hxxps://www[.]puzzlefurniture[.]com[.]au/brou/brou/

Analysis

max time kernel
573s
max time network
572s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
19-03-2024 15:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.puzzlefurniture.com.au/brou/brou/

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 5 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

firefox.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe

Modifies registry class 1 IoCs

Processes:

firefox.exe

description ioc process

Key created \REGISTRY\USER\S-1-5-21-399997616-3400990511-967324271-1000_Classes\Local Settings firefox.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-399997616-3400990511-967324271-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

Processes:

firefox.exe

description	pid	process
Token: SeDebugPrivilege	1356	firefox.exe
Token: SeDebugPrivilege	1356	firefox.exe
Token: SeDebugPrivilege	1356	firefox.exe
Token: SeDebugPrivilege	1356	firefox.exe
Token: SeDebugPrivilege	1356	firefox.exe
Token: SeDebugPrivilege	1356	firefox.exe

Suspicious use of FindShellTrayWindow 4 IoCs

Processes:

firefox.exe

pid process

1356 firefox.exe
1356 firefox.exe
1356 firefox.exe
1356 firefox.exe
Suspicious use of SendNotifyMessage 3 IoCs

Processes:

firefox.exe

pid process

1356 firefox.exe
1356 firefox.exe
1356 firefox.exe
Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

firefox.exe

pid process

1356 firefox.exe

pid	process
1356	firefox.exe
1356	firefox.exe
1356	firefox.exe
1356	firefox.exe

pid	process
1356	firefox.exe
1356	firefox.exe
1356	firefox.exe

pid	process
1356	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

firefox.exefirefox.exe

description	pid	process	target process
PID 1432 wrote to memory of 1356	1432	firefox.exe	firefox.exe
PID 1432 wrote to memory of 1356	1432	firefox.exe	firefox.exe
PID 1432 wrote to memory of 1356	1432	firefox.exe	firefox.exe
PID 1432 wrote to memory of 1356	1432	firefox.exe	firefox.exe
PID 1432 wrote to memory of 1356	1432	firefox.exe	firefox.exe
PID 1432 wrote to memory of 1356	1432	firefox.exe	firefox.exe
PID 1432 wrote to memory of 1356	1432	firefox.exe	firefox.exe
PID 1432 wrote to memory of 1356	1432	firefox.exe	firefox.exe
PID 1432 wrote to memory of 1356	1432	firefox.exe	firefox.exe
PID 1432 wrote to memory of 1356	1432	firefox.exe	firefox.exe
PID 1432 wrote to memory of 1356	1432	firefox.exe	firefox.exe
PID 1356 wrote to memory of 2704	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 2704	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4316	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4492	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4492	1356	firefox.exe	firefox.exe
PID 1356 wrote to memory of 4492	1356	firefox.exe	firefox.exe

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://www.puzzlefurniture.com.au/brou/brou/"
1⤵
- Suspicious use of WriteProcessMemory
PID:1432

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://www.puzzlefurniture.com.au/brou/brou/
2⤵
- Checks processor information in registry
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1356

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1356.0.237441270\244309790" -parentBuildID 20221007134813 -prefsHandle 1840 -prefMapHandle 1832 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f1173dc5-4f40-4b09-9322-1d484192d0db} 1356 "\\.\pipe\gecko-crash-server-pipe.1356" 1944 1c0d9d03558 gpu
3⤵
PID:2704

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1356.1.1761703101\1659942078" -parentBuildID 20221007134813 -prefsHandle 2372 -prefMapHandle 2368 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9872b1fc-c8e0-49e3-abf4-eaf5b4382ead} 1356 "\\.\pipe\gecko-crash-server-pipe.1356" 2384 1c0d89fa258 socket
3⤵
PID:4316

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1356.2.1763545193\821146992" -childID 1 -isForBrowser -prefsHandle 2972 -prefMapHandle 3108 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 1252 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {77f884a4-f760-4f47-b2ae-c2ccd642bde1} 1356 "\\.\pipe\gecko-crash-server-pipe.1356" 3200 1c0d8a5d958 tab
3⤵
PID:4492

