Analysis Overview
SHA256
5558cbccff4ceb5ef15e7dccc016fc83d70e2875c564910a9f441ad756ef9671
Threat Level: Likely malicious
The file trlogdecode.exe was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Obfuscated with Agile.Net obfuscator
Registers COM server for autorun
Loads dropped DLL
Checks installed software on the system
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
Enumerates physical storage devices
Unsigned PE
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
NTFS ADS
Checks processor information in registry
Uses Task Scheduler COM API
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Modifies registry class
Opens file in notepad (likely ransom note)
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-10-15 14:23
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-10-15 14:23
Reported
2023-10-15 14:53
Platform
win10v2004-20230915-en
Max time kernel
1804s
Max time network
1537s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\winrar-x64-624.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\winrar-x64-624.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\winrar-x64-624.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\trlogdecode.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\trlogdecode.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\trlogdecode.exe | N/A |
Obfuscated with Agile.Net obfuscator
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
Checks installed software on the system
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\7-Zip\Lang\kab.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lt.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tr.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Uninstall.exe | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\az.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\id.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zG.exe | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kaa.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ro.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\an.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\en.ttt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zCon.sfx | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mn.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spl.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File created | C:\Program Files\7-Zip\Lang\uz-cyrl.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\readme.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hu.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lij.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lv.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-cn.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-tw.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\br.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gl.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gu.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ka.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ca.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eu.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.sfx | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fr.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.exe | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uz.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt-br.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ug.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File created | C:\Program Files\7-Zip\Lang\tg.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hr.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nl.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nn.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\de.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hy.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spc.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fy.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pl.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sa.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sw.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File created | C:\Program Files\7-Zip\Lang\sw.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\he.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pa-in.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File created | C:\Program Files\7-Zip\Lang\tk.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\et.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\it.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kk.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mr.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ne.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.dll.tmp | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.chm | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ar.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\vi.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sk.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fi.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ms.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\th.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eo.txt | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1574508946-349927670-1185736483-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip32.dll" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1574508946-349927670-1185736483-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1574508946-349927670-1185736483-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000} | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\7z2301-x64.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\dbgtrace.txt:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\trlogdecode.rar:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\winrar-x64-624.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\7z2301-x64.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\trlogdecode.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\trlogdecode.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\trlogdecode.exe
"C:\Users\Admin\AppData\Local\Temp\trlogdecode.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.0.541651477\314663621" -parentBuildID 20221007134813 -prefsHandle 1856 -prefMapHandle 1848 -prefsLen 20938 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d586e20f-4ba7-4c1d-b19d-c8598255037f} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 1948 19664ae6558 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.1.1783251956\1446487302" -parentBuildID 20221007134813 -prefsHandle 2336 -prefMapHandle 2332 -prefsLen 20974 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e47f605a-9c4c-4002-a2db-e2e15e9672b2} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 2348 19658072258 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.2.35822624\602995433" -childID 1 -isForBrowser -prefsHandle 3144 -prefMapHandle 3204 -prefsLen 21077 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6bc5360c-b236-46af-b111-f7091bf46b70} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 3316 19668b24258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.3.1103797110\701391257" -childID 2 -isForBrowser -prefsHandle 3792 -prefMapHandle 3788 -prefsLen 26437 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {839c8615-0739-455d-9a98-887a363c2022} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 3804 19668a03258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.4.576574740\1781625688" -childID 3 -isForBrowser -prefsHandle 3480 -prefMapHandle 3724 -prefsLen 26496 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fa66b047-275f-4bcd-a9ea-8c4a985dca82} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 3788 19669f33458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.5.962291935\2142825780" -childID 4 -isForBrowser -prefsHandle 5092 -prefMapHandle 5068 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {741d435f-1423-4133-89ed-a86f6a13c550} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 5076 19664433b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.7.152009172\1768059248" -childID 6 -isForBrowser -prefsHandle 5436 -prefMapHandle 5440 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b3aec813-0a3e-42f2-baeb-3d9d6e372677} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 5428 1966aeb2b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.6.801944182\1597171534" -childID 5 -isForBrowser -prefsHandle 5212 -prefMapHandle 5216 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {65d64300-44ea-4978-8020-d800ca80af86} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 5204 1966aeb1c58 tab
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\dbgtrace.txt
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.8.1889452279\303221208" -childID 7 -isForBrowser -prefsHandle 5716 -prefMapHandle 6220 -prefsLen 30249 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fd7dffbe-5130-4ea9-b882-959e63a5d39e} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 5820 1966c073058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.9.1859094148\932414307" -childID 8 -isForBrowser -prefsHandle 4324 -prefMapHandle 4308 -prefsLen 30249 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {07236419-1286-47e8-925c-d6ca61dd326c} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 4920 1966c073358 tab
C:\Users\Admin\Downloads\winrar-x64-624.exe
"C:\Users\Admin\Downloads\winrar-x64-624.exe"
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\d2138182e4be43588d9cf23512345f40 /t 728 /p 3244
C:\Users\Admin\Downloads\winrar-x64-624.exe
