hxxps://sekurak[.]pl/

Analysis

max time kernel
1176s
max time network
1200s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
28-02-2024 08:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://sekurak.pl/

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 5 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-399997616-3400990511-967324271-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 7 IoCs

description	pid	Process
Token: SeDebugPrivilege	2612	firefox.exe
Token: SeDebugPrivilege	2612	firefox.exe
Token: SeDebugPrivilege	2612	firefox.exe
Token: SeDebugPrivilege	2612	firefox.exe
Token: SeDebugPrivilege	2612	firefox.exe
Token: SeDebugPrivilege	2612	firefox.exe
Token: SeDebugPrivilege	2612	firefox.exe

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
2612	firefox.exe
2612	firefox.exe
2612	firefox.exe
2612	firefox.exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
2612	firefox.exe
2612	firefox.exe
2612	firefox.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2612	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3120 wrote to memory of 2612	3120	firefox.exe	45
PID 3120 wrote to memory of 2612	3120	firefox.exe	45
PID 3120 wrote to memory of 2612	3120	firefox.exe	45
PID 3120 wrote to memory of 2612	3120	firefox.exe	45
PID 3120 wrote to memory of 2612	3120	firefox.exe	45
PID 3120 wrote to memory of 2612	3120	firefox.exe	45
PID 3120 wrote to memory of 2612	3120	firefox.exe	45
PID 3120 wrote to memory of 2612	3120	firefox.exe	45
PID 3120 wrote to memory of 2612	3120	firefox.exe	45
PID 3120 wrote to memory of 2612	3120	firefox.exe	45
PID 3120 wrote to memory of 2612	3120	firefox.exe	45
PID 2612 wrote to memory of 4276	2612	firefox.exe	90
PID 2612 wrote to memory of 4276	2612	firefox.exe	90
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 1428	2612	firefox.exe	91
PID 2612 wrote to memory of 2288	2612	firefox.exe	92
PID 2612 wrote to memory of 2288	2612	firefox.exe	92
PID 2612 wrote to memory of 2288	2612	firefox.exe	92

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://sekurak.pl/"
1⤵
- Suspicious use of WriteProcessMemory
PID:3120
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://sekurak.pl/
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2612
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2612.0.430713884\388043208" -parentBuildID 20221007134813 -prefsHandle 1852 -prefMapHandle 1844 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {666bfcf9-c091-4251-991b-e73072523adb} 2612 "\\.\pipe\gecko-crash-server-pipe.2612" 1944 23fd3108558 gpu
    3⤵
    PID:4276
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2612.1.184016828\2053031306" -parentBuildID 20221007134813 -prefsHandle 2372 -prefMapHandle 2368 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e7667825-add1-443e-8465-0ef8c980237c} 2612 "\\.\pipe\gecko-crash-server-pipe.2612" 2384 23fd1ef1f58 socket
    3⤵
    PID:1428
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2612.2.2121087848\1327981758" -childID 1 -isForBrowser -prefsHandle 2996 -prefMapHandle 3212 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ceebf69c-1a4e-4af0-b61d-e8fa29a31876} 2612 "\\.\pipe\gecko-crash-server-pipe.2612" 2948 23fd215ca58 tab
    3⤵
    PID:2288
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2612.3.1409874047\1254450204" -childID 2 -isForBrowser -prefsHandle 3616 -prefMapHandle 3612 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {523f145b-92d2-4ad3-8e34-db2d65076b7c} 2612 "\\.\pipe\gecko-crash-server-pipe.2612" 3628 23fd7073958 tab
    3⤵
    PID:3352
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2612.6.790892754\2104671443" -childID 5 -isForBrowser -prefsHandle 5528 -prefMapHandle 5524 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {65a61381-47ff-4e5a-9afb-a13c0dc588bc} 2612 "\\.\pipe\gecko-crash-server-pipe.2612" 5444 23fd9236b58 tab
    3⤵
    PID:3880
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2612.5.1390006914\2112582864" -childID 4 -isForBrowser -prefsHandle 5264 -prefMapHandle 5268 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {caf22776-600d-4106-8d29-8b2906b2270a} 2612 "\\.\pipe\gecko-crash-server-pipe.2612" 5256 23fd9236858 tab
    3⤵
    PID:4464
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2612.4.188391722\1719279668" -childID 3 -isForBrowser -prefsHandle 5104 -prefMapHandle 5096 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a6823539-7d41-4fdd-b655-a0a2cd6b3a13} 2612 "\\.\pipe\gecko-crash-server-pipe.2612" 5084 23fd9233558 tab
    3⤵
    PID:3804
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2612.7.65995211\636748342" -childID 6 -isForBrowser -prefsHandle 5916 -prefMapHandle 5816 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2bda8bb8-41fa-40f0-8b73-1b85a6fd51fc} 2612 "\\.\pipe\gecko-crash-server-pipe.2612" 5760 23fda166a58 tab
    3⤵
    PID:5160
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2612.10.41479328\1441325639" -childID 9 -isForBrowser -prefsHandle 3144 -prefMapHandle 3148 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7febba0b-9c9c-4343-b1c8-052f65669322} 2612 "\\.\pipe\gecko-crash-server-pipe.2612" 3156 23fda167c58 tab
    3⤵
    PID:6132
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2612.9.729121429\988907428" -childID 8 -isForBrowser -prefsHandle 4484 -prefMapHandle 4468 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c97fe5d3-8178-4c31-810b-a646a7aef672} 2612 "\\.\pipe\gecko-crash-server-pipe.2612" 3584 23fda168558 tab
    3⤵
    PID:6124
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2612.8.1566646831\669638572" -childID 7 -isForBrowser -prefsHandle 5500 -prefMapHandle 5104 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d4c9965a-20ea-4085-9c3f-7aa8672bb30e} 2612 "\\.\pipe\gecko-crash-server-pipe.2612" 5100 23fd9f0ae58 tab
    3⤵
    PID:6116
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2612.11.911179696\972361611" -childID 10 -isForBrowser -prefsHandle 5988 -prefMapHandle 5888 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1164 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b09f5990-ecfb-4e62-ab52-63c8bb4a7552} 2612 "\\.\pipe\gecko-crash-server-pipe.2612" 6056 23fd9143858 tab
    3⤵
    PID:3400

