hxxps://adfoc[.]us/serve/sitelinks/?id=271228&url=hxxps://maven[.]minecraftforge[.]net/net/minecraftforge/forge/1[.]20[.]1-47[.]2[.]0/forge-1[.]20[.]1-47[.]2[.]0-installer[.]jar

Resubmissions

05/11/2023, 21:47

231105-1m9h1sdb6v 6

05/11/2023, 21:43

231105-1lb65adb3x 6

05/11/2023, 21:37

231105-1gy54aeg83 1

Analysis

max time kernel
1797s
max time network
1536s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
05/11/2023, 21:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://adfoc.us/serve/sitelinks/?id=271228&url=https://maven.minecraftforge.net/net/minecraftforge/forge/1.20.1-47.2.0/forge-1.20.1-47.2.0-installer.jar

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Checks processor information in registry 2 TTPs 7 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2231940048-779848787-2990559741-1000\{F9AB5F54-E9BD-462E-8532-ED2F2EC79ED9}	svchost.exe
Key created	\REGISTRY\USER\S-1-5-21-2231940048-779848787-2990559741-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 8 IoCs

description	pid	Process
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
4512	firefox.exe
4512	firefox.exe
4512	firefox.exe
4512	firefox.exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
4512	firefox.exe
4512	firefox.exe
4512	firefox.exe

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
1120	OpenWith.exe
4512	firefox.exe
4512	firefox.exe
4512	firefox.exe
4512	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4512 wrote to memory of 964	4512	firefox.exe	102
PID 4512 wrote to memory of 964	4512	firefox.exe	102
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4216	4512	firefox.exe	104
PID 4512 wrote to memory of 4216	4512	firefox.exe	104
PID 4512 wrote to memory of 4216	4512	firefox.exe	104

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar https://adfoc.us/serve/sitelinks/?id=271228&url=https://maven.minecraftforge.net/net/minecraftforge/forge/1.20.1-47.2.0/forge-1.20.1-47.2.0-installer.jar
1⤵
PID:4272

C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
1⤵
PID:4008

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious use of SetWindowsHookEx
PID:1120

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Checks processor information in registry
- Modifies registry class
PID:2924