"C:\Users\Admin\Downloads\winrar-x64-624.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.10.2141644732\235676324" -childID 9 -isForBrowser -prefsHandle 6304 -prefMapHandle 6264 -prefsLen 30305 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {713c8f39-833f-43f8-a997-0c26eb21922c} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 6268 19665f9d658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.11.1540085431\1528802757" -childID 10 -isForBrowser -prefsHandle 6264 -prefMapHandle 6304 -prefsLen 30314 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bf62b2ea-1c67-4d08-84f5-18df953149e0} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 6720 19658061958 tab
C:\Users\Admin\Downloads\7z2301-x64.exe
"C:\Users\Admin\Downloads\7z2301-x64.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\dbgtrace.txt
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\cab1757c773a4a08bd1afd37e15164b5 /t 4784 /p 724
C:\Users\Admin\Downloads\winrar-x64-624.exe
"C:\Users\Admin\Downloads\winrar-x64-624.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.12.956274679\483845666" -childID 11 -isForBrowser -prefsHandle 6408 -prefMapHandle 6260 -prefsLen 30314 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3e2a0401-7b12-48fc-8b4d-3ece355477c1} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 4632 19659f3e258 tab
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\trlogdecode.rar"
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\d9b3dfdf2ca3495480067ba13132b966 /t 2096 /p 4140
C:\Users\Admin\Desktop\trlogdecode.exe
"C:\Users\Admin\Desktop\trlogdecode.exe"
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\dbgtrace_de.txt
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\dbgtrace_de.txt
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.13.1926698690\188809347" -childID 12 -isForBrowser -prefsHandle 5360 -prefMapHandle 5952 -prefsLen 30732 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d06b9926-df65-4149-b8aa-f96e97cec586} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 5368 1965802f058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.15.1612471485\734597674" -childID 14 -isForBrowser -prefsHandle 9328 -prefMapHandle 9324 -prefsLen 30732 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2869c6b3-f674-43e8-b692-8130ba535e43} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 11064 196715aed58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.14.1591393876\7319915" -childID 13 -isForBrowser -prefsHandle 10704 -prefMapHandle 10708 -prefsLen 30732 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c5afcc3f-222b-480b-8269-2786acb9f1d1} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 10696 196715ade58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.16.735650465\2037879507" -childID 15 -isForBrowser -prefsHandle 8696 -prefMapHandle 8684 -prefsLen 30732 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {49c0185a-dbaa-4bbd-9986-423c4ad6e218} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 5452 19670a4a858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.17.398353470\589335343" -childID 16 -isForBrowser -prefsHandle 8732 -prefMapHandle 8736 -prefsLen 30732 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {98953fd1-181a-4815-bc4c-fe5317e48627} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 8812 19670a4c058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.18.461708892\1178106450" -childID 17 -isForBrowser -prefsHandle 8812 -prefMapHandle 10848 -prefsLen 30732 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {26e207c5-493c-42e0-a806-6c43621f93fe} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 8608 1966e945458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.19.839009609\534633151" -childID 18 -isForBrowser -prefsHandle 8660 -prefMapHandle 8632 -prefsLen 30732 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5fc01f96-629c-4890-96f4-a5c0e4119b35} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 8592 196713bad58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.20.42664819\1516224322" -childID 19 -isForBrowser -prefsHandle 10288 -prefMapHandle 10284 -prefsLen 30732 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {431df3d5-8ffd-48b4-80b0-c83a1eaa128f} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 8512 196713b9858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.21.1618296142\696881100" -childID 20 -isForBrowser -prefsHandle 8528 -prefMapHandle 10844 -prefsLen 30732 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8e2e5cc0-d60e-4815-8591-39b498e4424f} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 10512 196713bcb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.22.235291963\1342661777" -childID 21 -isForBrowser -prefsHandle 10228 -prefMapHandle 10224 -prefsLen 30732 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ae48011e-d105-4791-9512-50f93b4dfd62} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 10244 1967039fd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2224.23.1593049653\1338928411" -childID 22 -isForBrowser -prefsHandle 8336 -prefMapHandle 8464 -prefsLen 30732 -prefMapSize 232675 -jsInitHandle 1396 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {33f69d64-cff6-4e09-8286-5c19a9763e48} 2224 "\\.\pipe\gecko-crash-server-pipe.2224" 8344 19670aa9858 tab
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\dbgtrace_de.txt
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 203.33.253.131.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.194.73.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:51736 | tcp | |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 44.239.90.104:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.65.55:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | 104.90.239.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.202.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.136.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 127.0.0.1:51743 | tcp | |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 104.26.9.129:80 | shorturl.at | tcp |
| US | 104.26.9.129:80 | shorturl.at | tcp |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 8.8.8.8:53 | 129.9.26.104.in-addr.arpa | udp |
| US | 104.26.9.129:443 | shorturl.at | tcp |
| US | 8.8.8.8:53 | www.shorturl.at | udp |
| US | 104.26.9.129:443 | www.shorturl.at | tcp |
| US | 8.8.8.8:53 | www.shorturl.at | udp |
| US | 8.8.8.8:53 | www.shorturl.at | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | 233.129.159.162.in-addr.arpa | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | 59.128.231.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| US | 2.18.121.79:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.208.110:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.208.58.216.in-addr.arpa | udp |
| GB | 216.58.208.110:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r2---sn-5hne6ns6.gvt1.com | udp |
| US | 8.8.8.8:53 | r2.sn-5hne6ns6.gvt1.com | udp |
| NL | 209.85.226.103:443 | r2.sn-5hne6ns6.gvt1.com | tcp |
| NL | 209.85.226.103:443 | r2.sn-5hne6ns6.gvt1.com | udp |
| US | 8.8.8.8:53 | 103.226.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 53.121.117.34.in-addr.arpa | udp |
| US | 104.26.9.129:80 | www.shorturl.at | tcp |
| US | 104.26.9.129:80 | www.shorturl.at | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | 196.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| NL | 142.250.179.163:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| NL | 142.250.179.163:443 | id.google.com | udp |
| US | 8.8.8.8:53 | 163.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| DE | 172.217.23.206:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| DE | 172.217.23.206:443 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | 206.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.win-rar.com | udp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| US | 8.8.8.8:53 | www.win-rar.com | udp |
| US | 8.8.8.8:53 | www.win-rar.com | udp |
| US | 8.8.8.8:53 | 163.68.195.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| US | 8.8.8.8:53 | www.win-rar.com | udp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| NL | 142.250.179.163:443 | id.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.208.118:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.208.118:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 118.208.58.216.in-addr.arpa | udp |
| DE | 172.217.23.206:443 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | www.7-zip.org | udp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| US | 8.8.8.8:53 | www.7-zip.org | udp |
| US | 8.8.8.8:53 | www.7-zip.org | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| GB | 216.58.208.118:443 | i.ytimg.com | udp |
| DE | 172.217.23.206:443 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| NL | 142.251.39.110:443 | encrypted-tbn2.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| NL | 142.251.39.110:443 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | 110.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 1.36.251.142.in-addr.arpa | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 104.26.9.129:80 | shorturl.at | tcp |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 104.26.9.129:80 | shorturl.at | tcp |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 104.26.8.129:443 | shorturl.at | tcp |
| US | 8.8.8.8:53 | www.shorturl.at | udp |
| US | 8.8.8.8:53 | www.shorturl.at | udp |
| US | 104.26.8.129:443 | www.shorturl.at | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | 129.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 104.26.9.129:80 | shorturl.at | tcp |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 104.26.8.129:443 | shorturl.at | tcp |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 8.8.8.8:53 | www.shorturl.at | udp |
| US | 8.8.8.8:53 | www.shorturl.at | udp |
| US | 104.26.8.129:443 | www.shorturl.at | tcp |
| US | 8.8.8.8:53 | tags.refinery89.com | udp |
| US | 18.239.83.57:443 | tags.refinery89.com | tcp |
| US | 8.8.8.8:53 | d38u9fzbdfzf67.cloudfront.net | udp |
| US | 8.8.8.8:53 | d38u9fzbdfzf67.cloudfront.net | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| US | 192.184.69.252:443 | secure.quantserve.com | tcp |
