a3c5ffe7c688257408343f3206d823e672880073fa628ecd77023556f1150a43

Analysis

max time kernel
148s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
23/08/2023, 16:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

OvixLauncher.exe
Size

1.1MB
MD5

5f833f28004bb992916ce717bed99d47
SHA1

b1f76e3eb1823b7177ad1f1c88d09e2527cdca06
SHA256

a3c5ffe7c688257408343f3206d823e672880073fa628ecd77023556f1150a43
SHA512

9d0a142777670a3d32dc4bb31b62a06871d98bd9651d2db18d5ed8bddc6944a346bf256b9ba1bafc6401e3279332fb4722d7a78dff011b2c6fea1ff3f8ac2eb6
SSDEEP

24576:VjhzKwWqEvaxgV5i5CYvHIjLZqrIqTrMP7/2A32rM2nnA0cDxyjgaIm:VjhzGNesYAHZq8ErMD/iMCnP

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
1020	OvixLauncher.exe
3812	OvixLauncher.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings	firefox.exe

NTFS ADS 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\Downloads\OvixLauncher.exe:Zone.Identifier	firefox.exe

Suspicious use of AdjustPrivilegeToken 7 IoCs

description	pid	Process
Token: SeDebugPrivilege	3596	firefox.exe
Token: SeDebugPrivilege	3596	firefox.exe
Token: 33	4900	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4900	AUDIODG.EXE
Token: SeDebugPrivilege	3596	firefox.exe
Token: SeDebugPrivilege	3596	firefox.exe
Token: SeDebugPrivilege	3596	firefox.exe

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe

Suspicious use of SetWindowsHookEx 13 IoCs

pid	Process
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe
3596	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4564 wrote to memory of 3596	4564	firefox.exe	95
PID 4564 wrote to memory of 3596	4564	firefox.exe	95
PID 4564 wrote to memory of 3596	4564	firefox.exe	95
PID 4564 wrote to memory of 3596	4564	firefox.exe	95
PID 4564 wrote to memory of 3596	4564	firefox.exe	95
PID 4564 wrote to memory of 3596	4564	firefox.exe	95
PID 4564 wrote to memory of 3596	4564	firefox.exe	95
PID 4564 wrote to memory of 3596	4564	firefox.exe	95
PID 4564 wrote to memory of 3596	4564	firefox.exe	95
PID 4564 wrote to memory of 3596	4564	firefox.exe	95
PID 4564 wrote to memory of 3596	4564	firefox.exe	95
PID 3596 wrote to memory of 4772	3596	firefox.exe	96
PID 3596 wrote to memory of 4772	3596	firefox.exe	96
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 4684	3596	firefox.exe	97
PID 3596 wrote to memory of 2256	3596	firefox.exe	98
PID 3596 wrote to memory of 2256	3596	firefox.exe	98
PID 3596 wrote to memory of 2256	3596	firefox.exe	98

C:\Users\Admin\AppData\Local\Temp\OvixLauncher.exe
"C:\Users\Admin\AppData\Local\Temp\OvixLauncher.exe"
1⤵
PID:3888

