hxxps://flarefiles[.]com/vikings-war-of-clans-mod-apk-unlimited-gold-boosts/

Analysis

max time kernel
264s
max time network
269s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
27-08-2023 13:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://flarefiles.com/vikings-war-of-clans-mod-apk-unlimited-gold-boosts/

Score

1^/10

Malware Config

Signatures

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\Local Settings	firefox.exe

NTFS ADS 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\Downloads\Vikings War of Clans MOD_Updated.apk:Zone.Identifier	firefox.exe

Suspicious use of AdjustPrivilegeToken 7 IoCs

description	pid	Process
Token: SeDebugPrivilege	1352	firefox.exe
Token: SeDebugPrivilege	1352	firefox.exe
Token: SeDebugPrivilege	1352	firefox.exe
Token: SeDebugPrivilege	1352	firefox.exe
Token: SeDebugPrivilege	1352	firefox.exe
Token: SeDebugPrivilege	1352	firefox.exe
Token: SeDebugPrivilege	1352	firefox.exe

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
1352	firefox.exe
1352	firefox.exe
1352	firefox.exe
1352	firefox.exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
1352	firefox.exe
1352	firefox.exe
1352	firefox.exe

Suspicious use of SetWindowsHookEx 7 IoCs

pid	Process
1352	firefox.exe
1352	firefox.exe
1352	firefox.exe
1352	firefox.exe
1352	firefox.exe
1352	firefox.exe
1352	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2916 wrote to memory of 1352	2916	firefox.exe	40
PID 2916 wrote to memory of 1352	2916	firefox.exe	40
PID 2916 wrote to memory of 1352	2916	firefox.exe	40
PID 2916 wrote to memory of 1352	2916	firefox.exe	40
PID 2916 wrote to memory of 1352	2916	firefox.exe	40
PID 2916 wrote to memory of 1352	2916	firefox.exe	40
PID 2916 wrote to memory of 1352	2916	firefox.exe	40
PID 2916 wrote to memory of 1352	2916	firefox.exe	40
PID 2916 wrote to memory of 1352	2916	firefox.exe	40
PID 2916 wrote to memory of 1352	2916	firefox.exe	40
PID 2916 wrote to memory of 1352	2916	firefox.exe	40
PID 1352 wrote to memory of 3644	1352	firefox.exe	82
PID 1352 wrote to memory of 3644	1352	firefox.exe	82
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 3840	1352	firefox.exe	83
PID 1352 wrote to memory of 4748	1352	firefox.exe	84
PID 1352 wrote to memory of 4748	1352	firefox.exe	84
PID 1352 wrote to memory of 4748	1352	firefox.exe	84