| US | 8.8.8.8:53 | global.px.quantserve.com | udp |
| US | 8.8.8.8:53 | global.px.quantserve.com | udp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| US | 18.239.50.73:443 | rules.quantcount.com | tcp |
| US | 8.8.8.8:53 | d2fashanjl7d9f.cloudfront.net | udp |
| US | 8.8.8.8:53 | d2fashanjl7d9f.cloudfront.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | securepubads46.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cmp.quantcast.com | udp |
| US | 8.8.8.8:53 | measure.refinery89.com | udp |
| DE | 172.217.23.194:443 | securepubads46.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | d1v8205r6uwz5v.cloudfront.net | udp |
| US | 18.238.243.123:443 | d1v8205r6uwz5v.cloudfront.net | tcp |
| US | 18.239.83.131:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 18.65.39.69:443 | cmp.quantcast.com | tcp |
| US | 8.8.8.8:53 | securepubads46.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cmp.quantcast.com | udp |
| US | 8.8.8.8:53 | cmp.quantcast.com | udp |
| DE | 172.217.23.194:443 | securepubads46.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | d1v8205r6uwz5v.cloudfront.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 73.50.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.69.184.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.243.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.39.65.18.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 18.239.64.29:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | pixel.quantserve.com | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 18.238.243.82:443 | config.aps.amazon-adsystem.com | tcp |
| DE | 91.228.74.244:443 | pixel.quantserve.com | tcp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| DE | 69.173.144.140:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| DE | 69.173.144.140:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| NL | 81.17.55.112:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.112:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.112:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | euw1.smartadserver.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| US | 104.18.2.114:443 | mp.4dex.io | tcp |
| DE | 52.58.45.126:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | euw1.smartadserver.com | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 18.207.17.231:443 | btlr.sharethrough.com | tcp |
| US | 18.207.17.231:443 | btlr.sharethrough.com | tcp |
| US | 18.207.17.231:443 | btlr.sharethrough.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 104.26.6.139:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | btlr-us-east-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | btlr-us-east-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.64.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.243.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.144.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.2.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.45.58.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.17.207.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.6.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | 1ac493e24b8883a2a4b0a65fe2c3ab75.safeframe.googlesyndication.com | udp |
| NL | 142.250.179.161:443 | 1ac493e24b8883a2a4b0a65fe2c3ab75.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| NL | 142.250.179.161:443 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | s.seedtag.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | 161.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.39.251.142.in-addr.arpa | udp |
| US | 34.149.50.64:443 | s.seedtag.com | tcp |
| US | 8.8.8.8:53 | s.seedtag.com | udp |
| US | 8.8.8.8:53 | s.seedtag.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt.cdn.cloudflare.net | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.226.233:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 34.149.50.64:443 | s.seedtag.com | udp |
| NL | 23.216.240.90:443 | e4536.g.akamaiedge.net | tcp |
| US | 18.239.18.12:443 | tags.crwdcntrl.net | tcp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | tcp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 64.50.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.226.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.240.216.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| NL | 142.250.179.161:443 | cdn-content.ampproject.org | tcp |
| NL | 142.250.179.161:443 | cdn-content.ampproject.org | tcp |
| NL | 142.250.179.161:443 | cdn-content.ampproject.org | tcp |
| NL | 142.250.179.161:443 | cdn-content.ampproject.org | tcp |
| NL | 142.250.179.161:443 | cdn-content.ampproject.org | tcp |
| NL | 142.250.179.161:443 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 216.58.214.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| NL | 142.251.36.34:443 | www.googletagservices.com | tcp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| NL | 216.58.214.2:443 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.34:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 104.22.4.69:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | a.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | a.ad.gt.cdn.cloudflare.net | udp |
| NL | 142.250.179.134:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | 2.214.58.216.in-addr.arpa | udp |
| NL | 142.250.179.134:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| NL | 104.85.0.200:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.0.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 3.215.31.11:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | d1hyarjnwqrenh.cloudfront.net | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| HK | 23.42.175.200:443 | secure-assets.rubiconproject.com | tcp |
| US | 18.238.248.228:443 | d1hyarjnwqrenh.cloudfront.net | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | 11.31.215.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| NL | 104.85.2.117:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 8.8.8.8:53 | d1hyarjnwqrenh.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1hyarjnwqrenh.cloudfront.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 200.175.42.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.248.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.2.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| NL | 104.85.2.117:443 | e8960.b.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 213.19.162.80:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | 80.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | pixel.33across.com | udp |
| US | 104.18.27.193:443 | ssum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | pixel.33across.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | 193.27.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.105.202.67.in-addr.arpa | udp |
| US | 104.18.27.193:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | de.tynt.com | udp |
| US | 67.202.105.34:443 | de.tynt.com | tcp |
| US | 8.8.8.8:53 | de.tynt.com | udp |
| US | 8.8.8.8:53 | de.tynt.com | udp |
| US | 8.8.8.8:53 | hde.tynt.com | udp |
| US | 67.202.105.34:443 | hde.tynt.com | tcp |
| US | 8.8.8.8:53 | hde.tynt.com | udp |
| US | 8.8.8.8:53 | hde.tynt.com | udp |
| US | 8.8.8.8:53 | 34.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | alb-aws-fr-bruges-1875226813.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | alb-aws-fr-bruges-1875226813.eu-central-1.elb.amazonaws.com | udp |
| DE | 18.196.113.49:443 | x.bidswitch.net | tcp |
| DE | 3.71.149.231:443 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | tcp |
| NL | 64.158.223.140:443 | 33across-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | bfp.global.dual.dotomi.weighted.com.akadns.net | udp |
| US | 8.8.8.8:53 | bfp.global.dual.dotomi.weighted.com.akadns.net | udp |
| US | 8.8.8.8:53 | u.4dex.io | udp |
| US | 8.8.8.8:53 | 140.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.113.196.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | u.4dex.io | udp |
| US | 8.8.8.8:53 | u.4dex.io | udp |
| US | 192.184.69.167:443 | cms.quantserve.com | tcp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| NL | 185.89.210.122:443 | ib.anycast.adnxs.com | tcp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | 38.40.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.69.184.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fw.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | firewall-external-2134955858.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | firewall-external-2134955858.eu-west-1.elb.amazonaws.com | udp |
| NL | 142.250.179.134:443 | s0.2mdn.net | udp |
| IE | 54.78.81.175:443 | fw.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | 175.81.78.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| US | 8.8.8.8:53 | pugm-amsfpairbc.pubmnet.com | udp |
| US | 8.8.8.8:53 | pugm-amsfpairbc.pubmnet.com | udp |
| NL | 198.47.127.19:443 | pugm-amsfpairbc.pubmnet.com | tcp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| US | 8.28.7.84:443 | simage4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | spug-vac.pubmnet.com | udp |
| US | 8.8.8.8:53 | spug-vac.pubmnet.com | udp |
| US | 8.8.8.8:53 | 84.7.28.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 74.119.119.139:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | gbc2.va.us.criteo.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | gbc0.va.us.criteo.com | udp |
| US | 8.8.8.8:53 | gbc2.va.us.criteo.com | udp |
| US | 8.8.8.8:53 | gbc0.va.us.criteo.com | udp |
| US | 185.235.85.73:443 | gbc2.va.us.criteo.com | tcp |