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4528
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:4512
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.0.924294888\1012719598" -parentBuildID 20221007134813 -prefsHandle 1896 -prefMapHandle 1888 -prefsLen 20938 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f9efb5c7-d36b-49c7-9da7-be575390d7ab} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 1976 1916c4daf58 gpu
    3⤵
    PID:964
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.1.913969159\2102000069" -parentBuildID 20221007134813 -prefsHandle 2364 -prefMapHandle 2360 -prefsLen 20974 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9dd204f4-c337-4f67-a73b-8e399ee685f8} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 2376 1915f970458 socket
    3⤵
    PID:4268
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.2.688427128\1842319297" -childID 1 -isForBrowser -prefsHandle 3256 -prefMapHandle 3252 -prefsLen 21077 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f14b87bd-c60b-4cb3-9dc5-e7c369c3d13c} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 3056 191704bc858 tab
    3⤵
    PID:4216
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.3.1872152544\917884667" -childID 2 -isForBrowser -prefsHandle 3608 -prefMapHandle 3604 -prefsLen 26437 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d91611a-ef45-4194-b08f-70119258aff0} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 3620 191707dbb58 tab
    3⤵
    PID:412
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.4.1512172254\874644161" -childID 3 -isForBrowser -prefsHandle 3980 -prefMapHandle 4528 -prefsLen 26496 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc4bba70-a735-44d0-8ed3-58f35d3df0a4} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 4548 19171db0d58 tab
    3⤵
    PID:2776
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.5.708774172\1436829968" -childID 4 -isForBrowser -prefsHandle 5096 -prefMapHandle 4812 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {82a8ae81-0b4a-4b54-90b9-65aae96f2b07} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 4528 1917075e858 tab
    3⤵
    PID:3904
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.7.1284168408\1684331213" -childID 6 -isForBrowser -prefsHandle 5424 -prefMapHandle 5428 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {158fbbe3-2f74-4648-a1bc-0ddc278c7c29} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 5416 191727fe558 tab
    3⤵
    PID:2896
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.6.1002324052\718414356" -childID 5 -isForBrowser -prefsHandle 5232 -prefMapHandle 5236 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3fbad538-9b76-490c-b45b-2c0863089d85} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 5224 191727fe258 tab
    3⤵
    PID:2536
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.8.33864809\787158929" -childID 7 -isForBrowser -prefsHandle 4144 -prefMapHandle 3108 -prefsLen 27232 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ee3681f6-ac1e-4cfd-9156-db7fdd6de8c4} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 3584 1916eb4a658 tab
    3⤵
    PID:5616
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.9.235115941\993613165" -childID 8 -isForBrowser -prefsHandle 5468 -prefMapHandle 3560 -prefsLen 27232 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {266ec830-383a-4275-bb07-9442cde09522} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 5456 1916ebbbb58 tab
    3⤵
    PID:5720
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.10.1067629413\324767158" -childID 9 -isForBrowser -prefsHandle 4544 -prefMapHandle 5624 -prefsLen 27232 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9c097ab-482e-4ff9-bc7a-0d70ffac4687} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 5252 19173018a58 tab
    3⤵
    PID:4988
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.11.771518578\1445988065" -childID 10 -isForBrowser -prefsHandle 6468 -prefMapHandle 6464 -prefsLen 30287 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0a2591ba-4d56-4d7b-bc65-d06803b03e5e} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 6160 191742b4e58 tab
    3⤵
    PID:5264
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.14.147792050\1140758413" -childID 13 -isForBrowser -prefsHandle 7008 -prefMapHandle 7004 -prefsLen 30287 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {00fae9a8-9949-4809-bce7-a445f997eea0} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 7044 19175d71258 tab
    3⤵
    PID:4472
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.13.597676476\1119689998" -childID 12 -isForBrowser -prefsHandle 6832 -prefMapHandle 6836 -prefsLen 30287 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {055f8126-b8db-4e8a-b0e8-d0941dda4075} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 6612 1917af6a558 tab
    3⤵
    PID:3732
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.12.1911021561\1120264688" -childID 11 -isForBrowser -prefsHandle 3152 -prefMapHandle 6312 -prefsLen 30287 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2096522b-0091-4e3f-93e1-eb2dc34dc89d} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 6744 19172051558 tab
    3⤵
    PID:1932
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.15.2043869970\909712450" -childID 14 -isForBrowser -prefsHandle 7524 -prefMapHandle 7536 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {310fdcb3-d1ee-46d0-aa21-aad1c048b763} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 7548 19179779858 tab
    3⤵
    PID:6100
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.16.1931917460\627493466" -childID 15 -isForBrowser -prefsHandle 5816 -prefMapHandle 5828 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {35876f88-2fff-41a2-a9bd-d60a91f4e218} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 4944 1915f96b558 tab
    3⤵
    PID:5288
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.18.165102345\980701079" -childID 17 -isForBrowser -prefsHandle 10848 -prefMapHandle 10844 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {857f1415-1ba6-424e-b23c-f00a8942fc9c} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 10856 1917a41d458 tab
    3⤵
    PID:624
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.19.564005134\1198867350" -childID 18 -isForBrowser -prefsHandle 10656 -prefMapHandle 10652 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d03450ae-9a46-4302-8ee6-864227564952} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 10664 1917a41d758 tab
    3⤵
    PID:3280
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.17.744806913\1347835486" -childID 16 -isForBrowser -prefsHandle 5880 -prefMapHandle 4528 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e48a10fc-c385-4492-a946-92fcd7b301fb} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 10988 1917a41cb58 tab
    3⤵
    PID:3012
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.20.2052515126\1929526248" -childID 19 -isForBrowser -prefsHandle 4676 -prefMapHandle 4628 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c2258202-a01f-405b-a17f-18c028e0383d} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 6316 1917204ee58 tab
    3⤵
    PID:5424
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.21.1035365707\445453316" -childID 20 -isForBrowser -prefsHandle 10964 -prefMapHandle 10976 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9263b9e6-6509-407e-a348-d93f1ea07697} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 10880 1916ebb8258 tab
    3⤵
    PID:1736
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.22.228601422\716639530" -childID 21 -isForBrowser -prefsHandle 10864 -prefMapHandle 7144 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {119a023f-8616-4590-a8a8-fd79085eeee1} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 10988 1917204eb58 tab
    3⤵
    PID:2632
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.23.841828335\2085766854" -childID 22 -isForBrowser -prefsHandle 10484 -prefMapHandle 10480 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {19948ff0-70d1-499f-95ee-ec38831f2feb} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 10504 1915f963258 tab
    3⤵
    PID:5028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\activity-stream.discovery_stream.json.tmp

Filesize
22KB

MD5
ab1719ec5fedc2936ab7cc25cbeb067e

SHA1
29a689fba61e1cf5997183087fa712a911a72208

SHA256
649c7c5d5f404865b8360ccaf0f768e86892ad9e13fc387a2f06f2b3757f9cc3

SHA512
7778d41abd81d81591e81420759fb55231e4586ce73234695fdb02f60bb51817c401b1ff122f663f83f4e683ea2d5d8ee157e6aea5383c7bee8e3201e4ef5a32

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\cache2\doomed\22196

Filesize
8KB

MD5
4c0b9d32d7ab45e460fcfcd901c8ca80

SHA1
434530d31f150199a91c0217fe090a9be4383a53

SHA256
5478b742efbd29bd55235c4345f85ef3f5a8cf544ebc1fef458de5cd491014ff

SHA512
283fabda10ea49d5ffdc0e3075dafd5b9244d925d5aa597daeb22153769734a8a60ac4ce84ca9db369c4a080740b81edf785a0a23ff01bc5eb0b7051e24f3c17

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\cache2\doomed\9174

Filesize
9KB

MD5
469dd160afe151274483dce478c47801

SHA1
85d8b11c6db6c749800f3c5e4e1c3f41af59c0c4

SHA256
95ced7edf47b02574073f559b9091ba4ceb703f00da219003a5d2463db833ad4

SHA512
13281cdec1310143e7c4ddd7bd3d188e18a6770a3f45b882a931cf0a32447a8b53edf665d1bffcb4d8137a0d88451cf104ea93e509575bc0cecf9f8f6dd6b7ed