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4168

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4564
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Modifies registry class
  - NTFS ADS
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:3596
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3596.0.386822167\869326080" -parentBuildID 20221007134813 -prefsHandle 1884 -prefMapHandle 1876 -prefsLen 20860 -prefMapSize 232645 -appDir "C:\Program Files\Mozilla Firefox\browser" - {64402d2a-2e5a-462f-a42f-4b7431ce4ad5} 3596 "\\.\pipe\gecko-crash-server-pipe.3596" 1964 20693cd7458 gpu
    3⤵
    PID:4772
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3596.1.326574568\1271794658" -parentBuildID 20221007134813 -prefsHandle 2352 -prefMapHandle 2340 -prefsLen 20896 -prefMapSize 232645 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {34268e47-87b5-4932-8de2-e61ac1f166f7} 3596 "\\.\pipe\gecko-crash-server-pipe.3596" 2364 20687272558 socket
    3⤵
    PID:4684
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3596.2.1093781483\2050222335" -childID 1 -isForBrowser -prefsHandle 3348 -prefMapHandle 3344 -prefsLen 20999 -prefMapSize 232645 -jsInitHandle 1436 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {56622074-7a84-477c-bd51-9788b58a17c6} 3596 "\\.\pipe\gecko-crash-server-pipe.3596" 3360 20697dde458 tab
    3⤵
    PID:2256
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3596.3.54763172\2107701018" -childID 2 -isForBrowser -prefsHandle 3256 -prefMapHandle 3216 -prefsLen 26359 -prefMapSize 232645 -jsInitHandle 1436 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {991f3f4d-2e59-48a5-a7b7-85e3389d21af} 3596 "\\.\pipe\gecko-crash-server-pipe.3596" 3684 20687269058 tab
    3⤵
    PID:4600
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3596.4.999353314\677210680" -childID 3 -isForBrowser -prefsHandle 3996 -prefMapHandle 3992 -prefsLen 26359 -prefMapSize 232645 -jsInitHandle 1436 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2b6f6be0-2d4e-4f95-b4fb-3b26ed5a3dc1} 3596 "\\.\pipe\gecko-crash-server-pipe.3596" 4008 206963c6458 tab
    3⤵
    PID:2864
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3596.6.2071376889\1937618351" -childID 5 -isForBrowser -prefsHandle 5172 -prefMapHandle 5168 -prefsLen 26418 -prefMapSize 232645 -jsInitHandle 1436 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5f77b643-0adb-460f-b564-31806e0a6567} 3596 "\\.\pipe\gecko-crash-server-pipe.3596" 5176 2069a1c7858 tab
    3⤵
    PID:1904
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3596.5.611440910\1548428835" -childID 4 -isForBrowser -prefsHandle 5160 -prefMapHandle 5156 -prefsLen 26418 -prefMapSize 232645 -jsInitHandle 1436 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3b7ca846-ff1c-4bc6-8794-c695c71e0ae4} 3596 "\\.\pipe\gecko-crash-server-pipe.3596" 5140 2069a1c7e58 tab
    3⤵
    PID:3360
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3596.7.2104533383\721237754" -childID 6 -isForBrowser -prefsHandle 5508 -prefMapHandle 5512 -prefsLen 26418 -prefMapSize 232645 -jsInitHandle 1436 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dcfcd75a-1191-4f2a-b17f-e98b4b480fb6} 3596 "\\.\pipe\gecko-crash-server-pipe.3596" 5460 2069a1c7558 tab
    3⤵
    PID:2588
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3596.8.524723248\1077730573" -childID 7 -isForBrowser -prefsHandle 5840 -prefMapHandle 5836 -prefsLen 26418 -prefMapSize 232645 -jsInitHandle 1436 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9a4bc1b0-873c-4a1d-b0c3-cf38b935fb02} 3596 "\\.\pipe\gecko-crash-server-pipe.3596" 5668 2068725f558 tab
    3⤵
    PID:3208
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3596.9.303952613\1264026175" -childID 8 -isForBrowser -prefsHandle 4156 -prefMapHandle 4152 -prefsLen 26593 -prefMapSize 232645 -jsInitHandle 1436 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aaccfee4-db77-4223-a7ec-0ae0a6ebdfbb} 3596 "\\.\pipe\gecko-crash-server-pipe.3596" 4240 20687267258 tab
    3⤵
    PID:944
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3596.10.1330186764\256375129" -childID 9 -isForBrowser -prefsHandle 5300 -prefMapHandle 5412 -prefsLen 26593 -prefMapSize 232645 -jsInitHandle 1436 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0fa4eacd-f339-4184-803d-3cd169966219} 3596 "\\.\pipe\gecko-crash-server-pipe.3596" 5208 2069ada7058 tab
    3⤵
    PID:3764
- - C:\Users\Admin\Downloads\OvixLauncher.exe
    "C:\Users\Admin\Downloads\OvixLauncher.exe"
    3⤵
    - Executes dropped EXE
    PID:1020
- - C:\Users\Admin\Downloads\OvixLauncher.exe
    "C:\Users\Admin\Downloads\OvixLauncher.exe"
    3⤵
    - Executes dropped EXE
    PID:3812

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x50c 0x3fc
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4900

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\46be7tph.default-release\activity-stream.discovery_stream.json.tmp

Filesize
22KB

MD5
9937deeb65f96e9c00dbc6dfbe88338d

SHA1
8a02530c238ebc4e52336e23e73a9a776b4154e2

SHA256
9496bcda5e2c3fbc34bec9c3ecb7d035460383efe21381bb532fedaa19d3813c

SHA512
ad39a5cf21bdf7daf4c0039fb5714dcde5e3002b571a62f1a48735b650c382598a3b51532206f98421b74b11c0e5558041cca687e650c77e56e8ff2de2ca4cb8

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\46be7tph.default-release\cache2\entries\48A7596212DCD08263B59AA5D806B70393378110