| US | 185.235.85.14:443 | gbc0.va.us.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | 73.85.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.119.119.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.85.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| US | 18.65.39.66:443 | static.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 8.8.8.8:53 | 66.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | dt-external-521234871.us-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | dt-external-521234871.us-west-2.elb.amazonaws.com | udp |
| US | 44.230.48.206:443 | dt.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | 206.48.230.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| NL | 142.251.36.2:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| NL | 142.251.36.2:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 2.36.251.142.in-addr.arpa | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| NL | 142.251.36.2:443 | ade.googlesyndication.com | udp |
| NL | 142.251.36.2:443 | ade.googlesyndication.com | udp |
| NL | 142.251.36.2:443 | ade.googlesyndication.com | udp |
Files
memory/4044-0-0x0000000000EC0000-0x000000000125C000-memory.dmp
memory/4044-2-0x0000000077C62000-0x0000000077C63000-memory.dmp
memory/4044-3-0x0000000077C63000-0x0000000077C64000-memory.dmp
memory/4044-4-0x0000000000EC0000-0x000000000125C000-memory.dmp
memory/4044-5-0x00000000749A0000-0x0000000075150000-memory.dmp
memory/4044-6-0x0000000000EC0000-0x000000000125C000-memory.dmp
memory/4044-7-0x0000000000EC0000-0x000000000125C000-memory.dmp
memory/4044-8-0x0000000006460000-0x0000000006470000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\648840e6-4c84-4900-8b4f-1e9340546b97\trlogrt.dll
| MD5 | 54ab56509d910c969b9c287fde10026d |
| SHA1 | b0929cd61e4428d57191b0c41ad60765236bed4c |
| SHA256 | 998b95107a40360c441b4d1211f9f2e5ea9d004017baa383ffbe1a46cf08bfd0 |
| SHA512 | b16722ac2662362d6ee37620f1ab2dcee05e0a54b49dbc8bb2d93561f35f2f09e4dd8f0bc6139d57a5424a7b76c62dafef62a7f355ea1963e7fcdce180cdd2e8 |
C:\Users\Admin\AppData\Local\Temp\648840e6-4c84-4900-8b4f-1e9340546b97\trlogrt.dll
| MD5 | 54ab56509d910c969b9c287fde10026d |
| SHA1 | b0929cd61e4428d57191b0c41ad60765236bed4c |
| SHA256 | 998b95107a40360c441b4d1211f9f2e5ea9d004017baa383ffbe1a46cf08bfd0 |
| SHA512 | b16722ac2662362d6ee37620f1ab2dcee05e0a54b49dbc8bb2d93561f35f2f09e4dd8f0bc6139d57a5424a7b76c62dafef62a7f355ea1963e7fcdce180cdd2e8 |
memory/4044-35-0x0000000072960000-0x0000000072997000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\evb7441.tmp
| MD5 | c55e2ff93285f9933fc8021a29b14d9a |
| SHA1 | e364fc4b3b92c9d622c661bd784d9802671b4706 |
| SHA256 | 3a5a35788a20e0cd9bcb8f4ef394d23d59a89d75948f4be413a4dc6ec49a58d7 |
| SHA512 | fe06b8778cc77391a168525bdfc655252ec3836a052bb0f0e16a9621c275dbf5c79ee8f2a80821d1a3c37427a49f43e60523fd8fbfa9e081f6392468125ff408 |
memory/4044-45-0x0000000010000000-0x0000000010010000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\evb74EE.tmp
| MD5 | c55e2ff93285f9933fc8021a29b14d9a |
| SHA1 | e364fc4b3b92c9d622c661bd784d9802671b4706 |
| SHA256 | 3a5a35788a20e0cd9bcb8f4ef394d23d59a89d75948f4be413a4dc6ec49a58d7 |
| SHA512 | fe06b8778cc77391a168525bdfc655252ec3836a052bb0f0e16a9621c275dbf5c79ee8f2a80821d1a3c37427a49f43e60523fd8fbfa9e081f6392468125ff408 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\prefs.js
| MD5 | eb1795cafd234962a66677467d42ac62 |
| SHA1 | c47c30863103a8de34a81b9738dc2c8d903a239e |
| SHA256 | b52b89d32fbce9f8426d6a94f78db38d890d5596b6e9ce1021b43d68b5271048 |
| SHA512 | c819b83605cb5ab53103cfdd209784a87e9acc46d9c996b32e0beb87979b70c74ebba40f4cb6aca272aa3b18f37d77ce2c8cf93f31cc10ef0bc9538c04adf0ed |
memory/4044-34-0x0000000073430000-0x00000000734B9000-memory.dmp
memory/4044-33-0x00000000749A0000-0x0000000075150000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\prefs-1.js
| MD5 | 429b066e6d6fdf203133bd94acadf7fe |
| SHA1 | 3c8c99a705c5382e0be6503b4996637be1bb3c82 |
| SHA256 | f17de5ad51cbba8edaa5e7236086bc8f02c9d432bf02aec52d8a49f4baea6b10 |
| SHA512 | 256b5b6ef015839c4138371a1213a50e15edcc62f0158184ceecaf86c2e0251ea877e51201f850dcba0b6f8a0c8be64cd93efcf59955ca9df833637d6c27e6cf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | 9708a6e5da108b04969409f50bc5fc2e |
| SHA1 | 862fb265df2cba1e41ac668536cc53faaf404657 |
| SHA256 | e3058ded1a6eb8fc1700c8b37662760810850219e8e8ee7fabb0cc08e0c470c8 |
| SHA512 | a20a9265c80a0e57bac745a4c7a16a0be29afbca1b216a60704ad34247294d43803de851e0994266b8c456f4237a6ab6f5f0e7913d09b5c9a0fce809b4e0a3f9 |
memory/4044-68-0x0000000006420000-0x000000000642A000-memory.dmp
memory/4044-83-0x0000000006450000-0x000000000645A000-memory.dmp
memory/4044-82-0x0000000006440000-0x0000000006448000-memory.dmp
memory/4044-84-0x0000000006970000-0x000000000697A000-memory.dmp
memory/4044-85-0x0000000006460000-0x0000000006470000-memory.dmp
memory/4044-86-0x0000000006980000-0x0000000006988000-memory.dmp
memory/4044-88-0x0000000006F40000-0x00000000074E4000-memory.dmp
memory/4044-89-0x0000000006A90000-0x0000000006B22000-memory.dmp
memory/4044-91-0x0000000006A60000-0x0000000006A6A000-memory.dmp
memory/4044-94-0x0000000072960000-0x0000000072997000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\prefs-1.js
| MD5 | 6cab9663253f821a285cbac06c16e104 |
| SHA1 | d3bb60a284fafa08ed555c7d76012e10072280f4 |
| SHA256 | 09cf45df1498e88e9f596d0ed27762c2808270a8b9ff53756573a0604ec5fa65 |
| SHA512 | 49a98e6d0086be1471b7cee5d9cb8dceaa8fe5a482ef567173d0f078443f43fc4c2d7bf59fab08276e66b9276abb3286b2d2a12f73be4ea7bd4fb679e22eb1b0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 60d6413a735d66cb523b73600424a5d7 |
| SHA1 | 6a0a7d7d0d54e0c8cc09b35deb2ef8b5b478a042 |
| SHA256 | 2432b9473fa6586510c1a05615d88ee9c13973af179f43cd2de8f9939b0ebf39 |
| SHA512 | e43dec821d90153d25fe50e07cf1f59b4cb1be017d9438e17705d3a432881c0ce0e863cae6fb5b221108a8cd4d2ec7505490205a7f233b3828df40574135478b |
C:\Users\Admin\Downloads\BiisROh1.txt.part
| MD5 | b92f825a36cd9aafa0988309cd1c8e1b |
| SHA1 | 872f1e78a9a8060ce880141b2c8470b75a1f68e1 |
| SHA256 | c24bf9abb3ebd64cdfb56051ae7c1eaf81db37df0f4ab7e8c31954a71faa828e |
| SHA512 | 572d472ecffcf7bf4dbd290d43e607b45850fed8c1570c7247930d2e21474bf44b3fda80bb62077208cd5be33a9cc8cc8533ef0f583bc4b8ab1f3e078be1a233 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\prefs.js
| MD5 | 6a31d3f1c4b3541e01bbd3c17761d83c |
| SHA1 | 4659a1cbb7f602735f531e988fafdb978202a922 |
| SHA256 | 6fd34616a4ff098956680d5630ac197ec708a031d3e45fe3d222affc0644b882 |
| SHA512 | 0aaebf598d15afff1f5dfbae5eb4d374502e2823860a845b9dc7b0fe5da3c83ac6bd205ba0be1e1399892105799da446aef8195fdc6c99afa6bba41c33efbb5d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\prefs-1.js
| MD5 | 7db1871f52abce3f6efe5242d2482627 |
| SHA1 | b31839c8e99c2e1b02b3ae287ca25e17bde6049c |
| SHA256 | e9853e5ed8499511cc38bdf3e388f4dccacf469cc151706e658381307de806b0 |
| SHA512 | c8f5ba75807e5ad4494cf153abd543e1eb5b9ab638789a4090eb2145034b25b25e8f66eca85e66238ddc41c8085a30050930bc934866bf6e361fc783cecb924c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | cc2d799e8ade531a78be8e007440a7bf |
| SHA1 | 775d4ca5b27aa311c00827a0fb0b3d0a53c89d33 |
| SHA256 | 9d10e2f2f792ce7059a0e763d43cbdd57ef8c3fad2b9629f48c82eb99aa1a637 |
| SHA512 | 06c9c9aa2e56c64b755d0ed243904e492a323e96f7e5ff2e0ddec444571f911b850d8bcc81c856c0f895e1e102b4da9842c79197a0e8c3068d160d76f87c08ad |
C:\Users\Admin\AppData\Local\Temp\evb5F4.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
memory/4044-167-0x0000000000400000-0x0000000000414000-memory.dmp
memory/4044-166-0x0000000000400000-0x0000000000414000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\evb623.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
C:\Users\Admin\AppData\Local\Temp\evb653.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
C:\Users\Admin\AppData\Local\Temp\evb653.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
C:\Users\Admin\AppData\Local\Temp\evb683.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
C:\Users\Admin\Downloads\dbgtrace.txt
| MD5 | b92f825a36cd9aafa0988309cd1c8e1b |
| SHA1 | 872f1e78a9a8060ce880141b2c8470b75a1f68e1 |
| SHA256 | c24bf9abb3ebd64cdfb56051ae7c1eaf81db37df0f4ab7e8c31954a71faa828e |
| SHA512 | 572d472ecffcf7bf4dbd290d43e607b45850fed8c1570c7247930d2e21474bf44b3fda80bb62077208cd5be33a9cc8cc8533ef0f583bc4b8ab1f3e078be1a233 |
memory/4044-182-0x0000000006460000-0x0000000006470000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | d72b74ef25859236a2da4926468f807e |
| SHA1 | 669073fc3fb8eade9f45db4e354ae624f78f0a63 |
| SHA256 | 33d8d91f2e4c928cd538932f18be3b55530e7c70fd0a201c50b95a61afd26449 |
| SHA512 | 7bcc472f14ac79a6b1b81e47584e3942f69c4ec344b7113b967e0d4d21f315e86640147d95f69dfc95387d4988fbd15f0e0c4b0ece56d64691af0815c7a23a6b |
memory/4044-194-0x0000000006460000-0x0000000006470000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\prefs-1.js
| MD5 | f18b70e5d50b49bbf61c2be04964b5f5 |
| SHA1 | 31e405ddeeba12bac4c12cd8219cbc4b426b776f |
| SHA256 | 7a9d7edc402d27f544907c7ca1d7a336201ddaa95f514a4d35e1f474af0bbedb |
| SHA512 | 6a41246d404d4dc1f8296026384f63599d688fecf477986c196aecd833fe42ab1a49a0fb8d848601d5d914346c51ab87a528d5dfb777c295a9d3ae77576911e9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\cache2\entries\180089313729568CF6D0CAF9991F0FA4115478F0
| MD5 | 24c1419dedf1d38b310d3d048309f31b |
| SHA1 | 30b5ec6a71431625f1b6ae3778a0ed3e8959d4a6 |
| SHA256 | be2a2ef9695b9e549846b9a286e056e66d402d8d863b9cc650bd5f2112845f57 |
| SHA512 | 3c77b9f09597ce3b86caa846725ba2b41e9f430805d7b9bb0550db3d5d7b3e936f905df7c2c9d07d9fe214439bd9891ed25967ec05c698e1fa918cc64bc33f6d |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\Downloads\trlogdecode.kZBASkiF.rar.part
| MD5 | e197307a0e9201025f725e1b2f87fd7a |
| SHA1 | 771542f21aec89d4c019267a1b391bb3ea60db59 |
| SHA256 | fe55d141910a931c819326d536fdbe870f16e9cd27948de5b349537a2c77e246 |
| SHA512 | 735d12953048c0569582a220b0868b8d59204f96fb03de95c013731ad93f229b8cbc8387cbe2fff76aeed723df71f82c05aa00bbbbb7e23f17c8ece95340778d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8481740f5868431c3fd00794a371a0c9 |
| SHA1 | 37900457360ab163b9e055b62671e07a8aa41ebd |