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\cache2\entries\51D52D298316CD3F9A90A40E946BB34EFA1BFB72

Filesize
13KB

MD5
96489cd4e9d4b66fd44c109eecea0942

SHA1
17d4f6c5b025562d722c151f6260048190d451e2

SHA256
6bf4025b02ad2ac434b79a7b4a601d233ac5f6d8a75723a7ac506f81ec14a62a

SHA512
f0c7dbe37e0f930581fa0ca6a01a276fbbe93f27557011f3150f4b562bca59d17bb209880920d365d93600120b464b3ae324ce716c757535492b72b9c2bf571c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_arts_and_entertainment.json

Filesize
67KB

MD5
6c651609d367b10d1b25ef4c5f2b3318

SHA1
0abcc756ea415abda969cd1e854e7e8ebeb6f2d4

SHA256
960065cc44a09bef89206d28048d3c23719d2f5e9b38cfc718ca864c9e0e91e9

SHA512
3e084452eefe14e58faa9ef0d9fda2d21af2c2ab1071ae23cde60527df8df43f701668ca0aa9d86f56630b0ab0ca8367803c968347880d674ad8217fba5d8915

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_autos_and_vehicles.json

Filesize
44KB

MD5
39b73a66581c5a481a64f4dedf5b4f5c

SHA1
90e4a0883bb3f050dba2fee218450390d46f35e2

SHA256
022f9495f8867fea275ece900cfa7664c68c25073db4748343452dbc0b9eda17

SHA512
cfb697958e020282455ab7fabc6c325447db84ead0100d28b417b6a0e2455c9793fa624c23cb9b92dfea25124f59dcd1d5c1f43bf1703a0ad469106b755a7cdd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_beauty_and_fitness.json

Filesize
33KB

MD5
0ed0473b23b5a9e7d1116e8d4d5ca567

SHA1
4eb5e948ac28453c4b90607e223f9e7d901301c4

SHA256
eed46e8fe6ff20f89884b4fc68a81e8d521231440301a01bb89beec8ebad296b

SHA512
464508d7992edfa0dfb61b04cfc5909b7daacf094fc81745de4d03214b207224133e48750a710979445ee1a65bb791bf240a2b935aacaf3987e5c67ff2d8ba9c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_blogging_resources_and_services.json

Filesize
33KB

MD5
c82700fcfcd9b5117176362d25f3e6f6

SHA1
a7ad40b40c7e8e5e11878f4702952a4014c5d22a

SHA256
c9f2a779dba0bc886cc1255816bd776bdc2e8a6a8e0f9380495a92bb66862780

SHA512
d38e65ab55cee8fef538ad96448cd0c6b001563714fc7b37c69a424d0661ec6b7d04892cf4b76b13ddbc7d300c115e87e0134d47c3f38ef51617e5367647b217

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_books_and_literature.json

Filesize
67KB

MD5
df96946198f092c029fd6880e5e6c6ec

SHA1
9aee90b66b8f9656063f9476ff7b87d2d267dcda

SHA256
df23a5b6f583ec3b4dce2aca8ff53cbdfadfd58c4b7aeb2e397eade5ff75c996

SHA512
43a9fc190f4faadef37e01fa8ad320940553b287ed44a95321997a48312142f110b29c79eed7930477bfb29777a5a9913b42bf22ce6bb3e679dda5af54a125ea

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_business_and_industrial.json

Filesize
45KB

MD5
a92a0fffc831e6c20431b070a7d16d5a

SHA1
da5bbe65f10e5385cbe09db3630ae636413b4e39

SHA256
8410809ebac544389cf27a10e2cbd687b7a68753aa50a42f235ac3fc7b60ce2c

SHA512
31a8602e1972900268651cd074950d16ad989b1f15ff3ebbd8e21e0311a619eef4d7d15cdb029ea8b22cf3b8759fa95b3067b4faaadcb90456944dbc3c9806a9

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_computers_and_electronics.json

Filesize
45KB

MD5
6ccd943214682ac8c4ec08b7ec6dbcbd

SHA1
18417647f7c76581d79b537a70bf64f614f60fa2

SHA256
ab20b97406b0d9bf4f695e5ec7db4ebad5efb682311e74ca757d45b87ffc106b

SHA512
e57573d6f494df8aa7e8e6a20427a18f6868e19dc853b441b8506998158b23c7a4393b682c83b3513aae5075a21148dd8ca854a11dabcea6a0a0db8f2e6828b8

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_finance.json

Filesize
33KB

MD5
e95c2d2fc654b87e77b0a8a37aaa7fcf

SHA1
b4b00c9554839cab6a50a7ed8cd43d21fdaf35dc

SHA256
384bf5fcc6928200c7ebb1f03f99bf74f6063e78d3cd044374448f879799318e

SHA512
9696998a8d0e3a85982016ff0a22bb8ae1790410f1f6198bb379c0a192579f24c75c25c7648b76b00d25a32ac204178acaccd744ee78846dfc62ebf70bf7b93a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_food_and_drink.json