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\cache2\doomed\2383

Filesize
11KB

MD5
8241002a9ad7e77c3a98031b3707e08e

SHA1
3796827a703d0564cd5fcfaeaa441eb96d01b8a5

SHA256
e6e1bee5a0656c2e0d36350f24a726c42ddf8f1e24a73ae88a53fbd45af621f4

SHA512
d1ed6c8ee40743da3cb03cdb38fcea1c0301a6cfd42d56807daf53fbc1c2cfb387452fb2908bf9f9dfafd9df7501f98eeed86ba73bc02f2e0e44c62c6c1f7e64

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\cache2\doomed\5525

Filesize
19KB

MD5
48adf8276f904898abf6b02408dc625f

SHA1
27076baeada59ca96c78c14d6208162736defa8d

SHA256
6087d69ea8f958c1d0b649a8569ba58d7fee527cf12bc3f8a416c2058df07cac

SHA512
18df800cc257cc1afafb0f3fee1647f6c84bffda1b64ca43093f8bc6391364ef8f7c93bd87113eefc4812091af9d418b2fa3723e89f1469d91fabb2846a212a1

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\cache2\entries\2BD68FB29AE0B5F8363FB4EE8B9E55A04A1F80F6

Filesize
38KB

MD5
195df7ee845b97329a5e01c2a7b347a6

SHA1
ec0e3611f84d0641d9547eb5796dc2125d6eb865

SHA256
1adbe80127bc1072793d2192846e2342fa4738c91ea10249305360b72ac3ed04

SHA512
9439175c38b9dfe9047a9996af509b4ab941a100a4573c4f638327c707871870e593a5f12ae6ebb947916ec2530e1258fea24446473c2dc540123f9bd199b076

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\cache2\entries\CBBB11E3DBDE23EF52411B03F7DF56104942980E

Filesize
36KB

MD5
dcf0248beb986c563e6294b3f362be50

SHA1
04481d06fb8d78f32aee98d0b2877b89f1d40bfc

SHA256
7b770a698ebf8c91d02e0fe6ce46fba3886e7acd3ace1d6e1befbbd02f229406

SHA512
fce1e735c17bec9bf8055a2d18c7edc0c0db6a97ca81836ee4b41ce8bb57524a8ed51fe244bd2a7e938dce74774cc14a9842026bd363ea116b12a6db05094549

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
11KB

MD5
e03ef732a8020688537185366d497fcc

SHA1
a051013af0b627253e71283b1051f4a12734d1d1

SHA256
89d1567763ab4f57cde7611d62ff67d707465d6d1813612906135feea35ebeb2

SHA512
352703640cfd675280f72981c358ca08a304f72871b26decc9a2f63bfdb6995cee5075552cc0b46d5437357caeb6878a47fbffb6c77da2f67f49ead94941507c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\bookmarkbackups\bookmarks-2024-02-28_11_M35M5gXc5+vb2va6XQ+Y6A==.jsonlz4

Filesize
947B

MD5
adc2f2e406ca1cb35c5512349c6de9a5

SHA1
6a4483c4a972273c27652a0308e0a5dd003396d0

SHA256
3c18c4f4e6914f7a99f8cbe6b30f2094dee50d56ef3d7bd227da78d1cc954e43

SHA512
a1607c445821c563d4364a1532cf95c3fd561031c60f78f56c79330c679381dc3a0809b7887d0d12a1b475b1af6680e3b956763df96f51133274cefd62353624