| SHA256 | 5275206fc7e6e58e90496cf53a2a3b5fc622d307562c0f7c1583ce56b932ee46 |
| SHA512 | ffd84565f858b01a301def8d3fc21fc40a032981e06561e51a2322cd2e61a0715e8a1d92928362fd90ddcbe18e29b812dc919c1a60fbf55b0ec8e21ed9896baa |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\cache2\entries\59652381CC09EF2DE5C32E45EFFC61BA3ABC2A3F
| MD5 | 36d923d273c4dbb28bdc2f052aaa2441 |
| SHA1 | 305a8e159736509467b234976a29148114095d56 |
| SHA256 | f6ee334e50f01fc6d306a58de42d18ff8f7833cd05f83c6e7e57625c9b3af086 |
| SHA512 | e6c869a9080a95818287c62cc68961e9e7b95fd76348837c119e5fa7f662792fd67153a64f18904212ceb6299681118c540c268b58f3d0639e4ada0cefdbde08 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\cache2\doomed\28559
| MD5 | 97af65624b7ab85d65f2f3e83a9c6c4e |
| SHA1 | 5f465096656141ce3c813da1ce570e84466259b1 |
| SHA256 | c2320fec424adfd8ab5e4cd8a00bd646229d75ad8ec6181b86e7839156d92a87 |
| SHA512 | 26381b021a29765f18066519874ca768880a0826177607f513f5ac0bdad0166658d3b2de801fd14098f5a673ce49f7316f99a2ce88311e1deaaae45a95ac4cb1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 6f2d4c4d5dc7e85d4ee012994ca0bf7d |
| SHA1 | b486d53d2a8b03a65352f45ffc8801e0f1ca65b7 |
| SHA256 | 9414e33c8ed13464de6c24f05cb9222ef4a6bb8086bf3876f169ceb4b2498f73 |
| SHA512 | dd71d33fb331488ae13ba83c5e4111aa2bb12286f48e8cf67946038fe4c1f5f2ff9b981e3292a5ea4338c791fd82432e8db4dc454f23aa4a03feca01b247cbae |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | ff4a0b86f76c8f8f3ce8eaad33d1cd0c |
| SHA1 | fa665676c1dbecbcc52b0a295cee8f74797a8170 |
| SHA256 | 9c40952518298a8b52d0b5bb17cd0bf6a716219302f8d34682734523f6159125 |
| SHA512 | 7c62cc5ce1428a4a74cbef731dc138989c9dd24c5442009ef22c9c338489279a41d52c16cd571d3f90f1ff4b38b455118499c5ec32b92f31d8bb08315793fc8a |
C:\Users\Admin\Downloads\winrar-x64-624.h62qQEut.exe.part
| MD5 | 15596b41dba42cdcce4f677fbbc86b6e |
| SHA1 | 1ed1e69e72028150f8562bff5ca1dd745874329a |
| SHA256 | 377abc9d367e61cb5c4761bf48dcfdf5bcd3822f303e0f972d7f4c8295a2ea79 |
| SHA512 | d4e0d64f71027ecc6d85479542ed682359b37446cb1dccce5fa2972f152e27f3cb91a8ec0dc61270bc40038751a58982d4678efb929a3bc6d3546e072f51a9f2 |
C:\Users\Admin\Downloads\winrar-x64-624.exe
| MD5 | 15596b41dba42cdcce4f677fbbc86b6e |
| SHA1 | 1ed1e69e72028150f8562bff5ca1dd745874329a |
| SHA256 | 377abc9d367e61cb5c4761bf48dcfdf5bcd3822f303e0f972d7f4c8295a2ea79 |
| SHA512 | d4e0d64f71027ecc6d85479542ed682359b37446cb1dccce5fa2972f152e27f3cb91a8ec0dc61270bc40038751a58982d4678efb929a3bc6d3546e072f51a9f2 |
C:\Users\Admin\Downloads\winrar-x64-624.exe
| MD5 | 15596b41dba42cdcce4f677fbbc86b6e |
| SHA1 | 1ed1e69e72028150f8562bff5ca1dd745874329a |
| SHA256 | 377abc9d367e61cb5c4761bf48dcfdf5bcd3822f303e0f972d7f4c8295a2ea79 |
| SHA512 | d4e0d64f71027ecc6d85479542ed682359b37446cb1dccce5fa2972f152e27f3cb91a8ec0dc61270bc40038751a58982d4678efb929a3bc6d3546e072f51a9f2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8264c13be69076e52477dca9645156e0 |
| SHA1 | 4cb5fef3c782d29eb14f05410f343b6dcb60872b |
| SHA256 | 90efe0a69561ec807adc946d8fef13049cb4710fa7d460eb21148656bdcfe75b |
| SHA512 | 838f4d14da12f4eb185b7a75b8d15b0e199dbc548b7b17d173c862dce42a99ecd20d56863acaf63f3677055d6be2df7eb52d6e423807d65e91e18c2eeae2ecb0 |
memory/4044-2506-0x0000000000EC0000-0x000000000125C000-memory.dmp
memory/4044-2507-0x00000000749A0000-0x0000000075150000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 0880c9f99a9051d34ab5d6158d7d4653 |
| SHA1 | edfd440e73c152ae3349e0a2d01436d6640918a6 |
| SHA256 | 4953151cc3921615e474232dd9b6411a4ae698e414e8cd137e7bec4625fc75e8 |
| SHA512 | eb4233d5415cba0f65e7fcbf74b02b13ea0d2cc4888a82a43de0f5ddb93c40fbd793e702037f8b732f8b555c7a31330b7b7925d757924b54155dae3163da20a4 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | ac2c1f4c1645c7db8a0804f7747a46bc |
| SHA1 | 4ab8a5ccdeb092b888d1a50ff41f1671c189270e |
| SHA256 | d55385c50108b1fc23f7d651d5bc7659e3540d2debc2dc8bc59b4867d6709fab |
| SHA512 | 40cf3b96e6b105da61c5c306647ebaeab181225cf8deb26076a496673759ad5abc651abb2d1c034055f8b4e3e9cc4ab59cd74a264ac60ea076fc3075e27b0a62 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 0f21324285b0c2cd4955cca0df1a1947 |
| SHA1 | e9c9fe1d0685678688d9df08160c65351252d9f4 |
| SHA256 | 779dbdc7d87f2c760585d08ddf52a24575ccf521e2e55a996dd3b5a346317138 |
| SHA512 | 78a85e8343c6592c750d6b7b2eed2dc2d4eb772a7cbe67d8c9f71902e37d4c1ae43a429f1eac2265836732c3f7998b14889071c37efda7e3152d86a8ce65cf97 |
C:\Users\Admin\Downloads\winrar-x64-624.exe
| MD5 | 15596b41dba42cdcce4f677fbbc86b6e |
| SHA1 | 1ed1e69e72028150f8562bff5ca1dd745874329a |
| SHA256 | 377abc9d367e61cb5c4761bf48dcfdf5bcd3822f303e0f972d7f4c8295a2ea79 |
| SHA512 | d4e0d64f71027ecc6d85479542ed682359b37446cb1dccce5fa2972f152e27f3cb91a8ec0dc61270bc40038751a58982d4678efb929a3bc6d3546e072f51a9f2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | a35b81bd08401497fc565367033c646b |
| SHA1 | 0411c6bf8c8aaed344d1727b954f831f4b585f58 |
| SHA256 | 306395d3f58bc8aa1be03e89ff7d0faabf573eec022c6baf5a8c9e163c35e9d9 |
| SHA512 | 71b150c430df70e48773a99628b6bc7f123aca444bb4e2b7c2049ff1993321b30ecb63c35c9a40133f69975a85b70548a42156f08cd248a4753cf9bcd1ff3c77 |
C:\Users\Admin\Downloads\7z2301-x64.SnVIW4J5.exe.part
| MD5 | e5788b13546156281bf0a4b38bdd0901 |
| SHA1 | 7df28d340d7084647921cc25a8c2068bb192bdbb |
| SHA256 | 26cb6e9f56333682122fafe79dbcdfd51e9f47cc7217dccd29ac6fc33b5598cd |
| SHA512 | 1f4da167ff2f1d34eeaf76c3003ba5fcabfc7a7da40e73e317aa99c6e1321cdf97e00f4feb9e79e1a72240e0376af0c3becb3d309e5bb0385e5192da17ea77ff |
C:\Users\Admin\Downloads\7z2301-x64.exe
| MD5 | e5788b13546156281bf0a4b38bdd0901 |
| SHA1 | 7df28d340d7084647921cc25a8c2068bb192bdbb |
| SHA256 | 26cb6e9f56333682122fafe79dbcdfd51e9f47cc7217dccd29ac6fc33b5598cd |
| SHA512 | 1f4da167ff2f1d34eeaf76c3003ba5fcabfc7a7da40e73e317aa99c6e1321cdf97e00f4feb9e79e1a72240e0376af0c3becb3d309e5bb0385e5192da17ea77ff |
C:\Users\Admin\Downloads\7z2301-x64.exe
| MD5 | e5788b13546156281bf0a4b38bdd0901 |
| SHA1 | 7df28d340d7084647921cc25a8c2068bb192bdbb |
| SHA256 | 26cb6e9f56333682122fafe79dbcdfd51e9f47cc7217dccd29ac6fc33b5598cd |
| SHA512 | 1f4da167ff2f1d34eeaf76c3003ba5fcabfc7a7da40e73e317aa99c6e1321cdf97e00f4feb9e79e1a72240e0376af0c3becb3d309e5bb0385e5192da17ea77ff |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 4129ad67eec67985d0029889a7d921a0 |
| SHA1 | 3c16bb3725d886014caad9b5a331e7611dfcfe15 |
| SHA256 | 758056c4bd4513e3951244c5b08099603208f277ccd3f1c2d80e9850192306d2 |
| SHA512 | 579b63883da517b9b8cb6a0a15bffd3c8d42d0568f1b92edde22dcb9eb3f13babb578fcaa44fcf9fc77c9a00154f0d24cf4562c54a00609f8c82a4645fb0e591 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 9bcc20749eb94d619ee4761240e0fdb5 |
| SHA1 | 91cb23f4871453b11c9d61aa87222c0e38c9bff1 |
| SHA256 | f5747e62f65241b44b112ee2acc1514b43f18cb95d405b1636a3dacd0556c1b9 |
| SHA512 | 1137cdd00cfaf107780513f47595de1c291907ac2f83f2cb60bc1601f60de9c8db6ecf39df3c98279d079018bad6cd89291b8a3a8e930f75a013013c0ca6b549 |
C:\Users\Admin\Downloads\winrar-x64-624.exe
| MD5 | 15596b41dba42cdcce4f677fbbc86b6e |
| SHA1 | 1ed1e69e72028150f8562bff5ca1dd745874329a |
| SHA256 | 377abc9d367e61cb5c4761bf48dcfdf5bcd3822f303e0f972d7f4c8295a2ea79 |
| SHA512 | d4e0d64f71027ecc6d85479542ed682359b37446cb1dccce5fa2972f152e27f3cb91a8ec0dc61270bc40038751a58982d4678efb929a3bc6d3546e072f51a9f2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 448fab886ba93b38c09db924722f1a42 |
| SHA1 | aa02dbb5e9ff46dbb3a30f7ab35da39c2be4e056 |
| SHA256 | 3daf66c713aad6584605fa67231a2feeb06eac8082d199a83f908026e9f1a355 |
| SHA512 | 1952c5258894b62a527ed4f1549cc0a87728b912d9d1a98351c5a627caee0b81eb62731e6d62591adbf980b033c5b6fcdf60a702b77d1de976a0509d3d4c55d5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\cache2\entries\2A251FBD27205181C6F89C26792EE2E010281BC1
| MD5 | 012e91ef442146df752904b29e16902b |
| SHA1 | e17812b7939bd03c8e695eabc84a24b2d2c6e3b3 |
| SHA256 | 26ff82734f2ebf69c05e08a3d975a3d2dde424c1ebbd8bdb4799bb9b3f37d709 |
| SHA512 | 0b44d8742713b77b0474f131363755cd6a2d99534d6bbc236eac83de2be98036e9a2a85cce137bd8d044b25f23ef4b3df20af9bed68e54a9ab45d65c9ba8d12c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\cache2\entries\7D32DC9B716F840478815AE141F631287969E616
| MD5 | 186d8fae1099a15f4957bc408ad1680b |
| SHA1 | 94373e36b80a22e0bdfa3f64e9616af74072b897 |
| SHA256 | f45491a9d3be01ed0d84dbf4957d997692bba81f193e81d00d2ca6f599cbba5a |
| SHA512 | 49dcc43159a9a00fde2a5e636bb51118d874a24321ae3bc77c0c17a2e2b8c7f7a791d6a08dde51d197413ec1e3818cbf91495d31fa0d8578223c7ecf725ded7e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\cache2\entries\ADF684903229B63B9DD7248B7D1A86A01735A7DD
| MD5 | 80a07ca39d35d6f1ff861397a0bfac81 |
| SHA1 | 7b30ceeded95f1e3c26e316556b463301c00e6cf |
| SHA256 | de0cecbfb41d5c10732be2d7255171f75b4212ae004c076250332fdb094564a5 |
| SHA512 | c487438f0fc7e9f233f1c2106418d71c2447695593be00c956d1d1b1b7b1beac42af2fa9e2a7319bbcff9dc68987cb8accc260b42d67434bdccfd1687ef672c5 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 85382a9ae3369b22b2aecbe1a903ccfd |
| SHA1 | 2e270dff1480831db0ce2ce4715292c0e69d974e |
| SHA256 | 62112d3875f07050cf9b738d2fc18212c2803a4bf461c72918e883f7b57cfd63 |
| SHA512 | f5f3e635058719f1267365d1b2de97e1511f2effe87a9f79a848014a9d7f6c8db6bc601cc9c31fc7a8ed5078651db1e463c64ca680aa1e2dad91e49aff99b2e0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\jumpListCache\9xenyes57puVqAT1bjM9hA==.ico
| MD5 | 42ed60b3ba4df36716ca7633794b1735 |
| SHA1 | c33aa40eed3608369e964e22c935d640e38aa768 |
| SHA256 | 6574e6e55f56eca704a090bf08d0d4175a93a5353ea08f8722f7c985a39a52c8 |
| SHA512 | 4247460a97a43ce20d536fdd11d534b450b075c3c28cd69fc00c48bdf7de1507edb99bef811d4c61bed10f64e4c788ee4bdc58c7c72d3bd160b9b4bd696e3013 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 0fe05f4d39523fecf3c5337ad08f64a7 |
| SHA1 | 4b1a06b6cbd67e96b11b5c1d18aa6a814c21455c |
| SHA256 | 1644ca2cc573200117772ba3f93460d8785d835d4370ae42981d6dbacd1e86bd |