Filesize
67KB

MD5
70ba02dedd216430894d29940fc627c2

SHA1
f0c9aa816c6b0e171525a984fd844d3a8cabd505

SHA256
905357002f2eced8bba1be2285a9b83198f60d2f9bb1144b5c119994f2ec6e34

SHA512
3ae60d0bf3c45d28e340d97106790787be2cc80ba579d313b5414084664b86e89879391c99e94b6e33bdc5508ea42a9fd34f48ca9b1e7adfa7b6dd22c783c263

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_games.json

Filesize
44KB

MD5
4182a69a05463f9c388527a7db4201de

SHA1
5a0044aed787086c0b79ff0f51368d78c36f76bc

SHA256
35e67835a5cf82144765dfb1095ebc84ac27d08812507ad0a2d562bf68e13e85

SHA512
40023c9f89e0357fae26c33a023609de96b2a0b439318ef944d3d5b335b0877509f90505d119154eaa81e1097ecfb5aa44dd8bb595497cdecfc3ee711a1fe1d5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_health.json

Filesize
33KB

MD5
11711337d2acc6c6a10e2fb79ac90187

SHA1
5583047c473c8045324519a4a432d06643de055d

SHA256
150f21c4f60856ab5e22891939d68d062542537b42a7ce1f8a8cec9300e7c565

SHA512
c2301ed72f623b22f05333c5ecc5ebf55d8a2d9593167cc453a66d8f42c05ff7c11e2709b6298912038a8ea6175f050bbc6d1fc4381f385f7ad7a952ad1e856b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_hobbies_and_leisure.json

Filesize
67KB

MD5
bb45971231bd3501aba1cd07715e4c95

SHA1
ea5bfd43d60a3d30cda1a31a3a5eb8ea0afa142a

SHA256
47db7797297a2a81d28c551117e27144b58627dbac1b1d52672b630d220f025d

SHA512
74767b1badbd32cacd3f996b8172df9c43656b11fea99f5a51fff38c6c6e2120fae8bdd0dd885234a3f173334054f580164fdf8860c27cbcf5fb29c5bcdc060d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_home_and_garden.json

Filesize
33KB

MD5
250acc54f92176775d6bdd8412432d9f

SHA1
a6ad9ad7519e5c299d4b4ba458742b1b4d64cb65

SHA256
19edd15ebce419b83469d2ab783c0c1377d72a186d1ff08857a82bca842eea54

SHA512
a52c81062f02c15701f13595f4476f0a07735034fcf177b1a65b001394a816020ee791fed5afae81d51de27630b34a85efa717fe80da733556fdda8739030f49

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_internet_and_telecom.json

Filesize
67KB

MD5
36689de6804ca5af92224681ee9ea137

SHA1
729d590068e9c891939fc17921930630cd4938dd

SHA256
e646d43505c9c4e53dbaa474ef85d650a3f309ccf153d106f328d9b6aeb66d52

SHA512
1c4f4aa02a65a9bbdf83dc5321c24cbe49f57108881616b993e274f5705f0466be2dd3389055a725b79f3317c98bdf9f8d47f86d62ebd151e4c57cc4dca2487c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_jobs_and_education.json

Filesize
33KB

MD5
2d69892acde24ad6383082243efa3d37

SHA1
d8edc1c15739e34232012bb255872991edb72bc7

SHA256
29080288b2130a67414ecb296a53ddd9f0a4771035e3c1b2112e0ce656a7481a

SHA512
da391152e1fbce1f03607b486c5dea9a298a438e58e440ebb7b871bd5c62d7339b540eed115b4001b9840de1ba3898c6504872ff9094ba4d6a47455051c3f1c5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_law_and_government.json

Filesize
68KB

MD5
80c49b0f2d195f702e5707ba632ae188

SHA1
e65161da245318d1f6fdc001e8b97b4fd0bc50e7

SHA256
257ee9a218a1b7f9c1a6c890f38920eb7e731808e3d9b9fc956f8346c29a3e63

SHA512
972e95de7fe330c61cd22111bd3785999d60e7c02140809122d696a1f1f76f2cd0d63d6d92f657cdec24366d66b681e24f2735a8aabb8bcecec43c74e23fb4f5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_online_communities.json

Filesize
67KB

MD5
37a74ab20e8447abd6ca918b6b39bb04

SHA1
b50986e6bb542f5eca8b805328be51eaa77e6c39

SHA256
11b6084552e2979b5bc0fd6ffdc61e445d49692c0ae8dffedc07792f8062d13f

SHA512
49c6b96655ba0b5d08425af6815f06237089ec06926f49de1f03bc11db9e579bd125f2b6f3eaf434a2ccf10b262c42af9c35ab27683e8e9f984d5b36ec8f59fd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_people_and_society.json

Filesize
45KB

MD5
b1bd26cf5575ebb7ca511a05ea13fbd2

SHA1
e83d7f64b2884ea73357b4a15d25902517e51da8

SHA256
4990a5d17bea15617624c48a0c7c23d16e95f15e2ec9dd1d82ee949567bbaec0

SHA512
edcede39c17b494474859bc1a9bbf18c9f6abd3f46f832086db3bb1337b01d862452d639f89f9470ca302a6fcb84a1686853ebb4b08003cb248615f0834a1e02