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://flarefiles.com/vikings-war-of-clans-mod-apk-unlimited-gold-boosts/"
1⤵
- Suspicious use of WriteProcessMemory
PID:2916
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://flarefiles.com/vikings-war-of-clans-mod-apk-unlimited-gold-boosts/
  2⤵
  - Modifies registry class
  - NTFS ADS
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:1352
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.0.518126513\1414094544" -parentBuildID 20221007134813 -prefsHandle 1908 -prefMapHandle 1888 -prefsLen 20938 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8c34ae18-8d3b-413b-a639-404b06a3d1f8} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 1992 192cf0cfe58 gpu
    3⤵
    PID:3644
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.1.1803551491\298079968" -parentBuildID 20221007134813 -prefsHandle 2380 -prefMapHandle 2376 -prefsLen 21754 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {85b3b787-11c2-4b17-9f23-aac325796138} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 2416 192bb570258 socket
    3⤵
    PID:3840
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.2.1397087051\42535187" -childID 1 -isForBrowser -prefsHandle 3112 -prefMapHandle 3032 -prefsLen 21857 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {05e5ea3f-da00-4857-a087-881afe4ec335} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 3012 192d32ee958 tab
    3⤵
    PID:4748
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.3.298301893\1577967795" -childID 2 -isForBrowser -prefsHandle 3660 -prefMapHandle 3656 -prefsLen 26437 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {102c5d18-8697-4551-9f04-f5854e9d26d3} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 3668 192d41ee558 tab
    3⤵
    PID:1536
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.4.631269957\753906715" -childID 3 -isForBrowser -prefsHandle 4980 -prefMapHandle 4976 -prefsLen 26496 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c2747f5e-e4ec-4e1e-9e31-948d39ade5a4} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 4912 192d33f7958 tab
    3⤵
    PID:4548
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.6.1491425508\200872719" -childID 5 -isForBrowser -prefsHandle 5336 -prefMapHandle 5112 -prefsLen 26496 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {987a04f7-418f-45e2-b6ac-9fb207758edb} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 5324 192d5cda758 tab
    3⤵
    PID:2112
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.5.1884630245\1347677483" -childID 4 -isForBrowser -prefsHandle 5132 -prefMapHandle 5136 -prefsLen 26496 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {406f88ba-2983-4fca-83f1-e2fbfdafca0f} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 5124 192d5cdb358 tab
    3⤵
    PID:800
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.9.936110069\561619453" -childID 8 -isForBrowser -prefsHandle 6116 -prefMapHandle 6120 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6c0e8e1e-2671-44e6-a450-9c643abbb7e4} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 6104 192d7318258 tab
    3⤵
    PID:3692
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.8.1612935021\1485915025" -childID 7 -isForBrowser -prefsHandle 5924 -prefMapHandle 5928 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {86a19a34-fabb-40f4-a4d4-0adbf9b9fc2e} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 5916 192d7315b58 tab
    3⤵
    PID:4388
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.7.2048460425\1018240764" -childID 6 -isForBrowser -prefsHandle 5792 -prefMapHandle 5840 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1a5aec20-af40-4658-8abc-4edda27d7781} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 5400 192d67b8f58 tab
    3⤵
    PID:956
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.10.856031075\2028640728" -parentBuildID 20221007134813 -prefsHandle 5004 -prefMapHandle 5012 -prefsLen 26577 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {707cd793-bfd4-4e0d-9853-bd6d07ca8bf7} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 5100 192d5cda458 rdd
    3⤵
    PID:916
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.12.530265364\2066601789" -childID 10 -isForBrowser -prefsHandle 6704 -prefMapHandle 6708 -prefsLen 26752 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc3d636e-95f1-4520-89d9-80fd1ca80acd} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 6696 192d7b3ef58 tab
    3⤵
    PID:4016
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.11.1036878940\2144195434" -childID 9 -isForBrowser -prefsHandle 6564 -prefMapHandle 6560 -prefsLen 26752 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {20a3a1b2-1758-4283-89bc-692f4461f1fd} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 6572 192d7648858 tab
    3⤵
    PID:3352
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.13.1546531179\57575093" -childID 11 -isForBrowser -prefsHandle 5740 -prefMapHandle 5852 -prefsLen 27017 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {847e4a6d-c99f-4a81-aed0-82a278668df1} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 5668 192d415bb58 tab
    3⤵
    PID:5604
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.14.527176895\1501653594" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 3176 -prefMapHandle 3960 -prefsLen 27017 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {83bbdaea-ecd0-44ac-b843-e5977493cccb} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 2820 192d7568258 utility
    3⤵
    PID:6096
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.15.77678219\1292280747" -childID 12 -isForBrowser -prefsHandle 6356 -prefMapHandle 3176 -prefsLen 27017 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8fb97b48-eb35-4f84-bd0a-14de4e730b32} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 5828 192d756af58 tab
    3⤵
    PID:6136
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.16.1029107915\454173248" -childID 13 -isForBrowser -prefsHandle 6684 -prefMapHandle 6688 -prefsLen 27153 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a6f0e827-d650-4391-a375-a385920efa99} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 6864 192d6065d58 tab
    3⤵
    PID:5976
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.17.1446900604\811535441" -childID 14 -isForBrowser -prefsHandle 6696 -prefMapHandle 6824 -prefsLen 27153 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {567aa392-b22e-4597-b215-6cc8b1223fee} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 6700 192d62bc058 tab
    3⤵
    PID:1312
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.19.1838513088\1279870307" -childID 16 -isForBrowser -prefsHandle 11152 -prefMapHandle 11156 -prefsLen 27153 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b8dcbec8-d9ee-4e36-b611-4feea0abae23} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 11144 192d6705358 tab
    3⤵
    PID:1088
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1352.18.29054417\1705153630" -childID 15 -isForBrowser -prefsHandle 10996 -prefMapHandle 11000 -prefsLen 27153 -prefMapSize 232675 -jsInitHandle 1208 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1059c675-c2ac-4007-939b-272fb304270f} 1352 "\\.\pipe\gecko-crash-server-pipe.1352" 6924 192d6704158 tab
    3⤵
    PID:2924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hw21aoqh.default-release\activity-stream.discovery_stream.json.tmp