| SHA512 | 3a4f5ed05b56cd7077f2fc3408dea5b0cedbe185a4f3a769fb48c10582342ab2eae60c2b5d92d59f60cc5e12ee64ada43e61e9dfe0cba65ea4ec612a069d1a5f |
C:\Program Files\7-Zip\7zFM.exe
| MD5 | 30ac0b832d75598fb3ec37b6f2a8c86a |
| SHA1 | 6f47dbfd6ff36df7ba581a4cef024da527dc3046 |
| SHA256 | 1ea0839c8dc95ad2c060af7d042c40c0daed58ce8e4524c0fba12fd73e4afb74 |
| SHA512 | 505870601a4389b7ed2c8fecf85835adfd2944cbc10801f74bc4e08f5a0d6ecc9a52052fc37e216304cd1655129021862294a698ed36b3b43d428698f7263057 |
C:\Program Files\7-Zip\7z.dll
| MD5 | 4e35a902ca8ed1c3d4551b1a470c4655 |
| SHA1 | ad9a9b5dbe810a6d7ea2c8430c32417d87c5930c |
| SHA256 | 77222e81cb7004e8c3e077aada02b555a3d38fb05b50c64afd36ca230a8fd5b9 |
| SHA512 | c7966f892c1f81fbe6a2197bd229904d398a299c53c24586ca77f7f657529323e5a7260ed32da9701fce9989b0b9a2463cd45c5a5d77e56a1ea670e02e575a30 |
C:\Program Files\7-Zip\7z.dll
| MD5 | 4e35a902ca8ed1c3d4551b1a470c4655 |
| SHA1 | ad9a9b5dbe810a6d7ea2c8430c32417d87c5930c |
| SHA256 | 77222e81cb7004e8c3e077aada02b555a3d38fb05b50c64afd36ca230a8fd5b9 |
| SHA512 | c7966f892c1f81fbe6a2197bd229904d398a299c53c24586ca77f7f657529323e5a7260ed32da9701fce9989b0b9a2463cd45c5a5d77e56a1ea670e02e575a30 |
C:\Users\Admin\Downloads\trlogdecode.rar
| MD5 | b2f3bccf4d3a92125f3448a88a0980ca |
| SHA1 | 0dc9d71fff917b49ea83c4b5191fa2ace7953f46 |
| SHA256 | 0903ab7881da7ec0262d754c78e9a0bd3b2aa11868e64c133b49b154c74746d9 |
| SHA512 | 0ecc8b5266c91a0ad247eb8dc69deca55f666fed09da43aef83c3301a6fdebdda1fe64b0056a24d4f10944a9922839603683bed3993f23154ba929a033c47c5b |
C:\Users\Admin\Desktop\trlogdecode.exe
| MD5 | 92b3276355c5fd88754ae44a2da48792 |
| SHA1 | 4e41028f96fe413556d54211289561d472a578b5 |
| SHA256 | 5558cbccff4ceb5ef15e7dccc016fc83d70e2875c564910a9f441ad756ef9671 |
| SHA512 | faf8a8f8911ad4d6a45772c2d6fca05c59627c36ab52fb35c219802ddb582667830e69ef2a290ee6858b874bd85e85c554f55b6f6fbc2c5edaf4928512edbfe9 |
C:\Users\Admin\Desktop\trlogdecode.exe
| MD5 | 92b3276355c5fd88754ae44a2da48792 |
| SHA1 | 4e41028f96fe413556d54211289561d472a578b5 |
| SHA256 | 5558cbccff4ceb5ef15e7dccc016fc83d70e2875c564910a9f441ad756ef9671 |
| SHA512 | faf8a8f8911ad4d6a45772c2d6fca05c59627c36ab52fb35c219802ddb582667830e69ef2a290ee6858b874bd85e85c554f55b6f6fbc2c5edaf4928512edbfe9 |
memory/4620-3088-0x0000000000D30000-0x00000000010CC000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\evb74EE.tmp
| MD5 | c55e2ff93285f9933fc8021a29b14d9a |
| SHA1 | e364fc4b3b92c9d622c661bd784d9802671b4706 |
| SHA256 | 3a5a35788a20e0cd9bcb8f4ef394d23d59a89d75948f4be413a4dc6ec49a58d7 |
| SHA512 | fe06b8778cc77391a168525bdfc655252ec3836a052bb0f0e16a9621c275dbf5c79ee8f2a80821d1a3c37427a49f43e60523fd8fbfa9e081f6392468125ff408 |
memory/4620-3095-0x0000000077C62000-0x0000000077C63000-memory.dmp
memory/4620-3096-0x0000000077C63000-0x0000000077C64000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\evb7441.tmp
| MD5 | c55e2ff93285f9933fc8021a29b14d9a |
| SHA1 | e364fc4b3b92c9d622c661bd784d9802671b4706 |
| SHA256 | 3a5a35788a20e0cd9bcb8f4ef394d23d59a89d75948f4be413a4dc6ec49a58d7 |
| SHA512 | fe06b8778cc77391a168525bdfc655252ec3836a052bb0f0e16a9621c275dbf5c79ee8f2a80821d1a3c37427a49f43e60523fd8fbfa9e081f6392468125ff408 |
C:\Users\Admin\AppData\Local\Temp\evb683.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
C:\Users\Admin\AppData\Local\Temp\evb653.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
C:\Users\Admin\AppData\Local\Temp\evb623.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
C:\Users\Admin\AppData\Local\Temp\evb5F4.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\trlogdecode.exe.log
| MD5 | df27a876383bd81dfbcb457a9fa9f09d |
| SHA1 | 1bbc4ab95c89d02ec1d217f0255205787999164e |
| SHA256 | 8940500d6f057583903fde1af0287e27197410415639fc69beb39475fa5240dc |
| SHA512 | fe68271375002cfcf8585c92b948ae47cd1632919c43db4bc738e2bc85ceea6dd30880dba27df9c3317531f1017624d4bd8979e6c5fad58112c7aa1189f0b844 |
memory/4620-3098-0x0000000000D30000-0x00000000010CC000-memory.dmp
memory/4620-3099-0x00000000749A0000-0x0000000075150000-memory.dmp
memory/4620-3100-0x0000000000D30000-0x00000000010CC000-memory.dmp
memory/4620-3101-0x0000000005CF0000-0x0000000005D00000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\648840e6-4c84-4900-8b4f-1e9340546b97\trlogrt.dll
| MD5 | 54ab56509d910c969b9c287fde10026d |
| SHA1 | b0929cd61e4428d57191b0c41ad60765236bed4c |
| SHA256 | 998b95107a40360c441b4d1211f9f2e5ea9d004017baa383ffbe1a46cf08bfd0 |
| SHA512 | b16722ac2662362d6ee37620f1ab2dcee05e0a54b49dbc8bb2d93561f35f2f09e4dd8f0bc6139d57a5424a7b76c62dafef62a7f355ea1963e7fcdce180cdd2e8 |
memory/4620-3104-0x0000000072990000-0x00000000729C7000-memory.dmp
memory/4620-3105-0x0000000073430000-0x00000000734B9000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\evb3C1C.tmp
| MD5 | c55e2ff93285f9933fc8021a29b14d9a |
| SHA1 | e364fc4b3b92c9d622c661bd784d9802671b4706 |
| SHA256 | 3a5a35788a20e0cd9bcb8f4ef394d23d59a89d75948f4be413a4dc6ec49a58d7 |
| SHA512 | fe06b8778cc77391a168525bdfc655252ec3836a052bb0f0e16a9621c275dbf5c79ee8f2a80821d1a3c37427a49f43e60523fd8fbfa9e081f6392468125ff408 |
C:\Users\Admin\AppData\Local\Temp\evb3C6C.tmp
| MD5 | c55e2ff93285f9933fc8021a29b14d9a |
| SHA1 | e364fc4b3b92c9d622c661bd784d9802671b4706 |
| SHA256 | 3a5a35788a20e0cd9bcb8f4ef394d23d59a89d75948f4be413a4dc6ec49a58d7 |
| SHA512 | fe06b8778cc77391a168525bdfc655252ec3836a052bb0f0e16a9621c275dbf5c79ee8f2a80821d1a3c37427a49f43e60523fd8fbfa9e081f6392468125ff408 |
C:\Users\Admin\AppData\Local\Temp\evb3C1C.tmp
| MD5 | c55e2ff93285f9933fc8021a29b14d9a |
| SHA1 | e364fc4b3b92c9d622c661bd784d9802671b4706 |
| SHA256 | 3a5a35788a20e0cd9bcb8f4ef394d23d59a89d75948f4be413a4dc6ec49a58d7 |
| SHA512 | fe06b8778cc77391a168525bdfc655252ec3836a052bb0f0e16a9621c275dbf5c79ee8f2a80821d1a3c37427a49f43e60523fd8fbfa9e081f6392468125ff408 |
C:\Users\Admin\AppData\Local\Temp\648840e6-4c84-4900-8b4f-1e9340546b97\trlogrt.dll
| MD5 | 54ab56509d910c969b9c287fde10026d |
| SHA1 | b0929cd61e4428d57191b0c41ad60765236bed4c |
| SHA256 | 998b95107a40360c441b4d1211f9f2e5ea9d004017baa383ffbe1a46cf08bfd0 |
| SHA512 | b16722ac2662362d6ee37620f1ab2dcee05e0a54b49dbc8bb2d93561f35f2f09e4dd8f0bc6139d57a5424a7b76c62dafef62a7f355ea1963e7fcdce180cdd2e8 |
memory/4620-3114-0x0000000000D30000-0x00000000010CC000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\evb4B22.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
C:\Users\Admin\AppData\Local\Temp\evb4B33.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
C:\Users\Admin\AppData\Local\Temp\evb4B43.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
C:\Users\Admin\AppData\Local\Temp\evb4B64.tmp
| MD5 | 3c969043b0cab5fafa766225dec0312f |
| SHA1 | dfc67c5c907994c9f1c012550b43c52a48f883d6 |
| SHA256 | c4c3a4f9b59e9f574f8418bbaa23e7dc0a5e1f6606662041a49ab088d15a21f6 |
| SHA512 | 090bb455161a7971917d8cbb1a9b6997ae321f790a3acdac5f41febe8eb2e135098763363887d1cfd2b65800596a95ab1909391c806a9ef36cee24cfdacc14a1 |
memory/4620-3131-0x00000000749A0000-0x0000000075150000-memory.dmp
memory/4620-3132-0x0000000000400000-0x0000000000414000-memory.dmp
memory/4620-3133-0x0000000000400000-0x0000000000414000-memory.dmp
memory/4620-3134-0x0000000005CF0000-0x0000000005D00000-memory.dmp
memory/4620-3135-0x0000000072990000-0x00000000729C7000-memory.dmp
memory/4620-3137-0x0000000005CF0000-0x0000000005D00000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\prefs-1.js
| MD5 | a9194aea7bfa312846895aaee1688645 |
| SHA1 | f731fd6137804aef1793d08b8172c10a0a9d9dfb |
| SHA256 | b455966cfa6402edcee973c65ac2bb8ea9af5de58abb2ac4f0136fd28dd79895 |
| SHA512 | bd2bf761789030c9d4c03ee36b01e8105def289597ef1e1db61bca5e008a1a2a811332c989fec3589c1d04ba9217451ac660e41c323ace10641c81d2f766950c |
C:\Users\Admin\Desktop\dbgtrace_de.txt
| MD5 | 8583ff963c385ea579635f612ab43854 |
| SHA1 | bcc377dcb118f3e53469cd5117a76d9032b54a16 |
| SHA256 | d4a8a2670d4aaf472250970d1278481271212a6581ac78599a52f45620629c9a |
| SHA512 | 5efda22e97b60318b8fed800c4f23a811478ebf525cf34f88b5cdd375e74ff3027065e9fa484db81f5ef2e4b926c78fd854e9e73fb6cbf78aa15f90e7edd4e81 |
memory/4620-3157-0x0000000000400000-0x0000000000414000-memory.dmp
memory/4620-3159-0x0000000000400000-0x0000000000414000-memory.dmp
memory/4620-3160-0x0000000005CF0000-0x0000000005D00000-memory.dmp
C:\Users\Admin\Downloads\HsUiDKf8.txt.part
| MD5 | ff7a4231184073884fc734ec2e721618 |
| SHA1 | ce1ba926ba01dd5ec04458be426f884e1e82dd5f |
| SHA256 | 89046fcea65c727bd1c1f55334172f84ffa2d4ee3790007f49320a58aff14e81 |
| SHA512 | 240d675329995d60e5bdf732fbd399f02ffb03dfffa331cbfdcee98a941a0d32d509bd6c7e08405e25385f686f72713addd573c060fd67087db3657463926933 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\cache2\entries\DD369851F61F4AD7D3944CD684264B7C84451250
| MD5 | 63d3a78797ea8a5e1d5dec3d29c2344d |
| SHA1 | bcbad737fd0abfa2a4e6ba8ce4d76485b757cc82 |
| SHA256 | 88202084ea2134503ae8b529b72ea3396ba3e5170881b69ddf97d2217e94a0d1 |
| SHA512 | edcb0b8f3223e22c58567e316c152f107f1593b37fe6b8e29c46fcec50fbdccccb14fda63968d365388eb53bb09c8d10eda411149447a9da8458d03a1eaab788 |
C:\Users\Admin\Desktop\dbgtrace_de.txt
| MD5 | 8583ff963c385ea579635f612ab43854 |
| SHA1 | bcc377dcb118f3e53469cd5117a76d9032b54a16 |
| SHA256 | d4a8a2670d4aaf472250970d1278481271212a6581ac78599a52f45620629c9a |
| SHA512 | 5efda22e97b60318b8fed800c4f23a811478ebf525cf34f88b5cdd375e74ff3027065e9fa484db81f5ef2e4b926c78fd854e9e73fb6cbf78aa15f90e7edd4e81 |
C:\Users\Admin\Desktop\dbgtrace.txt
| MD5 | b92f825a36cd9aafa0988309cd1c8e1b |
| SHA1 | 872f1e78a9a8060ce880141b2c8470b75a1f68e1 |
| SHA256 | c24bf9abb3ebd64cdfb56051ae7c1eaf81db37df0f4ab7e8c31954a71faa828e |
| SHA512 | 572d472ecffcf7bf4dbd290d43e607b45850fed8c1570c7247930d2e21474bf44b3fda80bb62077208cd5be33a9cc8cc8533ef0f583bc4b8ab1f3e078be1a233 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 21c5451f9a5d23e9e5fe72fe8a874ba8 |
| SHA1 | 2944bba179319703bb0862c3e3b664cc36928f6b |
| SHA256 | 21e8999bd70ec8e5e8677686d92b812865e9e535135765535d727bd2810e0f67 |