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_pets_and_animals.json

Filesize
44KB

MD5
5b26aca80818dd92509f6a9013c4c662

SHA1
31e322209ba7cc1abd55bbb72a3c15bc2e4a895f

SHA256
dd537bfb1497eb9457c0c8ecbd2846f325e13ddef3988fd293a29e68ab0b2671

SHA512
29038f9f3b9b12259fb42daa93cdefabb9fb32a10f0d20f384a72fe97214eff1864b7fa2674c37224b71309d7d9cea4e36abd24a45a0e65f0c61dc5ca161ec7c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_real_estate.json

Filesize
67KB

MD5
9899942e9cd28bcb9bf5074800eae2d0

SHA1
15e5071e5ed58001011652befc224aed06ee068f

SHA256
efcf6b2d09e89b8c449ffbcdb5354beaa7178673862ebcdd6593561f2aa7d99a

SHA512
9f7a5fbe6d46c694e8bc9b50e7843e9747ea3229cf4b00b8e95f1a5467bd095d166cbd523b3d9315c62e9603d990b8e56a018ba4a11d30ad607f5281cc42b4cd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_reference.json

Filesize
56KB

MD5
567eaa19be0963b28b000826e8dd6c77

SHA1
7e4524c36113bbbafee34e38367b919964649583

SHA256
3619daa64036d1f0197cdadf7660e390d4b6e8c1b328ed3b59f828a205a6ea49

SHA512
6766919b06ca209eaed86f99bee20c6dad9cc36520fc84e1c251a668bcfe0afcf720ea6c658268dc3bbaaf602bfdf61eb237c68e08d5252ea6e5d1d2a373b9fe

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_science.json

Filesize
56KB

MD5
7a8fd079bb1aeb4710a285ec909c62b9

SHA1
8429335e5866c7c21d752a11f57f76399e5634b6

SHA256
9606ce3988b2d2a4921b58ac454f54e53a9ea8f358326522a8b1dcc751b50b32

SHA512
8fc1546e509b5386c9e1088e0e3a1b81f288ef67f1989f3e83888057e23769907a2b184d624a4e4c44fcd5b88d719bd4cca94dfb33798804a721b8be022ec0c6

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_shopping.json

Filesize
67KB

MD5
97d4a0fd003e123df601b5fd205e97f8

SHA1
a802a515d04442b6bde60614e3d515d2983d4c00

SHA256
bfd7e68ddca6696c798412402965a0384df0c8c209931bbadabf88ccb45e3bb6

SHA512
111e8a96bc8e07be2d1480a820fc30797d861a48d80622425af00b009512aacb30a2df9052c53bfbf4ee0800b6e6f5b56daa93d33f30fecb52e2f3850dfa9130

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_sports.json

Filesize
56KB

MD5
ce4e75385300f9c03fdd52420e0f822f

SHA1
85c34648c253e4c88161d09dd1e25439b763628c

SHA256
44da98b03350e91e852fe59f0fc05d752fc867a5049ab0363da8bb7b7078ad14

SHA512
d119dc4706bbf3b6369fe72553cfacf1c9b2688e0188a7524b56d3e2ac85582a18bbee66d5594e0fb40767432646c23bf3e282090bd9b4c29f989a374aeae61f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_travel.json

Filesize
67KB

MD5
48139e5ba1c595568f59fe880d6e4e83

SHA1
5e9ea36b9bb109b1ecfc41356cd5c8c9398d4a78

SHA256
4336ac211a822b0a5c3ce5de0d4730665acc351ee1965ea8da1c72477e216dfa

SHA512
57e826f0e1d9b12d11b05d47e2f5ae4f5787537862f26e039918cb14faff4bc854298c0b7de3023e371756a331c0f3ee1aa7cebbbf94ec70cdfc29e00a900ed1

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\recipe_attachment.json

Filesize
1KB

MD5
be3d0f91b7957bbbf8a20859fd32d417

SHA1
fbc0380fe1928d6d0c8ab8b0a793a2bba0722d10

SHA256
fc07d42847eeaf69dcbf1b9a16eb48b141c11feb67aa40724be2aee83cb621b7

SHA512
8da24afcf587fbd4f945201702168e7cfc12434440200d00f09ddcd1d1d358a5e01065ac2a411fdf96a530e94db3697e3530578b392873cf874476b5e65d774a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\thumbnails\8c50218f57456e46c2e166e0bd8f2011.png

Filesize
1KB

MD5
fc02db049d091e42f9c9857bd390b101

SHA1
ea1574b2d0bd9b2c8645dbfe80915a52e82812c6

SHA256
40b1bb64fe8a4fee70a2591cae2574171fd43255f51f051c285c7a32cee7b172

SHA512
fdeb347870ff94f55faf91c32d1906c552eddf8091bf52df2b2fc3fe0ee4c8846382b1b5cd5b8a947175abece84565356efc68a27c00aa64421c98cd9c09d6f8