Filesize
22KB

MD5
cfb6ef73cbf65559be322e996aad5413

SHA1
5a59237cfde4d89162344e4cfaa2bca4775a7152

SHA256
9d3c691eb7e4584a5c13bf2097b2c9891649487ae7223fd20b4a8046e2f24ccf

SHA512
cd025d0a56328bef1982f5036b659fe3aaf79349714f04668f5dfd52e42808cd391f7e45eb5933a8e27f2d8b2a3f3bb3e20e70a2963be702915befced0c58aea

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hw21aoqh.default-release\cache2\doomed\14269

Filesize
20KB

MD5
af9695c63298a3fc7315c7669c70e045

SHA1
b187d414ec9ae245becafe4c534ceaf2c2799d42

SHA256
e032d9e00e5e9426cd010924c0566167dc2808c71d1286e1082bc29f056eb960

SHA512
c05cd39fdc433e7cde9bf8fb38ccb0d1a4e2f13885e54f14f3ee2ac74793d2729377ac93f9e063333afecfe9fc89048d898c16a8ed1bc99dd084260b56ed416f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hw21aoqh.default-release\cache2\doomed\1452

Filesize
20KB

MD5
bf9282e2659fd0f1b698809777ec66aa

SHA1
e38cbc0330d8c8260352b971ec89bfe30e9861e5

SHA256
5410e9ff5eeb6584581cf049df824d51113b7dba08444be2a81f2622f3e92004

SHA512
8153d90cc814073d1be5c0e7a80359762de2403dd59383f7195d867dc33be9a197c58cc9478223f70d8a934e369c2d1285fd54c99922451895937e44da557b4c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hw21aoqh.default-release\cache2\doomed\26757

Filesize
8KB

MD5
f9d0bcdbb570709c0a5bf096fd6954b1

SHA1
3082fa3c4d4b6cab82d8cec69014392f91614b0f

SHA256
e4155af2f0ac8d15d7a14b1df3dfe25f896bd257d7eca770fc0428ca1e803ee8

SHA512
cfb6dcc234d7c96f8422f6e3b4365c7b918387f50ac3e26c4b768da79a1be0cbab871e381b5990c041be94af2716d00c3376f4bbe5ef7026e305dc12d26136a7

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hw21aoqh.default-release\cache2\doomed\3390

Filesize
6KB

MD5
d12c46a74d00c8854a3373fd39ac522b

SHA1
519657000d3b59d939c261a0d10bde7caf3261e8

SHA256
db5f5176dd07934629cb9b13e9e106579fcbd2d531fadc364c34568429217134

SHA512
ffc31dfa554076c45c8318401bb5e61c3540cab00270f131a579405c3d1568b77ac6fcc3a6c320caa7980720bb673837c80526470a5214c0819524166e4514a5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hw21aoqh.default-release\cache2\entries\03B7F5085177FE2A00B5674333A34AF12F28CE17

Filesize
1.4MB

MD5
89ac7966124ac73cf32d94eda504ef5f

SHA1
b1578bd14fbd4259ad0d41bd5846c3bbca041585

SHA256
d20e3a0218d5e686a70e29841043c927758d946eefe912d7545d90a29297b904

SHA512
dca8235939176cb9d6d45bba4c4630e250c6b3853cebe9cf848a539e39fa44447d03199588a67aa771a6bc143fd30b74e744760ed1a6fbf5132d342424566117

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hw21aoqh.default-release\cache2\entries\1DDDF7E82D9EB56EE1994A2CB843F7E865645399

