cb6c487f6c14c68d6dd11569170722049

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\entries\677B80A25A006EDCC273545819E7C8B9A97E5201

Filesize
42KB

MD5
7866aceeeaedafc0961015817f0d276a

SHA1
b5a66170c03bf54f9857b6476a636fb5dfdd62e5

SHA256
e3726c8394836e04d0a008e704b5600fd36d0a8d0608271a9ae012cb795eba54

SHA512
097eef1395ac1f6dd2a816374f200f904e919355a3d5282b04a73a2ec9356a4a2030ae5f07882bd0a482e9fc840bd20c2c7e48e7059a13af270030cbd16499a0

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\entries\70DBE5F90BD35EEC6D4A07D16DB46EC38E379124

Filesize
13KB

MD5
3ab56f736f2643cac26746559aabf60e

SHA1
554df70b284613c4181640ac6fa3fef9357bbbf4

SHA256
70d4ea954d88fa69a392e908c270e6335c150241980eb9d52ef0c095c3671677

SHA512
40cb68ff16f7131f5e4108f5d2e94f8d9731c9fdfd801bcf44548b10551045b29e2bf71538cec23cdbcf41b950184ea871a1f457766a3c38db44c7926d7bb974

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\entries\8170308ECFDE75BEB8EF685A30076BA61B6B897E

Filesize
8.3MB

MD5
2ff948d48bb0d8b1d72580cc6d4fb50c

SHA1
aefef185ce4f1c5038ebf5d68c6e83263a16850b

SHA256
0a9696b2f54b12bbabbdd5dde056c97ce4727df95e8d8cc37067c8126219cebc

SHA512
f84e69f1497f640f3d3c7f6e8944939521ae4355c3164c3e53bd4f1f8f4ceaa094d1384082f140795c1a8960dbfa087bb481be792c195f4b15f5067ac3503064

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\entries\88E44992DC0A3442A7D48F39F964287EAA992773

Filesize
12KB

MD5
ac681d99f836c52f83155774607672a6

SHA1
c66c21fd9560f24ff80cf82b2098648fde0ac76c

SHA256
8cbced22eaecd0efaa2dcd766cfd83034df71def1e95c0e201ebebd926152d83

SHA512
9e903588ca391634472ca93baaadd10cd850ddddf0400707b74d37fe39b9f1d21b1f7cae80afe3429e85e3ed5b87f04bf5283666dcf57d99f2cc719f03da27e2

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\vjiou3c0.default-release\cache2\entries\BC859CE1C1438D9A1C27ABD19F4386FD78CC019C

Filesize
11.4MB

MD5
4efe2f92885c7c568895ca3000b608fc

SHA1
d5ce5c52bf7b71e19eb6f2cd570181c0e5c39597

SHA256
c376bc0bac03ccb510aeb8f48a182770833a2d6207fe6ca40ff47a886223d741

SHA512
365332627ffaedbc3dc114c02b03fcbd81fea507c87cfe52465a645a62caa112c117337a45da42f4b52137e36a609f63529790a12eb2ccd04b665d9124c3a695

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

Filesize
11.8MB

MD5
33bf7b0439480effb9fb212efce87b13

SHA1
cee50f2745edc6dc291887b6075ca64d716f495a

SHA256
8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

SHA512
d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\prefs-1.js

Filesize
6KB

MD5
8347a53485218f317626ee9a2b68ac31

SHA1
59e320e1824e599bf0d8d4e70e2df4fd4dd65a40

SHA256
dff0d7076ffe3ffba84637b664a9b0f677de79037b0d1c42b98eaddf7824afea

SHA512
ee1912e26044c269ae1b0a1dedb52e38f09d55d51307145640944b4ddc93d4ba5d261f9f85d18d4a471b43460c4cc3f75a7b64f9fefe03ce5371ae9eabd0cfac

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\prefs-1.js

Filesize
7KB

MD5
ecc66d3e8756b809dd4a416d58de6873

SHA1
20e3c5db89ee727f776a19b9502f9ab48f13a10c

SHA256
be427af8559e1aa9a039e0ab521e4c5efc60a95860cb302de0418218a98c5733

SHA512
4793e82698b6dcb40e93feb922bd553670ac279ddc45b3abfc2802881636c10885ac3bec6439f3a2d9464293ed4f9069da108eba5c7223223881a03c76c90ed2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\prefs-1.js

Filesize
8KB

MD5
e8c49a382389b451607034c1af4fed35

SHA1
4d0ac5587006a5923ac5035c0a6e2092af084bc5

SHA256
3eecb6c37b5abe1d424aefacb3fbda3c22cdc7be53129c6927874c76ba179560

SHA512
b0dcd241367547b23807ac28d43765e884aef17000103fde7b6a3aeb5098b9da33a03cb20c92a576104c9229fdd23586866fe3d6d22788b9e3518396e3094050

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\prefs.js

Filesize
6KB

MD5
643fc48f9a3c72b0d1ac4e38fd321db5

SHA1
9c39e59044808769be3f97e56ee3adfb74765438

SHA256
b48b2bcfb007370530cc9989ab841be129c464ee484d5009a7abbea2ac053280

SHA512
e08268ab5b35ae2bc954997bf3dc0b0ebc6369c1cd24c8a203c14b7d41e458135a8a1ca4315d820a55438d24ec68b36c3ed5cf3eac072cea005f3e6218691ff7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\prefs.js

Filesize
7KB

MD5
ba70e3641de6749e27c76767afe504ce

SHA1
6ebd62ed1642c5031f480b81d69641abf061d445

SHA256
67cd73c4689c052a6327fa83644e767b241dda1995bb807b472073f325ef9774

SHA512
8d27e4662d2768045995213b3da67a4f1dd41a42b17a53a7b62b2f3f27a7d35c6e641eeaf74fc852f63ef14afbf12ad836a0e68d77849a31b9728c996715b572