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1356.3.369636690\1936057210" -childID 2 -isForBrowser -prefsHandle 3596 -prefMapHandle 3592 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1252 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2b4c17f4-aefe-4fb4-8140-eac8abff91d6} 1356 "\\.\pipe\gecko-crash-server-pipe.1356" 3608 1c0cc26a658 tab
3⤵
PID:2188

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1356.4.1871315699\882968322" -childID 3 -isForBrowser -prefsHandle 5056 -prefMapHandle 5052 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1252 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {871f95c2-56f7-4dbc-8610-bc79e6511243} 1356 "\\.\pipe\gecko-crash-server-pipe.1356" 5064 1c0ded68458 tab
3⤵
PID:3904

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1356.5.1073160118\97546763" -childID 4 -isForBrowser -prefsHandle 5208 -prefMapHandle 5212 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1252 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {910593be-b619-4409-9d2e-79cc854db551} 1356 "\\.\pipe\gecko-crash-server-pipe.1356" 5200 1c0df1e9b58 tab
3⤵
PID:1320

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1356.6.668763282\506959496" -childID 5 -isForBrowser -prefsHandle 5400 -prefMapHandle 5404 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1252 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {930e3438-ce10-49a5-b4c5-6c166c6be34c} 1356 "\\.\pipe\gecko-crash-server-pipe.1356" 5392 1c0df1ebf58 tab
3⤵
PID:1328

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\cache2\doomed\776
Filesize
9KB

MD5
280addfd613d23200d9adc3492adc8cb

SHA1
2e66a77fc70806fda6c786c878cf15769baf04a6

SHA256
daed759ef97f16fb9ae6292904e1df159e8dc7800bd51b520a994db15821e503

SHA512
0591f71346bf4f44daf4f1f71c3ca1235c6a72e267abae882a90a9b3bd9a8e2b698e7e0e787f594a31d2732fd67fb27a73542460b11d51f8b645d8db727c3f1d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\cache2\entries\A72798DEF4F924983D5A0DB82D383C613B515FF2
Filesize
13KB

MD5
77be29db2b9d1f610a8f81f867f6a15d

SHA1
12339f2db231dab2ad56eb281dc04ad8b51c6d63

SHA256
0e42869a969b847fbf46f4f7fb0463b6e307cc881f8aeccd05265ea85b88ffd8

SHA512
69f6770e0c2a079814e3229a01269bae0382ea4aff1d6ada4135786dc36bd20c3e5f560e76e067367e82e624ee48508770cc0e9ffefd1f66b7e3bf4734c3fc2f

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon
Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
Filesize
5KB

MD5
e1fc2776e3478b103bf97f6de98e8423

SHA1
743041479de32c6bd00d8ecfa8b3732ce98d0b3d

SHA256
c26c281099b44c26b25f4d951f18573dd5d010977ca7df874d7222bd3ca64f49

SHA512
7961fe7b11cc5f83cfabf10ea8274882523134a9123f03c91890e0e62e0fa9daea1a7f179a9ab7e257448a15829066e64083850275daa209de49e610914b0df6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\bookmarkbackups\bookmarks-2024-03-19_11_M35M5gXc5+vb2va6XQ+Y6A==.jsonlz4
Filesize
947B

MD5
adc2f2e406ca1cb35c5512349c6de9a5

SHA1
6a4483c4a972273c27652a0308e0a5dd003396d0

SHA256
3c18c4f4e6914f7a99f8cbe6b30f2094dee50d56ef3d7bd227da78d1cc954e43

SHA512
a1607c445821c563d4364a1532cf95c3fd561031c60f78f56c79330c679381dc3a0809b7887d0d12a1b475b1af6680e3b956763df96f51133274cefd62353624

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\broadcast-listeners.json
Filesize
216B