Filesize
252KB

MD5
8ba468521645058e140a15c548c22f32

SHA1
43c6f4511a18c3a4d1b2bbbb8e44f566be60d204

SHA256
7cdf80992308daf8c75e14559a3e2f93c5237d4757e33b9ab587d753252e9c43

SHA512
63baebbde83a2414c2dcbcbb01785415ef24e47f6d63853851ea5080e890d895bf9fd8cc64858d6e26cb6d0a4d85f621108df3b38600fa7c474ba88d14c98ee6

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hw21aoqh.default-release\cache2\entries\3ED7A1E261D86105EAA0CDBE4158D510CA70ECF4

Filesize
21KB

MD5
c57a5376d50d0513a8ba2c88b779d966

SHA1
835166641e26c3be3bc4f55035585577bb7e4395

SHA256
6549658b5dce73084ccdecbd07fa088a7824c245c96abad84515727f8b55e654

SHA512
d68607e0faf257c100e751c65a877552a8afe3daecff9ba9e5224a34d1e87073f15458faa27bfaeb22bdfe16cf04c3a29105daa63e7c65345119bc872c3c9ffe

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hw21aoqh.default-release\cache2\entries\B9DB13B4A02343F595ED8CF0F7AFFA392335D3F2

Filesize
9.4MB

MD5
c3cd8803de6f01c856de459f1aff4569

SHA1
783ddcfb8fde293ed6e533d54e597d8c34d82f4e

SHA256
0eaf5dde30bb5bce3412f96ed26eef99d2caebe2054dc41c9a0dc610945a256b

SHA512
38d1e74846bf924352920f8fdfd9e866f6b273cf396186d1a6339d67c3d4550b425b944ef58d16dedda5def6da69508439d93ad689f5717c7db6722a3a628b93

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hw21aoqh.default-release\cache2\entries\BD4663047CBCC70E3C9FF54DEFC90BA638723725

Filesize
128KB

MD5
eb096008fd3ddff953a915008ca3f907

SHA1
ce9684b0478a11382ee8113b8f31a035d53ba37c

SHA256
3408a672c6ccc739f28fbde83152a627ca374bac149f26fcb239dc6c08dd6e96

SHA512
99b79bea88cfc1b86b4cd424f95fd98f29c688f7aa9320699fefb90e5d3a015582f87c4981777fdd2d12bee1cb8888b9f6b37838d757800e4b7e42e0dc39e900

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hw21aoqh.default-release\cache2\entries\BF1AC8AA3C15166EA7A0D6E3A574C17BD0515A37

Filesize
217KB

MD5
4679c9a760f19b4a511b49dcddc995a5

SHA1
bed96c983e95f9b78f47f22ffe02326529297580

SHA256
c4c0bab771fab4bd41cd373d2a21276517ee30accc5da7f94c96bc5598239e26

SHA512
1557bfdc483af8f32607e5ffe92fe96d1ea4ec2de31ff136c5dafbe385e4683b473352c620ee42a980b4c90bb1a0fce096e6405162259c1fba6289a2e9fdaf56

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hw21aoqh.default-release\cache2\entries\FCC030F57940296B4C989D2C74BA07DCC70A995E

Filesize
13KB

MD5
c434a0d91bd2666d1febc8f49bb8a822

SHA1
c51c26eba49b9e5eb416286dc41a588c29cf40b4

SHA256
2219dc5a0921cb7482baad410e443d1478507004fd7da774dfc9fc7e23a87fd4

SHA512
ed58dcba987002cbaf26b3f93b42e0b9d2a155adc5fd08c0c6d60f0f66cf0912e66033ebf0f0ffad4e29031c7e62dcb335c4a693edaa0e8feb2162467f61aca1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
18KB

MD5
be7d1977d007d2a053e70293ff2bc5fc

SHA1
e593a8f06d4c96dd8537ccf1cdd05419e0db1975

SHA256
ceb62685c89ea5809de5564cc7389328b0b60458b3198d8e26427631296c7085

SHA512
b9de0a12f2f3692514f21dd53893ca3fc20e7b2381004f191b551763626d14f439162f555d5949a2744b63c467c73db9ce82e0d3a706fd20d4159fe760f9d272