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
0458d667e5ad903efaac9c31e5c9bf0c

SHA1
81053963c3d54adc3e782806151d649bbb38dd48

SHA256
58df1528cfbf7826d57f312ec2264321d7d8793bafd752093af5a731189b5259

SHA512
8d900ddc43b60960daa842e3c99958f0e55722d04f844279a4fb764d9c5900778594181f246dfea7a32f76f00e2c94b0aebd025fb9ae186e50fa953ca4a06022

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
4KB

MD5
42bd6ec3e01997afb0db94c9662545f7

SHA1
bf322952d57f597433f59913b9ac3de4734d7825

SHA256
e389040eb1ae347b7e6c86a155ff82042ac7872932508b7cf4c3f34ea00f870a

SHA512
e6a73e17673a6a315d0948cda64537e3ee926e565b7aa8ba41d90bb3e67be6d25cdf4bd983f33c0388243ee9e3933c4db119cd14b56b166e49463116c4fd1b0c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
c3e297bc04ead3414db7ffc7bb15da1a

SHA1
593780d2b6508dc2185b098dfa269b7ec9129c3e

SHA256
85bdf3625c72d796098706127eaed02261cace9d8d3ca6278adb4e682eec9a07

SHA512
58ffa38d33f6362c52c767f13bb89de4971d1a4a6990eb60888fd114df8031dd4b3e514bdac06646838448b5a7205917089cdfe6980d5b95f5ada9d8035ecb6b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
4KB

MD5
dc16b3276fdb193bfd37d1417ada9394

SHA1
33b85e6adfb78c2bf9634ac4134e69da750271f0

SHA256
26825a449ad0a2dcd221b50b30b5b0948a5e5465104158d1b4eb48d057e0e84a

SHA512
c0612497a23953999061aac4a75cece2b6afa580ead2bd40b3eedcf41cfc65c9582b78e4b610f59ec2fcae2ce7ba0be134793f5cc057c9ee079753632677aba2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
d6895b5deaa2cef239da7ae99dc7474b

SHA1
635aed2e2494879b0986dee9a0be89260c8a6090

SHA256
df8f49c14070a7f65784bd93466b35bc417087ac7a57077f85c9a9c6f0340e5d

SHA512
2d4fc42f4d98605ddb67957d19cc6d663ecb03114cecee2c67c3a9b000efa0e3769c20a0fa97f0a345be044b67d0bf8ecfb3f1228828df2dd5d3ab9f36b97c0b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
4KB

MD5
f1df923912c6f95e4bfcca198172c2a7

SHA1
dee5ca346e037e6f8b6c2aced7342b8566211309

SHA256
50c7bbbf82c86605aab20671920f7528a15cee6c5060870de6514cc97b8eae97

SHA512
4e8fd1fd9ca9c00eb40fd9d95be3fb4bb4487b1ed095d855d3e23d5f37208e42aa944deb1e18b37d7f8729a4f102b28ce7cc3bae6a01583da1d019823264b16a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
4KB

MD5
e5c78a284bed7892f837f58b360eee2f

SHA1
b1a8c50bf746f888403b66f8529a46c42df2b776

SHA256
c275630f6d8dfa1f6e482459a237d36edac8e7e042e5a05f6cf2fa1e94dbb6fe

SHA512
e2b10504d74043b6bd4f91cd01af347bebf734510378009a3173efe7ada6ea848d5d1c8f1f306028a9e2d240e72b82b79bb4b45ad9ba1b16185fb9feff0f9265

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vjiou3c0.default-release\sessionstore.jsonlz4

Filesize
4KB

MD5
e9f77e6c5c610247392b11aa69484230

SHA1
b2891c19ef093bc6146d254408ce96c89f3180b7

SHA256
a7f3d8c6bbcdecc6a7de6fea4b0947235a6db3df90c846c7238b28ed1c265628

SHA512
450e092b5c003cf63f5f76acdda636659a0e9fa7602fb92a81d067f11647cfbdf8edbee58023ef56b7a77b4d2bb52b12623fb963c1ed95103bdf0bdf3358acf7

Download Submit
memory/2128-134-0x0000018B2D1E0000-0x0000018B2D1E1000-memory.dmp

Filesize
4KB

Download
memory/2128-133-0x0000018B2D1E0000-0x0000018B2D1E1000-memory.dmp

Filesize
4KB

Download
memory/2128-135-0x0000018B2D1E0000-0x0000018B2D1E1000-memory.dmp

Filesize
4KB

Download
memory/2128-139-0x0000018B2D1E0000-0x0000018B2D1E1000-memory.dmp

Filesize
4KB

Download
memory/2128-140-0x0000018B2D1E0000-0x0000018B2D1E1000-memory.dmp

Filesize
4KB

Download
memory/2128-141-0x0000018B2D1E0000-0x0000018B2D1E1000-memory.dmp

Filesize
4KB

Download
memory/2128-143-0x0000018B2D1E0000-0x0000018B2D1E1000-memory.dmp

Filesize
4KB

Download
memory/2128-142-0x0000018B2D1E0000-0x0000018B2D1E1000-memory.dmp

Filesize
4KB

Download
memory/2128-145-0x0000018B2D1E0000-0x0000018B2D1E1000-memory.dmp

Filesize
4KB

Download
memory/2128-144-0x0000018B2D1E0000-0x0000018B2D1E1000-memory.dmp

Filesize
4KB

Download