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
12KB

MD5
8f1909a1a8da377e368413493d780af4

SHA1
0df8b10fed30223294f97b57e7ec48c57c57584f

SHA256
b376cd2728c736f8eefdb28f46980a6a75ddc7bf74d1d1f1be687de8cd567c07

SHA512
0966c7bc800a05b1c3e8d3b044a7452750dc65ffbd65fc0d6ec32cb387a66448523ca0adf1f73e83b153935505487b890cae23a24f8d46dfb18c0d517aa70146

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
16KB

MD5
380c9db835b148471d37c062c3408a20

SHA1
42b21f47b2ca9e97f42b66ad4b81da4e3b362f41

SHA256
380706904ee6ab28fa9d0419eeb2cb792c38b63c9845006eb465d86ba346e0ee

SHA512
4f51e854fa5d6365fbac2f94afae6bd8ee2d820b566c16ed72c72e2f5ef361a12b1a09a628c4765810a5997a70bd4d4987df93fa71611f6bb058487dfb393747

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
10KB

MD5
b932a509be59d02c898c7f4debda7608

SHA1
670c1cc17bae33b52f654333950b3b1992a4baf6

SHA256
f2e5779a020e63bd2008e0d53a8c3adb11e61de132f6fc1fead21d95a0db5438

SHA512
6fb5d9855a1dc892c254d17c907bdb93b81766f19063b50bbdde6e50b4236d99de8e06bcfbfbc4542e2e2989085291e9eac276a52aca5d66e2cb1df9b215ba1f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\SiteSecurityServiceState.txt

Filesize
372B

MD5
7b48e296ae1a8b759ff72e978b89be83

SHA1
e2b1b35b08907a2e4718a5ef8a8df9bb6200d954

SHA256
7cd267c3b57356587418909a6002a9a75145a0393ff8c6a25230ba5225407545

SHA512
37c7fa277daeda6fa8851d01b1a088e7fe9e59724bf6232640aded6b46a5cfcf38bcab6a5e3161570bb378a9659fb034814bc9bead983798e79db0e5e41da0a2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\bookmarkbackups\bookmarks-2023-11-05_11_vOzwxHBIdEztZvfWp3i0Ow==.jsonlz4

Filesize
945B

MD5
117785831f1e4de76dd2c162f25543e6

SHA1
98d9c9841eed8d3c8882aee83888d553662e9a70

SHA256
db8d2b1a6fb2e76f39c9ba42024f0ce626b15ba435916b4b55b3b2746a51c4c9

SHA512
8252bfc41632a2370732d9ece0088f5eee3cd7533eaa6754d914ba616223412f7f781387e29954f843ab33fa5125406b9d3dea310c8af657d00cd629f47b37ac

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\broadcast-listeners.json

Filesize
216B

MD5
2b7cfe037e7f294efffbf7c937c404f1

SHA1
891e113d1ad7ac7587d3da09e9ba3d359a2ffed7

SHA256
1f39f56f06bd68ba2bf564ee67888bf9918631f02f9ee1b1056754c433efc11c

SHA512
fdaa12d5e44fe2217cbc198ab951ade4ba1ea35134d7f93dfd1cf429a9e3f6ce24d2ffd1e1c9da38e7e0e73be3f2181de20df862f173cb82384df948d6ef4b9a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

Filesize
11.8MB

MD5
33bf7b0439480effb9fb212efce87b13

SHA1
cee50f2745edc6dc291887b6075ca64d716f495a

SHA256
8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

SHA512
d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs-1.js

Filesize
11KB

MD5
f6c0ecceaee3ef4a2c4c2c02ba234200

SHA1
661b39184d71b07ff52460dae6df12173ee1074d

SHA256
500a341824ac7023deefec71071147b0b881469786a8df5952c2f23f10aba3b2

SHA512
fe738be4451979548507aa782ac8347743434b1f9e699edaca294bdf498062542a342b38a6fbccc2e0acca4c7597cc7a16a8f8d59bbc7d02a582058be9e2dbad

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs-1.js

Filesize
6KB

MD5
bc66a36fa1f0a8199abaa973548d3f88

SHA1
fa9c95eb9914d7f535b30dec3343a8e0fbda57f3

SHA256
61fb6f36a7a373b344a42b1c6704a0549da3ea9661cfb2e7e383087be4ea3d65

SHA512
55a16a990f47aedfd2a4d33c5448fe0c1150bb3158c08168af0e6b3e4ec10fd7012b12cde7b89cce06f9e298d4c53964d1ac3a52f2e09f285f0e2be5e482c915

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs-1.js

Filesize
7KB

MD5
4cf869a64c66fc32182b9ffea2fcf1a4

SHA1
34fca7b4675816e0377af0ef1ed940552f7977e1

SHA256
d541b72aff2148a79ad316af664846791ec59ca726eef3877fced9f739bad9d6

SHA512
04ab67efa28281538b05e8066c2a6dc58928c60dbda140528d0313dab4dbbfe48c49281dacc5471c1fc19f6dec409f4ab9eebad75b73a2f7ec73082025c524d9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs.js

Filesize
6KB

MD5
c184ad46d064909e8ca348682753af04

SHA1
b9ae31f831f22e4fd39f595fe627382ad3a01c11

SHA256
774f876a93f4f87d2d21c2ef24cf92e45b84f5cbcb55d744b325e1b8da025688

SHA512
dbba11c71d8d29b33d68bb667d62f1a9dfe0765df1193761818fdd008266be7b4b793fdaabc73a47d333ecf48be565ce1f2f58147675a531ebd5afe993c86213