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

Filesize
11.8MB

MD5
33bf7b0439480effb9fb212efce87b13

SHA1
cee50f2745edc6dc291887b6075ca64d716f495a

SHA256
8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

SHA512
d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\prefs-1.js

Filesize
8KB

MD5
f6186e28255611d1c050c0a3f447f5ab

SHA1
6d55fe0bca94327e766f7ac4079e92f19960b327

SHA256
ccf5357c38c3c18921c745af3b01cd282d92ae327e6b82c896478e59657b869b

SHA512
606697b954a459ee9fb02259a2f2a3d0874c60d43dda78e9ab4c12c9c6ed247b851da846bb38891c7179063dfaa1b920be2ae6533627d17effc32c884c896338

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\prefs-1.js

Filesize
6KB

MD5
3be9b7173af88ad54b902821d1757372

SHA1
fbfb6ebdd49869a818b7ed303c28b67d48a7992a

SHA256
1dde95584a9f7be621ba20e4d99079d86c220c89085b7f3bab4d270d480c97d1

SHA512
e3ef64827a6318949c20ecca1938f1a886d6cce6a3c749390456ddabef88b3abfb95b8d9eb737258a1648dd17f7f81df850d548b3e90584d8ab60e68b43792fa

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\prefs-1.js

Filesize
7KB

MD5
42fbcb6a4587c116fefc2a92ce1ac7dc

SHA1
9962848f3bd9e4e686fb166c9c458e7247207f71

SHA256
4cdb6d147c58615df836cc3274e3fb11040f8c5536ab0628679f0cdd7fe10d55

SHA512
69112ddf55c3866fda0acc0d60cbc2215020f960f9e6844ca3d49ce5eaa3b7e7ced73a15c229ea11898da9af220f8bf3e0139f38b8eb9cd3225b7fb7d906c601

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
32b31cf2b27a5d46d87a86fc8127d063

SHA1
4bd73cd60e9b552b1d818d48fb23b8944291f14b

SHA256
89f6c6b1fcb490669a56f9be43343ffb12861836528cc9270634dba5041260b8

SHA512
4427067516b460d8c2ad26dc022f3fa20485e2dad7e957d92b7f57181ff9c1d23fd6220c7b10fa795cdc470ba96e540d205d304779ffc653e4c15b3769e391a0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
4aeb0c6a1356e93f4083f620ab60b655

SHA1
4f20aa8c53434bdca34b2b832e50e37352fd8656

SHA256
aacc6c3e638779cce441c90d0ba392298eb9ad42a17ed52723ba70cc56aff354

SHA512
d39ba3cf9f101534e97e8364d07f66cd70d88408cbcae14850d29efe3ac99e7dc96ae9626b6a505e810ce507bb9cc176d82e01a8305fc1bfedf2adb01f3121d4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
f2a27cf6029fae03fc6ba30e78d4c9a5

SHA1
ec7f7dacf31eac239da47926899bac0040ba51e0

SHA256
11340dd7f8ff6f668997137614de8a2af31100df81aeeadb048be133949c0fcc

SHA512
74aeb930a3ffc94f0b6cdd28e5289073e301cf740f470dca045434dba4335ff9963a5ed1082fb5543e92f2a5d79dc17dddca0384c7b5c66d37dd94a4f7d85d35

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
7cde87f6f27238a73f87b5ff832ad512

SHA1
18803eda1d123d4f1760c926d9eaaea31d244587

SHA256
b3a3418c109a65d6a7ac241844990c2666a79c801b17a340a7b945d42fab5f4c

SHA512
703f7d56bdc9c4d016e837fdffef48a28179dd755284eba2b51c9ca74cee6545166f4455b44b06a943d05280efa81150cee9dd0d5b394a9640100ff8f29d3e9e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
6KB

MD5
543ec0557210027553df495fa594f673

SHA1
0fdad491a909ba0d66b1a7869295dbc990ba029f

SHA256
c0a60e89bff36e81d2c81d6a2a49b0bc85335f4fa25c7dd1024f205d9b9ec73f

SHA512
e4f55298f555e8d8be9b6b088eb3498ec311fd4fb91215bf074351b6d18b8d4cfba3463dfad1699944733db5e808026f5ebfb1c75d31f464aa3fa34c79fabffb

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
591c7089216e04db8c1feac2d6a17b69