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\broadcast-listeners.json

Filesize
204B

MD5
72c95709e1a3b27919e13d28bbe8e8a2

SHA1
00892decbee63d627057730bfc0c6a4f13099ee4

SHA256
9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa

SHA512
613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\datareporting\glean\db\data.safe.bin

Filesize
2KB

MD5
a95a079df22c4f54e096cdbb0c0262da

SHA1
383af52b6caf9135f2fc32b5f6ba40b82230d6f8

SHA256
6edb1e680f4872ff3fdf9a339b3f61f9603d38f4ae4fda33165af465f2053270

SHA512
7b5511deb394a829bb3c5eb5e5e27a52edd7eb26e4e876f20570958ea02fdf2c80071084629f73d5e49817a1677361fa26ff387b0ec558bfd48539c28e44aeca

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\datareporting\glean\pending_pings\eb4d478e-003c-4415-9aff-cd42f0c8f822

Filesize
11KB

MD5
4db57cbeebe1d655c3ad532bea1d9d2c

SHA1
cc892a7cf4e091ca661bff7082edc95b329a85f8

SHA256
1dbce78afa940dee4e114d485e43c8d560b24725c23e5d22a4bc697e5be7f43f

SHA512
b2a88e7ababebfd065deae9a443c0adcad0033d66bfd4b85b101c24e130a800e5b943f88938f0475bf39a86b94b85c89b3e0077e719ed7091d26453b485b365f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\datareporting\glean\pending_pings\eb95b003-eac7-44cc-bc9b-27210b907dce

Filesize
746B

MD5
1a4513d3a08648ffea75bd23ca6b89df

SHA1
cbeffa1789b8f7088c33551114c0d87312b0b341

SHA256
2f30c6247c8bc06ad50a04dbadd8ccbce3738bb1763fdc5ff807e34905abd683

SHA512
745386973e4eec709c11e4873c650fe1f9c79d4718e838fac6a825125622df5eda944c8b6432393182853fbce9a09c2d16eadfa8b6f4026cd3908d76a0ffed1b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

Filesize
11.8MB

MD5
33bf7b0439480effb9fb212efce87b13

SHA1
cee50f2745edc6dc291887b6075ca64d716f495a

SHA256
8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

SHA512
d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\prefs-1.js

Filesize
7KB

MD5
fae154bcfb1233f6ffe06d1531e067cc

SHA1
49d68eb7cf20d741bf073e8a37060f5e7e1159a2

SHA256
1e800d7943114c9a1333f96721415345c1e57925b908b07bbdb399d3444ab845

SHA512
3c30aa35250ca48b2e563bcf556c8bb2a02fb48b007f6ced219e278a22e1f24161e302bf3aaef4ee1378059ed67ee4e9bda316c67bef47b98565faff4966b5eb

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\prefs-1.js

Filesize
7KB

MD5
cd534cd628d29d3f7f0e4d3ba8054a2c

SHA1
5b96a2db62acddd10f0de3d14d8e7405fafb9194

SHA256
15332601c79baf7f6968a6d2592957914adf83d1b18aa453bd686078265cd9e6

SHA512
5ee84ca5f8de766758919097f36fad5746be35f86fc15fe8863ea179bc37e1e957f8ed71a9e5351089fb3f0c1b5bc38a995663a0645186b3ac55ec69f54fd4ff

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\prefs-1.js

Filesize
6KB

MD5
32a07820f9b3a5851e49c4d343eaf44e

SHA1
330f53a3654e78428043f21a2d65728c2551947e

SHA256
a3e840b2873cc06c6f2d56fcbd253bf06348d96d96f94c1f4fc9f7daeba00375

SHA512
eeaee8beeca9b24c5ea9677f3515f41e3e081390cc42e3ce3f4156a653890358bb686dfaa8223d139da862c17e8145933fce4930b3f8ff4c4e4dbb4c46d9ffda

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\prefs.js

Filesize
6KB

MD5
8b157191ab17b8b8fa119b33b88af7e7

SHA1
85501dcbd1674996243681ee89fe38ae8469063a

SHA256
73088914520db09857fe7c5b47c0502eda8c1d687af7118e7386b1fe94d83b4e

SHA512
af373f5e86a51a3f3af898569b203d84f24c3152012a1a6f501db9ca134817023e71ae6fba1857146b780aab715433b9900b93d51a8631be7c2b85a97ddb9f6b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\prefs.js