| SHA512 | 32dbd66cbf81a1c0c58f4a56c73eada7d7728f1aa29dd094a19f04797a228555cca1dae75cb89c0394f1edbc19c48f1ba6149b45db702284183d55da66dcf21c |
C:\Users\Admin\Desktop\dbgtrace.txt
| MD5 | ff7a4231184073884fc734ec2e721618 |
| SHA1 | ce1ba926ba01dd5ec04458be426f884e1e82dd5f |
| SHA256 | 89046fcea65c727bd1c1f55334172f84ffa2d4ee3790007f49320a58aff14e81 |
| SHA512 | 240d675329995d60e5bdf732fbd399f02ffb03dfffa331cbfdcee98a941a0d32d509bd6c7e08405e25385f686f72713addd573c060fd67087db3657463926933 |
C:\Users\Admin\Desktop\dbgtrace_de.txt
| MD5 | 3a4185d8f62ea5e9ac3677fbc3bd35dc |
| SHA1 | f395de526b78d1c0c450e07ab405ca2cb623f540 |
| SHA256 | 71e9427438bee5dd6756b9ca58c460809f16023d43aed0b15a52414e341abe3a |
| SHA512 | c94810cd8ef39862687f662466a892d2364dc9cb810fcb12616b262143a34c1109a449f86b7a7105c6364e42e90364d3922333567f6d3f699f62bb3c9a7f775e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\datareporting\glean\db\data.safe.bin
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\prefs-1.js
| MD5 | a8c4358333addbc24e81860205be91b2 |
| SHA1 | d9445e9cf2ff08ffccf01ba4c61439cc2e39f261 |
| SHA256 | 8c231cc2ed482a9e8db7a468b21c01a6128717296f7af5cc0937088e26a91878 |
| SHA512 | f91c3b01b3abb24462f3cc7bff7d9252b5fd980fef5df2b83bdc395b8756fa89083a64ec77021bd39d40ec9e943e8b0e4efcede302e104f95640319d17891232 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\broadcast-listeners.json
| MD5 | cc1ec5d2590dc8550aa1d92c15cc1ec7 |
| SHA1 | d41015a078c9090927a82f66b18406d3c38b92df |
| SHA256 | eae2492a9950f23a6d031270e64058ffa5f014226de3907d56056abb38661652 |
| SHA512 | b0eff014ee01e7f71311ad0dc039167cd5cc21ae013a7c59105cf07851c132bf076ac381bf9d349c3359e1197a185639a40c04ec0a58b0ea205521098ba4f664 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\extensions.json
| MD5 | 7c32f054095cc53b7ad40007676ba0f7 |
| SHA1 | 3ac98be9687347539f2521b8b7fa241aa2e3545a |
| SHA256 | 6ce657951eede138079df2ba405d608d38b66038b7748c27549d6380024e5e78 |
| SHA512 | d8df0bb9d4f9f83c141d9e90d2a11cdcbf53fb654676331a004c67fc7a689a5b8c00963b6485732be90f7dfe92a50befbb9e77dce681def7891082265b8f00ea |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\xulstore.json
| MD5 | 1995825c748914809df775643764920f |
| SHA1 | 55c55d77bb712d2d831996344f0a1b3e0b7ff98a |
| SHA256 | 87835b1bd7d0934f997ef51c977349809551d47e32c3c9224899359ae0fce776 |
| SHA512 | c311970610d836550a07feb47bd0774fd728130d0660cbada2d2d68f2fcfbe84e85404d7f5b8ab0f71a6c947561dcffa95df2782a712f4dcb7230ea8ba01c34c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\targeting.snapshot.json
| MD5 | 9101621c4f557592860ba011da6a0cd7 |
| SHA1 | c0a4771deee4053023c587af54ff0423e0120a66 |
| SHA256 | f3fc4841ed3d72edbc11006851b44a982e05e21216de1dc2d10a0e11fbddfdef |
| SHA512 | 141484fb0e393164d84ed62cc84d24719149baf66beebe79d5c8f7925f7a7b64f992e48dbb6ae86b3da1b474c7d4e52eb68f6108d85057dfd093f579a8fe1b5d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\recipe_attachment.json
| MD5 | be3d0f91b7957bbbf8a20859fd32d417 |
| SHA1 | fbc0380fe1928d6d0c8ab8b0a793a2bba0722d10 |
| SHA256 | fc07d42847eeaf69dcbf1b9a16eb48b141c11feb67aa40724be2aee83cb621b7 |
| SHA512 | 8da24afcf587fbd4f945201702168e7cfc12434440200d00f09ddcd1d1d358a5e01065ac2a411fdf96a530e94db3697e3530578b392873cf874476b5e65d774a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_sports.json
| MD5 | ce4e75385300f9c03fdd52420e0f822f |
| SHA1 | 85c34648c253e4c88161d09dd1e25439b763628c |
| SHA256 | 44da98b03350e91e852fe59f0fc05d752fc867a5049ab0363da8bb7b7078ad14 |
| SHA512 | d119dc4706bbf3b6369fe72553cfacf1c9b2688e0188a7524b56d3e2ac85582a18bbee66d5594e0fb40767432646c23bf3e282090bd9b4c29f989a374aeae61f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_computers_and_electronics.json
| MD5 | 6ccd943214682ac8c4ec08b7ec6dbcbd |
| SHA1 | 18417647f7c76581d79b537a70bf64f614f60fa2 |
| SHA256 | ab20b97406b0d9bf4f695e5ec7db4ebad5efb682311e74ca757d45b87ffc106b |
| SHA512 | e57573d6f494df8aa7e8e6a20427a18f6868e19dc853b441b8506998158b23c7a4393b682c83b3513aae5075a21148dd8ca854a11dabcea6a0a0db8f2e6828b8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_science.json
| MD5 | 7a8fd079bb1aeb4710a285ec909c62b9 |
| SHA1 | 8429335e5866c7c21d752a11f57f76399e5634b6 |
| SHA256 | 9606ce3988b2d2a4921b58ac454f54e53a9ea8f358326522a8b1dcc751b50b32 |
| SHA512 | 8fc1546e509b5386c9e1088e0e3a1b81f288ef67f1989f3e83888057e23769907a2b184d624a4e4c44fcd5b88d719bd4cca94dfb33798804a721b8be022ec0c6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_jobs_and_education.json
| MD5 | 2d69892acde24ad6383082243efa3d37 |
| SHA1 | d8edc1c15739e34232012bb255872991edb72bc7 |
| SHA256 | 29080288b2130a67414ecb296a53ddd9f0a4771035e3c1b2112e0ce656a7481a |
| SHA512 | da391152e1fbce1f03607b486c5dea9a298a438e58e440ebb7b871bd5c62d7339b540eed115b4001b9840de1ba3898c6504872ff9094ba4d6a47455051c3f1c5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_real_estate.json
| MD5 | 9899942e9cd28bcb9bf5074800eae2d0 |
| SHA1 | 15e5071e5ed58001011652befc224aed06ee068f |
| SHA256 | efcf6b2d09e89b8c449ffbcdb5354beaa7178673862ebcdd6593561f2aa7d99a |
| SHA512 | 9f7a5fbe6d46c694e8bc9b50e7843e9747ea3229cf4b00b8e95f1a5467bd095d166cbd523b3d9315c62e9603d990b8e56a018ba4a11d30ad607f5281cc42b4cd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_shopping.json
| MD5 | 97d4a0fd003e123df601b5fd205e97f8 |
| SHA1 | a802a515d04442b6bde60614e3d515d2983d4c00 |
| SHA256 | bfd7e68ddca6696c798412402965a0384df0c8c209931bbadabf88ccb45e3bb6 |
| SHA512 | 111e8a96bc8e07be2d1480a820fc30797d861a48d80622425af00b009512aacb30a2df9052c53bfbf4ee0800b6e6f5b56daa93d33f30fecb52e2f3850dfa9130 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_people_and_society.json
| MD5 | b1bd26cf5575ebb7ca511a05ea13fbd2 |
| SHA1 | e83d7f64b2884ea73357b4a15d25902517e51da8 |
| SHA256 | 4990a5d17bea15617624c48a0c7c23d16e95f15e2ec9dd1d82ee949567bbaec0 |
| SHA512 | edcede39c17b494474859bc1a9bbf18c9f6abd3f46f832086db3bb1337b01d862452d639f89f9470ca302a6fcb84a1686853ebb4b08003cb248615f0834a1e02 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_autos_and_vehicles.json
| MD5 | 39b73a66581c5a481a64f4dedf5b4f5c |
| SHA1 | 90e4a0883bb3f050dba2fee218450390d46f35e2 |
| SHA256 | 022f9495f8867fea275ece900cfa7664c68c25073db4748343452dbc0b9eda17 |
| SHA512 | cfb697958e020282455ab7fabc6c325447db84ead0100d28b417b6a0e2455c9793fa624c23cb9b92dfea25124f59dcd1d5c1f43bf1703a0ad469106b755a7cdd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_pets_and_animals.json
| MD5 | 5b26aca80818dd92509f6a9013c4c662 |
| SHA1 | 31e322209ba7cc1abd55bbb72a3c15bc2e4a895f |
| SHA256 | dd537bfb1497eb9457c0c8ecbd2846f325e13ddef3988fd293a29e68ab0b2671 |
| SHA512 | 29038f9f3b9b12259fb42daa93cdefabb9fb32a10f0d20f384a72fe97214eff1864b7fa2674c37224b71309d7d9cea4e36abd24a45a0e65f0c61dc5ca161ec7c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_internet_and_telecom.json
| MD5 | 36689de6804ca5af92224681ee9ea137 |
| SHA1 | 729d590068e9c891939fc17921930630cd4938dd |
| SHA256 | e646d43505c9c4e53dbaa474ef85d650a3f309ccf153d106f328d9b6aeb66d52 |
| SHA512 | 1c4f4aa02a65a9bbdf83dc5321c24cbe49f57108881616b993e274f5705f0466be2dd3389055a725b79f3317c98bdf9f8d47f86d62ebd151e4c57cc4dca2487c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_online_communities.json
| MD5 | 37a74ab20e8447abd6ca918b6b39bb04 |
| SHA1 | b50986e6bb542f5eca8b805328be51eaa77e6c39 |
| SHA256 | 11b6084552e2979b5bc0fd6ffdc61e445d49692c0ae8dffedc07792f8062d13f |
| SHA512 | 49c6b96655ba0b5d08425af6815f06237089ec06926f49de1f03bc11db9e579bd125f2b6f3eaf434a2ccf10b262c42af9c35ab27683e8e9f984d5b36ec8f59fd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_books_and_literature.json
| MD5 | df96946198f092c029fd6880e5e6c6ec |
| SHA1 | 9aee90b66b8f9656063f9476ff7b87d2d267dcda |
| SHA256 | df23a5b6f583ec3b4dce2aca8ff53cbdfadfd58c4b7aeb2e397eade5ff75c996 |
| SHA512 | 43a9fc190f4faadef37e01fa8ad320940553b287ed44a95321997a48312142f110b29c79eed7930477bfb29777a5a9913b42bf22ce6bb3e679dda5af54a125ea |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_games.json
| MD5 | 4182a69a05463f9c388527a7db4201de |
| SHA1 | 5a0044aed787086c0b79ff0f51368d78c36f76bc |
| SHA256 | 35e67835a5cf82144765dfb1095ebc84ac27d08812507ad0a2d562bf68e13e85 |
| SHA512 | 40023c9f89e0357fae26c33a023609de96b2a0b439318ef944d3d5b335b0877509f90505d119154eaa81e1097ecfb5aa44dd8bb595497cdecfc3ee711a1fe1d5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_beauty_and_fitness.json
| MD5 | 0ed0473b23b5a9e7d1116e8d4d5ca567 |
| SHA1 | 4eb5e948ac28453c4b90607e223f9e7d901301c4 |
| SHA256 | eed46e8fe6ff20f89884b4fc68a81e8d521231440301a01bb89beec8ebad296b |
| SHA512 | 464508d7992edfa0dfb61b04cfc5909b7daacf094fc81745de4d03214b207224133e48750a710979445ee1a65bb791bf240a2b935aacaf3987e5c67ff2d8ba9c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_finance.json
| MD5 | e95c2d2fc654b87e77b0a8a37aaa7fcf |
| SHA1 | b4b00c9554839cab6a50a7ed8cd43d21fdaf35dc |
| SHA256 | 384bf5fcc6928200c7ebb1f03f99bf74f6063e78d3cd044374448f879799318e |
| SHA512 | 9696998a8d0e3a85982016ff0a22bb8ae1790410f1f6198bb379c0a192579f24c75c25c7648b76b00d25a32ac204178acaccd744ee78846dfc62ebf70bf7b93a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_arts_and_entertainment.json
| MD5 | 6c651609d367b10d1b25ef4c5f2b3318 |
| SHA1 | 0abcc756ea415abda969cd1e854e7e8ebeb6f2d4 |
| SHA256 | 960065cc44a09bef89206d28048d3c23719d2f5e9b38cfc718ca864c9e0e91e9 |
| SHA512 | 3e084452eefe14e58faa9ef0d9fda2d21af2c2ab1071ae23cde60527df8df43f701668ca0aa9d86f56630b0ab0ca8367803c968347880d674ad8217fba5d8915 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_law_and_government.json
| MD5 | 80c49b0f2d195f702e5707ba632ae188 |
| SHA1 | e65161da245318d1f6fdc001e8b97b4fd0bc50e7 |
| SHA256 | 257ee9a218a1b7f9c1a6c890f38920eb7e731808e3d9b9fc956f8346c29a3e63 |
| SHA512 | 972e95de7fe330c61cd22111bd3785999d60e7c02140809122d696a1f1f76f2cd0d63d6d92f657cdec24366d66b681e24f2735a8aabb8bcecec43c74e23fb4f5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_health.json