SHA1
b9fa7bdbd008672ac806e3e09d485e1383be1b32

SHA256
2e620c0f2bf2bd444172552e3e4229bebef00824fb077e3089c95b060750cafa

SHA512
289084016ec4729abef2739615cc8a1c9f4de17b0ae1ab674242b72ed67465728a4f44fa2292de225011e253604caffd31d7dcf746e99ba6d5d25beb0dacecee

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
6KB

MD5
b5d0de721c2db2a7f4e7feca955a1d32

SHA1
e2f21e1cb69cc7b449a44396a97ff0c4433a8a91

SHA256
ee7506be2188ecc32088575ae0ad23a213bf7643b6fc0b5346ccf50da152a073

SHA512
e98887b54f8fed5801b7d26eea0287fa48c73eec81780a20c03aa2a9d24bbc374ad6000f81bb00505e7954cc3f83b623f92545e1058cc1436a951813e92a7e79

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
7cd9eab0046857d806b2c4fae4c07840

SHA1
796cf1a40fe89cf7d689deba0aaf98250119b92c

SHA256
a1294f857a0be89f68d3dcfb0d0f0eb7c5e8c972da23a12fd28ecdcb438bca5b

SHA512
6d3df6928bba2bf6057ec97e925d10601e19554f169ed0523c6fa63beb19180334aee10589a148ec7dd1c1e5f1d689a826aa83e39c6ac1098a5316b6606b2799

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
7KB

MD5
afb963e9079e4aecff483fc82f18dc2b

SHA1
9d3c842a48c06afd0eb509c7894e168f774a3f34

SHA256
fb0a04d3b296b375b1539fa577a8fcd60854bd36cf1dc30157d777827824806b

SHA512
2462a27d5701221ac2bb8109ea3ae5d56078484ee37c23fc1d5d5ad4599abc7430008d42f27e4abacbad0846c810e24a98da6ac59199f82dd8debf5ac999040e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
6KB

MD5
401cf3d36537eb6731cee4249aede979

SHA1
17f3151a5ae40462e11dbfdea6f8340b61db5e6e

SHA256
1f77bf5617c620d7d8a5af3956cb6ed158f3d18fc651c001da15cd62d4fe7ae8

SHA512
4eedc0293db779bba1e964eaf0659d59fb2d8f1652711143dc7669cda186fa3bbbccc0619aa6b89cf2ba7ed3b7c8c9593b768a5e1075b2ce2e8c9edcd0d61153

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\storage\default\https+++www.youtube.com^partitionKey=%28https%2Cflarefiles.com%29\idb\2171031483YattIedMb.sqlite

Filesize
48KB

MD5
90ed40e7daa0a1b788f322a452e5d9c5

SHA1
7bbd3d2f0eee9fb5c1c81a36c068f3fe8f43cbe2

SHA256
2ba34b2070801de537a89f56518085ae57074ad6f0193113e62c7d368ab0845a

SHA512
5811751aba4eeeb56ac108fccf37e9b62af3a3b75f56fa8af9709912f89601ffa4e032f580374fda8a12d43e7dbbe41cce90ba59ae813b70128d87e3b4c897f5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hw21aoqh.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
192KB

MD5
023bdef3fe94a19c79139b37c80943eb

SHA1
71f7d361e6afc9b5037f6f660096aa77529e0d7a

SHA256
03c8e93db6f14e68cb510153cfd92756ce57b48bd5fe85c9c57c438a0af162ea

SHA512
589813dffe37a0bf1bbc192ecd2fdcd2021bdc25db947c8736ebcd565e56b826f6ae195ff01abb8c33ff5475907cc6e06fb196d9cb2bf258b18445dad06ed921

Download Submit
C:\Users\Admin\Downloads\Vikings War of Clans MOD_Updated.228BxL0m.apk.part

Filesize
64KB

MD5
25b0d67cb1669bc31e4e4795aa24a9c9

SHA1
57ce55eca4ae3d0397f9cd032552147ac0faa329

SHA256
8e078ae3528892638c5a6af4ed670c85a878bf3a6a1c940a2a37320aa7bd750b

SHA512
553a9c120dda86d5d7854b13de1678a883dfd5dcdfc493cd388e5a18f4749eca798274c84c93755bcccd152782f136f79fa060e82b620930b38f136ecf6d8650

Download Submit