Filesize
132KB

MD5
a744d92c9256d73d13e24069cefd67a6

SHA1
c37b4eac2a1fc41f65c7709c22fe8f42347d6ae4

SHA256
3aba18c6c2eb8b316a3dade3ca1409b45481506581895665e67cc4f5b6a263d2

SHA512
b4902da3074b0c0107598bc0bd6eb6f38ce5cec510b6da589f9672310b4c7a7ca58197e5eb9f025e3732cb7768445afadc4fafd1815f4973fd9fad8a397e2e45

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\46be7tph.default-release\cache2\entries\70DBE5F90BD35EEC6D4A07D16DB46EC38E379124

Filesize
13KB

MD5
8e4c33954302133393a0293844a6de12

SHA1
3cd01c562e101064ffe1a51cf2a1073ab90fb793

SHA256
361adbf3d420bbb84141f383c8e88626a63c1a2befc48f14c26e93cb93d4e91c

SHA512
9cd486ca20bdf6161134e47a1f45f780a639a61a2291ffd341beec626ca3831f1054d76edb878f64f2ac4edb6a426cc87690a2f5a25debe70ceb52f347e73422

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\46be7tph.default-release\cache2\entries\FCC030F57940296B4C989D2C74BA07DCC70A995E

Filesize
13KB

MD5
799761b0bbfe99553f488dd373af976a

SHA1
6e3dc08011b4f8d24f56920c5571342c1be17fe2

SHA256
602b88c85c4dfbf945802d6e97a9d6156e52735ad146bf1bc11dfe57714911df

SHA512
ba3be740f41f3245a7c30d8f321c5ad5fa4f67c665935c24bd58359d5dada5745090c244e3be00a8046455057fbe4e4fba8fbbb141b69157b0d2ae5131d278eb

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

Filesize
11.8MB

MD5
33bf7b0439480effb9fb212efce87b13

SHA1
cee50f2745edc6dc291887b6075ca64d716f495a

SHA256
8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

SHA512
d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\prefs-1.js

Filesize
8KB

MD5
8e84a6927af06fbeabb0b0a7e11c1e38

SHA1
3047650c315a3a1d68601b4bfe02c0988fe9239e

SHA256
0c0449133d5f7be7e7eaa58e0fd34f3cb24acb9dc9620f133faa47cf5d38c11e

SHA512
dd5e0762e2815d19416551ac1de2dfe6ef403c7a7074803ea24b51c56955ce28048c18873d32fe8a28beed4dfcd397f7febec272bbfb93b4981b1f2a36a3dcf8

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\prefs-1.js

Filesize
6KB

MD5
6cc5fc3f157f3eb41d5ef3688f630e3f

SHA1
e2b5f194b18ffd58791254e5f6c2c7a56d029e65

SHA256
dfb51a185bdc76d6889cd30a7d3a0229aa2ddb89dad75035ad0be73a506d82fc

SHA512
bb180ad937a26d034e6254538ac9694804f243daf47348a6a09a989024179773531c3388e5eb8e92315ef0fcee80b2f1ee46ca2cdfbf5a7ac9af2f4ce5a07f5e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\prefs.js

Filesize
6KB

MD5
6b9509e02e1d45bc23ab60e7a747ab78

SHA1
aa3c66c26184a580c413371626f7dda6749fcacf

SHA256
270d612c581c251da31678f1cb1711976e50fbe101be6b16bae53b6be03cf316

SHA512
92516e108237d4a6873ac885d391c49ab80a2bf14e38ef9d6ab6bf58983d195e25fcde3b7fcd2d7bab1c2a22a9a90a3e204129a66b97df185219e2a529d14e8a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\prefs.js

Filesize
6KB

MD5
f3e317d9cc1f5daaff65cfa220236bbd

SHA1
6b9ab40436127eed812d065a82858356e5e5a4d1

SHA256
3d1ec8f6d581080d9394faa6724bc5b030ad9f62f70f58a15c37f41a73223f5f

SHA512
082706af0f0a84ad6668173ac037c4cdcea7d054a1b3fc9d9444de66b02f6dad999ae9e407e232d976c144623344c45c044acc2430760fd4e08052cf16a53335

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
169KB

MD5
9b08188a7f22425f245b785c3d8da9ba

SHA1
decb5c5032878b1079e604f5237176316af3c562

SHA256
163daa846dc6b7cb6b5607a44892c89d8c995fbbb2ac4238024fa078d00f262d

SHA512
f7b4d2efbe040163f64268488737392ff874b9afc218332867c6a9c4499591459b95cf12deb65c21b0dfe07974ccc496380da1051c44563abe6f7dc997d6bbb8