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs.js

Filesize
8KB

MD5
755fc90addfbda401a564d7bb1266e22

SHA1
25adf2e168ba225940be91c5ebae23031ba2994c

SHA256
60782df9371de11c7ee98776bfd9fb2381194043852deeed419e9e5f83c8f52d

SHA512
170f9d89fe511f16296bfc3263c8743baa24c5f55859aa9dfe7cade3ff0178d433c01e372afc4f22ad47c75c6ed0b27365ca28d1b5f1e366ad67e970e7e5a70b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs.js

Filesize
10KB

MD5
0bab6856e25f4b96e527984bd7818805

SHA1
4db3a0d2eeaf5909525482ffe7d9f729b4cbae08

SHA256
c01aac9713c3ff547b75da54f71062b0e621c1fd2a0c6e52066c5cfca6a6a156

SHA512
f06123ccc066f74b3966bdf461f3773c24f1a4ececb509c861031a309bbea641d188805abd3bd64ded9c640835594ed05f0d7d7e8ba74272d6d3e42a50eba8ea

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs.js

Filesize
6KB

MD5
d5b1dd2f5f61b8e8fb1e7ef551ad4764

SHA1
5901082ee44ded890ce6a90ebc3b0755ee428ae3

SHA256
b6dd130990228b381e6b185157d6468d4af969fe2f4aea1aec44ba9a231daefe

SHA512
6c6b876c045f328980b35375f6f3dee9ff826d7bc1aa4eb76b6932f8f6679303fc7bfa13d01abb61efc5c2f862ea77092fe5ac4edced5e81483277cc3e2b25ac

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs.js

Filesize
10KB

MD5
ad4d555312d798a256033287d5bed32f

SHA1
7ffc45d1e604bec49e81948e7d5b5b443f48258a

SHA256
5a8bd3520b7a2b3212969d4528f55f2c5b50213a35059851ca024fa0618a0c54

SHA512
0d33dfc10980e3f7b1bc6e900ac31961c7488cd7f58a400c8ac720895ebd0cb983de3db1a7d4979fab4d20323356a4948fb58402833a47db6e44b4b338490862

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionCheckpoints.json

Filesize
90B

MD5
c4ab2ee59ca41b6d6a6ea911f35bdc00

SHA1
5942cd6505fc8a9daba403b082067e1cdefdfbc4

SHA256
00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2

SHA512
71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
3ce8bd70eb1ff347ae77c5f10eb8d171

SHA1
79074e5dccabf194f6dd732875acf2a1e9625a99

SHA256
ca7625a870e6446f498d747bafbf611cecd7da237badde35bbe981bc3499d858

SHA512
58b58e14cac262907d7524d0477181aea3f4ee38a486f21c3b53f6e2dadbd8c8db60b0c2870a3ee114b2c72826e4ba7e761273e1f2c564fd4b5e6f19b2a9c314

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
4b7ae0ea21f8a75e2d482331089a54be

SHA1
f824b4b6e4bb88f41d33a0db0b67082c8ed97684

SHA256
77c5e99f1f1b9694b551c17c7b9a775c7b97ae6d2cd53d2a945111296716c86d

SHA512
55b9983eb45d4cd8c3b43c1ce31968b5768abf1fd5aac7738ce5f4a843e25a8f4945a03f85878f983a8c8f72c97ad5e3858499a21e09cfd712224f50a81626f2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
cbe3c43aa8731f07fc4290654a8f79ad

SHA1
bb656141496b7f2ff2ffe91f6a0ff059914fb886

SHA256
59a23e944d927ef0820701c337c99294427564a391a5061c55f5c485cd5c3f01

SHA512
91d914de0dce9396f770965f0b434f8f197ae8a05ad11160baa15effc339d700c25819fd926bb80abc31f808578ee3093e6d07c7b55204ad6222613d9096b47e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
1c89fa33f1e6229a28fc03cdabe95efe

SHA1
8dc85b679a8e1c34ad09e3b4e9fe5d8dde8ab9d1

SHA256
68004bfb5ae5158bd757b7746e3c7847e1bc4d46bd23aee20ff8aedc97ed4bab

SHA512
83fa0d70876c4f4523e7b057482461f51115c3c20f10e84b324565fded5a12521c104daacfb2da0e841cdde4ee9616efeb69e7e62da9440f081843aa8147bdf4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
987dc236217b802956b2f605aee9df96

SHA1
a877066b9bdbace205c9c760a70e091169339b81

SHA256
d0ce81be938a51a595d170319ec257073851a97cfeb65067277f042db8d17535

SHA512
bc1480d8d6e677761e11d6dae7378da6b484b2c8e87ad24d096cf7be3d2b6b68d24cd604dd02ed6ae2ea838f13c6f8d5cc84e9ea74f17ce213a6d1968bebe6d9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
0c8b858ff7e17eb98b0e458b89cf893c