Filesize
6KB

MD5
6791e84d8a60f9eba38e7aced384cdfb

SHA1
ba14a54bde4f9adff85c51ce6f9681963ddfb507

SHA256
5c06defb1611752141099dad8b9935bccb9e8e8eb7ff79c4b3048ccb520c5209

SHA512
ad223db6a4191ec143bdba93ba32f3d951e7369b361e92d5b013d7b817f8a8aaa28bd510c0e1811735973788f17a5dda05d7317e2df512c2f13514dc740d9732

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\sessionCheckpoints.json

Filesize
90B

MD5
c4ab2ee59ca41b6d6a6ea911f35bdc00

SHA1
5942cd6505fc8a9daba403b082067e1cdefdfbc4

SHA256
00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2

SHA512
71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
16KB

MD5
8663c7abfe2ba7418b8fed77a77915fd

SHA1
52940376d2019c7c53ca97c14ad5c6ce9534dfb3

SHA256
6d79a59cb2bb13834adf493a75bead51aa479db0254ab66ba1427c2d578323e4

SHA512
abdb6e49118905a66d6ee5345cdf39d5e5911c7f3e4a837e298aa2bfb9a5736b29923b7e80e176f58827a2eaf98fec26d6ca847ff15285c430b68098634fa23b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
16KB

MD5
9759d8489ef97fee592e936dfe6144bc

SHA1
b364f60a463407691176df7835dec0406cbd8875

SHA256
cee90330389d73f5a5c301fde3638bcd9f3331983c2de3079a53bd658a55489b

SHA512
7b8a0bcad9871fa39dbd87b4aee52dd1a7056b76af279d264345fb29e0fc760d949f1a9345eda98a6c2b766fd28a5bdde237343aed004a3b894fab9f91d6b833

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
16KB

MD5
a0d36e507a2632088e967202110bcd39

SHA1
f4c0e1d8b767a1562563a7dc4487a2963646c197

SHA256
274edb58a981b3cb7a2a50f3862b9510ec3108537029e52d12dcdae97037c2b1

SHA512
d198ea65c2e18cdea9c7bdb839976b4cdf324df63a2aeadccdcf900b7aa4f454d78f0b5723ea4c9eb4e1e6cda8f6b132ef1b59bfd63a5bfd64045331d36e30a8

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
5KB

MD5
982ad700cd9c12dd962925e2e65e7842

SHA1
a6d0a0bb6097ff61b2f6d4327a4034c9c1d0de1b

SHA256
70e409f364b3ce1ae84ab2dca94efa70df4f84092a60247902d3e871381e4e53

SHA512
3f4e09c2f5dab2b5a7a2c917ec102c70d45e722d99d673f5cf70ff45d9d1c8228a05c8d71f1602a8c490262ae58aab15d73a471b813294afd69ce276c77294a6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
16KB

MD5
7157b6cb8dad468fee5f26a220309b37

SHA1
978d53dcd799b60e1f3852fd835d54b05119f6fb

SHA256
2e43b6f543f8121d81c1e9ee73b7d141df76da2459cd7a9fd7e1dc593fb77066

SHA512
a3d82d69e297289f8a11f0f7efb309951fb993fed2a1f5a85d4aa30b9f4a886a3c3637f8f11059041b854112c217caf5f1edba6cc17c0894df8f281f2334e751

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
16KB

MD5
ff4df8ed59c312612c4bf1e681850a2f

SHA1
6c6fa2f57732b19eaa572aa3e564d32961797740

SHA256
899a1725fdbc24d59ca7d3c3c7629e07b3d7dceade337767457d3098b458de71

SHA512
1e74805bf2cded431fb0a788b11f2b5acc494d7e1f85810b577e313e22a2ba6b7b977dbea077847fb45c8c9d20bee57a42fab22137949ea6fcf7af7a68be68c9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
6KB

MD5
cf9ad5434da213727283d56fee519219

SHA1
c0ef6921aee4363ab0da2119723b2ab95fb655bb

SHA256
ba43eff23329d0066b908eb3a86552f4d09d3f6e8925ae3d427c432a81588e2b

SHA512
7653f00241028af773c52cb5871be86aa854caafeb48038535cffc9a4f37c3c210c565ed4a06bc375766e1512d47f46d463f742b35004067a95c516ef8e645cd

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\targeting.snapshot.json

Filesize
3KB

MD5
f660c0d067dae149dba4f39c18235ea2

SHA1
ef8a5c57bfa847c36b1783af9452952c9110b3e5

SHA256
7aefe00ff75a3b9750f495216210fb014907c45767bd96de409e7bc207e79ba6

SHA512
bf9970619a6c3a934a05c155ddf3a0f5e5f7605934c46cd4d2167cf0c4c6476e4333e5cfb4d41ccd460c2b3dabb1d08ab6a953a0a4f30e2e5bacefb3d7006929

Download Submit