| MD5 | 11711337d2acc6c6a10e2fb79ac90187 |
| SHA1 | 5583047c473c8045324519a4a432d06643de055d |
| SHA256 | 150f21c4f60856ab5e22891939d68d062542537b42a7ce1f8a8cec9300e7c565 |
| SHA512 | c2301ed72f623b22f05333c5ecc5ebf55d8a2d9593167cc453a66d8f42c05ff7c11e2709b6298912038a8ea6175f050bbc6d1fc4381f385f7ad7a952ad1e856b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_business_and_industrial.json
| MD5 | a92a0fffc831e6c20431b070a7d16d5a |
| SHA1 | da5bbe65f10e5385cbe09db3630ae636413b4e39 |
| SHA256 | 8410809ebac544389cf27a10e2cbd687b7a68753aa50a42f235ac3fc7b60ce2c |
| SHA512 | 31a8602e1972900268651cd074950d16ad989b1f15ff3ebbd8e21e0311a619eef4d7d15cdb029ea8b22cf3b8759fa95b3067b4faaadcb90456944dbc3c9806a9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_food_and_drink.json
| MD5 | 70ba02dedd216430894d29940fc627c2 |
| SHA1 | f0c9aa816c6b0e171525a984fd844d3a8cabd505 |
| SHA256 | 905357002f2eced8bba1be2285a9b83198f60d2f9bb1144b5c119994f2ec6e34 |
| SHA512 | 3ae60d0bf3c45d28e340d97106790787be2cc80ba579d313b5414084664b86e89879391c99e94b6e33bdc5508ea42a9fd34f48ca9b1e7adfa7b6dd22c783c263 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_reference.json
| MD5 | 567eaa19be0963b28b000826e8dd6c77 |
| SHA1 | 7e4524c36113bbbafee34e38367b919964649583 |
| SHA256 | 3619daa64036d1f0197cdadf7660e390d4b6e8c1b328ed3b59f828a205a6ea49 |
| SHA512 | 6766919b06ca209eaed86f99bee20c6dad9cc36520fc84e1c251a668bcfe0afcf720ea6c658268dc3bbaaf602bfdf61eb237c68e08d5252ea6e5d1d2a373b9fe |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_home_and_garden.json
| MD5 | 250acc54f92176775d6bdd8412432d9f |
| SHA1 | a6ad9ad7519e5c299d4b4ba458742b1b4d64cb65 |
| SHA256 | 19edd15ebce419b83469d2ab783c0c1377d72a186d1ff08857a82bca842eea54 |
| SHA512 | a52c81062f02c15701f13595f4476f0a07735034fcf177b1a65b001394a816020ee791fed5afae81d51de27630b34a85efa717fe80da733556fdda8739030f49 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_blogging_resources_and_services.json
| MD5 | c82700fcfcd9b5117176362d25f3e6f6 |
| SHA1 | a7ad40b40c7e8e5e11878f4702952a4014c5d22a |
| SHA256 | c9f2a779dba0bc886cc1255816bd776bdc2e8a6a8e0f9380495a92bb66862780 |
| SHA512 | d38e65ab55cee8fef538ad96448cd0c6b001563714fc7b37c69a424d0661ec6b7d04892cf4b76b13ddbc7d300c115e87e0134d47c3f38ef51617e5367647b217 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_hobbies_and_leisure.json
| MD5 | bb45971231bd3501aba1cd07715e4c95 |
| SHA1 | ea5bfd43d60a3d30cda1a31a3a5eb8ea0afa142a |
| SHA256 | 47db7797297a2a81d28c551117e27144b58627dbac1b1d52672b630d220f025d |
| SHA512 | 74767b1badbd32cacd3f996b8172df9c43656b11fea99f5a51fff38c6c6e2120fae8bdd0dd885234a3f173334054f580164fdf8860c27cbcf5fb29c5bcdc060d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\personality-provider\nb_model_build_attachment_travel.json
| MD5 | 48139e5ba1c595568f59fe880d6e4e83 |
| SHA1 | 5e9ea36b9bb109b1ecfc41356cd5c8c9398d4a78 |
| SHA256 | 4336ac211a822b0a5c3ce5de0d4730665acc351ee1965ea8da1c72477e216dfa |
| SHA512 | 57e826f0e1d9b12d11b05d47e2f5ae4f5787537862f26e039918cb14faff4bc854298c0b7de3023e371756a331c0f3ee1aa7cebbbf94ec70cdfc29e00a900ed1 |
C:\Users\Admin\Desktop\dbgtrace_de.txt
| MD5 | 3a4185d8f62ea5e9ac3677fbc3bd35dc |
| SHA1 | f395de526b78d1c0c450e07ab405ca2cb623f540 |
| SHA256 | 71e9427438bee5dd6756b9ca58c460809f16023d43aed0b15a52414e341abe3a |
| SHA512 | c94810cd8ef39862687f662466a892d2364dc9cb810fcb12616b262143a34c1109a449f86b7a7105c6364e42e90364d3922333567f6d3f699f62bb3c9a7f775e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | fbadc22271fa0b6896af8e46ae2e0b26 |
| SHA1 | 4d97df127b76e73a80ca56d2f93e2401cda55931 |
| SHA256 | 8628c2cfc0dc77505b9f6db87c00992b8e792f33b5c874bd0f7124810d64806b |
| SHA512 | 3a9ae86c57be0e23c76da7205296c4bf2536153c26b05b7511f8997b9439bb6c76ae0528da108da3b70e67724d90417d15c79fc08a31e7d65d305ecb7d7374d8 |
C:\Users\Admin\Downloads\dbgtrace.m27D74Nm.txt.part
| MD5 | 907245ef25e7df91c44d6cfd32dd77ee |
| SHA1 | f73fe892e2a20e5882e5b6d24088c118bb43b9c0 |
| SHA256 | 44cbb327bcb1366197a8f01605eb8cf643955fc77bc16efcca686c7bacd216a8 |
| SHA512 | 5da0f2c69feb307aa773a1f0ed940090cb13b384e7b7a0fff46859df65a290a07d387fb9380fac7e46c05658f3911d6f4c8bacd5f59e975d826dd58e3eda4f83 |
C:\Users\Admin\Downloads\dbgtrace.txt
| MD5 | 907245ef25e7df91c44d6cfd32dd77ee |
| SHA1 | f73fe892e2a20e5882e5b6d24088c118bb43b9c0 |
| SHA256 | 44cbb327bcb1366197a8f01605eb8cf643955fc77bc16efcca686c7bacd216a8 |
| SHA512 | 5da0f2c69feb307aa773a1f0ed940090cb13b384e7b7a0fff46859df65a290a07d387fb9380fac7e46c05658f3911d6f4c8bacd5f59e975d826dd58e3eda4f83 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | bcfd900f763920be9712d5b29af38587 |
| SHA1 | 78cc9373a28216be6e2bc4269c0dc692cc91f691 |
| SHA256 | 62d2b5bbd7a2b5f9cbd67aadeba9dc25c95fb9e5972afd84b96c0af9dab193f9 |
| SHA512 | 68ad7db17e69abe5704dc4acd9ebb22cc98b6f743aa25f4da6404f4674de3245663e779a67329a95fd5cddb3a2d70d18358530883bcf99caadce9710d621fb09 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\cache2\entries\0D0BB73C78ADDE449FA633D84DF95E410284A76D
| MD5 | d760e8278ce5ac36c914fa444d2dc634 |
| SHA1 | f1a949f9448844af2ea812f46d5c82ba45bb05a7 |
| SHA256 | ed88ca14fd9a45ddeaf5ccfeb2524c1528433e5567f31f871b39cb7d71cb4b29 |
| SHA512 | 0da146bc3d8f809a36dbf73f96309593955a35510d590ecf758d88d55c4e957fb78625a787be9cff15579f4b23531884b2617b31ebce163e967fb7718e181ec4 |
C:\Users\Admin\Desktop\dbgtrace.txt
| MD5 | ff7a4231184073884fc734ec2e721618 |
| SHA1 | ce1ba926ba01dd5ec04458be426f884e1e82dd5f |
| SHA256 | 89046fcea65c727bd1c1f55334172f84ffa2d4ee3790007f49320a58aff14e81 |
| SHA512 | 240d675329995d60e5bdf732fbd399f02ffb03dfffa331cbfdcee98a941a0d32d509bd6c7e08405e25385f686f72713addd573c060fd67087db3657463926933 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\cache2\doomed\8118
| MD5 | 4806233a96d9038edac3d6e26ce5ef9a |
| SHA1 | dd35cc477a99576aca958014a46a486f06d7d7e1 |
| SHA256 | 18b3db3037a919d6dcebdcf9159f05181e38386400a5f42a5955994ef6600f2a |
| SHA512 | 7bd7d7cccca8ccfab4547e13d067ace020fc0c622ca781239e448f8d18a699df93a0d9b7dc0ac757e669b59bbe59e5ff8063415b19fe53b70729a15d170f00b8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | fe16f6d724cc926a725471eba959f5c3 |
| SHA1 | 56570b90c187e0bb1956e320f5b4a9761719647f |
| SHA256 | 106b05d5d79fa2c544c03aae2ef0fc5fa644af4746801bc9d2ef83e837944f39 |
| SHA512 | 83f29fc2b4fa77c063981aa73779c4d35fdecfc3fad143aad6a074297413048a7af9065105f9872ccae4ca3d4c6f3b3682af6e07df871c1dca0f97c5de378f0f |
C:\Users\Admin\Desktop\dbgtrace.txt
| MD5 | 907245ef25e7df91c44d6cfd32dd77ee |
| SHA1 | f73fe892e2a20e5882e5b6d24088c118bb43b9c0 |
| SHA256 | 44cbb327bcb1366197a8f01605eb8cf643955fc77bc16efcca686c7bacd216a8 |
| SHA512 | 5da0f2c69feb307aa773a1f0ed940090cb13b384e7b7a0fff46859df65a290a07d387fb9380fac7e46c05658f3911d6f4c8bacd5f59e975d826dd58e3eda4f83 |
C:\Users\Admin\Desktop\dbgtrace_de.txt
| MD5 | c57825cdfd2d991f9c3578f2d32bbcf2 |
| SHA1 | f33ce569c9b61d796be3e5ed88fbb780e32ddfb2 |
| SHA256 | 6bf189d43a6bd496981e0a464b3155dabe5c2d921f63d0e37999c281f7cabb20 |
| SHA512 | 5328a889c352af5010d0c84379bed8e552a03fe7e3bcf482cd63a0a1d30f6f82378b85954759c77efd43617cb347c67d46cda643f4157ab8f23a05b976a34a4e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 4b734ab43f33e63e0f8c8ccbef304359 |
| SHA1 | 2f93e4386b94c440118b0d4fbb90d1b0394f07ac |
| SHA256 | 6d33717ce84b9e788733f51cfe7cff76059007485bd9fb3d00ec4219aed22179 |
| SHA512 | c22bb40091cbf567b30a0a31bcbc95cf09cbad4392d47ae25aa25719ded6cdf36f531e490c5e2f56700d34b1dc665f0ab0a105cd20e1445d9dc1e243cbb55bb6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\SiteSecurityServiceState.txt
| MD5 | 61308df62e74458343f8c332769440d2 |
| SHA1 | feda674e5bf835e01d208c41ca390f81cdebe808 |
| SHA256 | c4fc2dc75d9e92628e074ac7895924c723fac570535ab60e8c3e6c083ed94528 |
| SHA512 | 1e30be689592acd9a7960591fa3b847349e6af6e05c127c8c9e81fa2d339a82e2b6f07a05876ac70a8b774a17c24bbb929fbc71c394195edcb24a87e73343a10 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\cache2\doomed\26674
| MD5 | 65e357ce5b9468ed040bc0431ef9bdfb |
| SHA1 | 7520eb3874448da8b2aad4db8be5413fd1e57b67 |
| SHA256 | 733d3fa26ba316032e738ba686cba02c115e9d9ce3a2379609d2cd31607fecb0 |
| SHA512 | dc810592168a892e90a7076dbc3270a90d20382ae483be4ea8d18f770fa24b9322d1a6cbcdac818d2c8fa6db264241565b00afa2d007aa779be1152d02cc18c8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\AlternateServices.txt
| MD5 | 6936017731c147750cf37632c19ce20c |
| SHA1 | b89edf6d3e3210d0a5a9683f5c952ddc10e7934b |
| SHA256 | ce02eb214e7d7be9aa46799baf31cc6f052e91486f60e18f46bee4d5e2e9bdd1 |
| SHA512 | 2e7db3cc0537f5f414ab085fc53a9796abda8d7dd4418d8de8cc31b66078abec3953482a07ab319ebc3e5712b518ba4c92f69437c99ba17fdd559a15f32d4bd0 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | a290941711c7b5308da421e9ed9f9c81 |
| SHA1 | 702781ee4b359f56bde1b4c3e538fea0e0e280cb |
| SHA256 | b8c08fd3a2801dfc7a2ca1b3089919341447145d5b16dedde6a09cef4704e3f2 |
| SHA512 | 87157f9d24addd7117c9263c71710b6d7ff55aaac615cb0e90e5b35ef7b25adc72e619b374a6e8ca3ce10f7a8a172191f9dfabf5466f8b952037440337e5f4c9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\AlternateServices-1.txt
| MD5 | 1793b741e02b4015f5980a7ee11d0bb7 |
| SHA1 | 03db4844c6024480ee4f4cd0bcad511a87800664 |
| SHA256 | 2ed70d53b297baeab7765610bff5ab47833a2be6f09010f401b80cc8100be9af |
| SHA512 | 195ec3d062084304abe0ddf4c52411bbbc432bcf1c05128b41f846d704e0035fa78fbb5369f0e163ba94c6092db2eab56952953fbaba99b0337b1186110526d6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\t9nv4f6k.default-release\bookmarkbackups\bookmarks-2023-10-15_11_+EFFcgpUIqbOq77CaBEnzg==.jsonlz4
| MD5 | 0a8d64776c2cfaa066c6133808f38605 |
| SHA1 | 41f83eab92197d6f0993d7e893bc82be26518f45 |
| SHA256 | 5207405b5c51e0242e85f32402591aa1037fc7e386317967fb54ed5db4ff1f22 |
| SHA512 | 6e1f0dc08dcb98eef3c355fea49e891fc18dd18401e2965ad268bb038777eba0fd0594f07a98c4004320d8b4b652503f80b33d3ddc1779aefd47c22b2906837c |