SHA1
830c859345ad517657c2c9afd1509ed5a087769e

SHA256
0ead48eddeac7dbe0b9b1a8b6ccdbe9a4cd23c275e85557d92ee013107b01661

SHA512
15ac485179c238c272a234e3dca0a7d8aba8513ce080a9ebd57f87bb8fad692102d2afc600b758535bc2b939caa26731dc429d12edf62b8f188b8259f4131b64

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
10KB

MD5
973a31da424a8804af54ed3728310033

SHA1
ea644247190104d36399fb2c0f6fe2b20abb51bd

SHA256
baffb235ef4d5d12c3e6a3a5a4e270da5ef13ef0c05eaa14e59325ddec765079

SHA512
a29ebddf6777406d375bb26d58679ac597328b61d65075105dc72b5858ae97ea8e646c5411548accd8458aba5bf5abdc2ed636548c6c083a8984201546819bab

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
2826faf17f7d2e9663d38156460827bb

SHA1
12bd928e3368266c184219a5859556aebce55054

SHA256
35947954e3e7eb1b9222a13374069b4f10e674f6bbcf235615ba4124009f54e2

SHA512
1fa2f2b97157f20a328a47d2f15d035520a8349615ade78d85aa547566da882a32846700e4c533aaf755b954460a731f1416f9184face3d83da0ef5968ba467c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
95f05876d4c4d959733392204d6c5a11

SHA1
acfbda64cca1f36199b6d83a5db7b194d0e71d85

SHA256
54092b85e3ac3b75c0ba399688e37ff71ec1a97096a3d73cf146c45843d0249e

SHA512
833f28f74f1d4342be41fba04109c5e900ab286dcfd68b1a4f49e8a6ba6062fbd9b9d741924f5bc9ee7661e4b0dd50af59efb00d27ba2066e87f61c384c6fc22

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
9320c830fbb0fa09b8feb95e7390da46

SHA1
818bafa54609a137941b732736e214028bacb84c

SHA256
f42ec2aa97ec74654aa9db7e9c6da916d486bbf551095850f34136b02380f7cb

SHA512
42c3285091b733469cb4d3c9ea99b1d4c5bdc1a10697efac74fbb85577838f5a0d419fdb315a64989b2488109d4a43181cc1e325cebc0a946770364569a1cdaf

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
e11922704f11d53c06e19615a1e7bcd9

SHA1
3e1a33e184de415e23c3db7c81e64bfd852643a5

SHA256
e8fae7f22cf3eda05e1c5659535fb0883cf909efcc1c9fa11b0bc6b62383258d

SHA512
148caac79b9f88d413cf06a62ecf72ea94fbc5d490a9a1d4925d8609f1eecba22f0af971cdd4944d101f54b781f95466c8e893f74f0c9f960b810a20cbff351a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
7a706e1d8f9af89f2fa35d5224aeac61

SHA1
405962b2bddc1e8f10cf9afab67ee7e0eadd6a3b

SHA256
7713e28fc4c33038a62b8918d2d0df8d9c61ecdb888a62bdc010e87fdab09c37

SHA512
f9013125b812aa296be0f8e274899c72cb83ef936987e25dec3aff27c84b1cd41020f5090f739207e260e5f073338570f197dc33b987d7a3fb0bf7a3ee7c7166

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
9KB

MD5
f4910d55578327e77e3026a7321bb942

SHA1
9a07994c6c61fd61340accdce95e1212196b3bb4

SHA256
546a994cb1a5c635ac52c145efc35eb8e0eaa0bcb4475f4d479ba7470ae28f9e

SHA512
be6c29df345ea67758da72ccc18524f05600d48c8eaa358aacb1e3fcf863a00ffa50273e54e246fa3773ea8792868334596aadc2856785f51724ab8afeef0c86

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
d4f284edbfbf984c712e0cd868cd1034

SHA1
0431686cbafa7d283d92e3f38c4e4d911ae1b7ea

SHA256
de92f0d943d52d4770e9281b944396ad8f08352314b2b29eafc1ca83d3eef9a2

SHA512
ea4c78e98b39e2c7214ae3c4bfb2847fce1477d5314f490e08eb1862d66ad2539431f93a94f219d108ca8d28c5a94d25409488f99cd1efae5e2df0cc7043cab0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\targeting.snapshot.json

Filesize
4KB

MD5
937037e308db480fb9e0d6aa51c1df85

SHA1
d35f6221796d2c12ae78a95c3f8310286c0427c4

SHA256
6a12bacbc2dfa0a742605d0aeb39901d0f254ed5681e27f4e874e84c515549c6

SHA512
bdab4a06553bb51573812385649640bae136b07883f4a01afd3af5127fd636d1a4b8ef458da8af0a0809fb14ce1108c5f3745b49fb60c305427a587f25aa051a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\xulstore.json

Filesize
107B

MD5
3b2d27df61056e1a61f69a879bbb1d90

SHA1
259da055fb555d24f690f4205018edaf1b36da39

SHA256
554f7a52e24ffee4b836376301deb4027798f988a64c1dc0ed79e425490e4585

SHA512
c885c7a4a70e38f96d7b867bea1eb41ef09b6a50797e2efa9f1e378a7453bda0951e65ce3a6bedec6ffa332e2b0d73364a35334f24bffbafe57ba5d1f5fa83ff

Download Submit