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
169KB

MD5
aa46e6d87010afed49090bf1e2c86bc6

SHA1
7ba4971b73e3db59d0ee0a6e9089a9ad5f9f7185

SHA256
f455e480775a88dc48115e2c58b4ddcf78e0c6cf65e7d20d1adf330b2d27e1b6

SHA512
61cd6aa27f84291b299d8c97b655ba84e8fced831a89fa31a1e64136e263e02886fb0ff7ce4104f16ae4ad4c227809640458fca2db4368a96e913ef6b4c1ff17

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
166KB

MD5
fe1c9204655f2042a893c838f5ee5a3f

SHA1
ffe73db4b4f6a1fab332c393c181c5088171c79b

SHA256
64e8c44c4ba4ac8fc58356c0b5637c6333740f59c84e44adb2c2dcbe1c8a66d6

SHA512
78cdf1b3343571fa28562e4a03989c16987d00a556d1398fce69f9427cbbf33ea9c4040d2a0d0f0b0ece13490931f00615ba21aa55bc16d4ed06bedf3c33567a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
baee967e1657059345c73f243bec45ff

SHA1
1e6b42f168b719a695fda467974dfef5842a72ba

SHA256
98ca421a37c6d6590741ce9f4c931169c2e3f7f9fe741fb366e39b43dffd0e63

SHA512
85d58acebbe5b2b1ea9cf5a785300f81b0c136e247f4009ca906e9d11df5a1eecf019b3ab4a1faa8f044204a598bdd3551f795101fe042fa2e606b7667ae38c1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\46be7tph.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
169KB

MD5
b59fd043e080e4387dc970d64e31d7e9

SHA1
1ab24dc9d287729d6e9be6a1cdad542fecfe3126

SHA256
3b3d7c0d870f37c5ccf212ef740d7b3d0406d8bc368c5cbb864b0ae2c29fa1d9

SHA512
bec2f1f0e9a3a531377a8248c6f264301fe717195490ab7b51128a8865f855441271fe02ae9d3b5598c3e2a1f637d4ba9a4495eb4226da853b1b041cafb50ffc

Download Submit
C:\Users\Admin\Downloads\OvixLauncher.7GWz0dRi.exe.part

Filesize
1.1MB

MD5
5f833f28004bb992916ce717bed99d47

SHA1
b1f76e3eb1823b7177ad1f1c88d09e2527cdca06

SHA256
a3c5ffe7c688257408343f3206d823e672880073fa628ecd77023556f1150a43

SHA512
9d0a142777670a3d32dc4bb31b62a06871d98bd9651d2db18d5ed8bddc6944a346bf256b9ba1bafc6401e3279332fb4722d7a78dff011b2c6fea1ff3f8ac2eb6

Download Submit
C:\Users\Admin\Downloads\OvixLauncher.exe

Filesize
1.1MB

MD5
5f833f28004bb992916ce717bed99d47

SHA1
b1f76e3eb1823b7177ad1f1c88d09e2527cdca06

SHA256
a3c5ffe7c688257408343f3206d823e672880073fa628ecd77023556f1150a43

SHA512
9d0a142777670a3d32dc4bb31b62a06871d98bd9651d2db18d5ed8bddc6944a346bf256b9ba1bafc6401e3279332fb4722d7a78dff011b2c6fea1ff3f8ac2eb6

Download Submit
C:\Users\Admin\Downloads\OvixLauncher.exe

Filesize
1.1MB

MD5
5f833f28004bb992916ce717bed99d47

SHA1
b1f76e3eb1823b7177ad1f1c88d09e2527cdca06

SHA256
a3c5ffe7c688257408343f3206d823e672880073fa628ecd77023556f1150a43

SHA512
9d0a142777670a3d32dc4bb31b62a06871d98bd9651d2db18d5ed8bddc6944a346bf256b9ba1bafc6401e3279332fb4722d7a78dff011b2c6fea1ff3f8ac2eb6

Download Submit
C:\Users\Admin\Downloads\OvixLauncher.exe

Filesize
1.1MB

MD5
5f833f28004bb992916ce717bed99d47

SHA1
b1f76e3eb1823b7177ad1f1c88d09e2527cdca06

SHA256
a3c5ffe7c688257408343f3206d823e672880073fa628ecd77023556f1150a43

SHA512
9d0a142777670a3d32dc4bb31b62a06871d98bd9651d2db18d5ed8bddc6944a346bf256b9ba1bafc6401e3279332fb4722d7a78dff011b2c6fea1ff3f8ac2eb6

Download Submit