MD5
19750defae0c03e1df570dfb3ed45da1

SHA1
8e7cacde996e0fb71ad7a5450eb92cb3189c8466

SHA256
6910559639e100e0075f93a4a52a3d610e34e5ac3a49f098e5bfcbb883626d70

SHA512
5f9c23c17ccc4fa436791398b68d2f53bd5e02d6209d7d122504fa870864006d5bc39b5c43bbf02598f589faf45c4e5f6c020b7819940c93f1c24aedbc392944

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\datareporting\glean\db\data.safe.bin
Filesize
2KB

MD5
ec163f066e5402a589b8a4cb1426ee9a

SHA1
b9c4d7f65dc3f871d384c092a7980c8d8f14ea4b

SHA256
00e226466514b76bba575a0a916020bd7cf8f9a64ebae5eaa9129d92ad93d8dc

SHA512
0671b5c551f29f7b211ef81262f8d9c52c654bd977a8481729744756904d08373138990f9b217ab700b37fb99aaafe7f85984da2185aaa6b40019257f3456a64

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\datareporting\glean\pending_pings\02345bbc-3ea4-4aa3-9e83-d60905d7ab68
Filesize
746B

MD5
c27fcc2baca6c5ac1acb0aec9351271c

SHA1
3f40300df6717ed2f779c0905ab82417df5fd32f

SHA256
5929159d8e409e95e73a51fda4ec13d0611a362ff35cfa4af64bc03e47d395ea

SHA512
4518542ba3d3a3c945ad0ab8ecf51dd52ff7a4059fe230a387471e35f7a2fbd9cd5ae9d1313502e73260367f7de522e835161244cb53e8476c137854613bb627

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\datareporting\glean\pending_pings\84f57419-d422-45a7-8da4-31de1390bb91
Filesize
11KB

MD5
1abd44f458d31b805df929d5c53ee583

SHA1
f3896437556d9cde4724fc3544db77e1e51c1f33

SHA256
919185a9be3a3309c8e586c83e20a6e228cb4b4af6ada85b95a4313685f62f14

SHA512
ab106d17ed5e66a59ed419b4d4672a19b39f20b81bd8500db03fe43bf6aea7927ad157d84d944ef25bf9751d6709f79f6bceb2ac246377959336ceaf9c10b5f1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
Filesize
8.9MB

MD5
7a5cf50b8d6dace43a0b9e4b8fbe512c

SHA1
f1877767261d0131b505f710d34b5090360b26a8

SHA256
92682af204ad8d27c8f72acda03718d284f933b74d389fc3c3da8e5b01ca7dfd

SHA512
5d9611054b5293e602f633171bbbcd0a02497a921dfca14e8dbae64a03af58f26636aa23a7a88360a671509a66d7f56c45acaa94af809accae1cf70099deda60

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\prefs-1.js
Filesize
6KB

MD5
90ab268f2466bbdabba2fba4bf175639

SHA1
4efbf1b5aa5b5aa9fc05003149e6f3374ca11d6c

SHA256
afe7ec3ffb3b72f8a7e474020fe62365d352e8322048cd9b036e32d2f8bcee3c

SHA512
5e05705e546d6b41e63f718621775d64a8dc6efade1c4717511d96539afa1769c56e7a19a90c8c0ac2d313309669518d3f3bc66fafe9f1add3ad47665b7a3197

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\prefs-1.js
Filesize
10KB

MD5
1b880be9a12ce4e5fa86f4ec1f6649a9

SHA1
fbe2e5db97acf2293d18ccb2bcad5b764146a745

SHA256
a1877955e9c9a5f5cd4f184324ba02cab6f3fb3eceb1a6515911422f96393adc

SHA512
2f5bee36d93282ae7fae113e28475c24a26c4c0b06b9dddb877705b5959016a632714768bb249e8ba599c23c29c06438f256cef8dc88d5cce62429a16b5ca402

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\prefs-1.js
Filesize
9KB

MD5
1c109cc4f6ef2f2cd790ebce0b8aac98

SHA1
93b8c64706c586dc7ef4d97f51095d37860c9e38

SHA256
b0d8d19994b705104bcc144065c2a4337c511754b686b4aff9bcdfb8740744a2

SHA512
c3f472fa24c8cad942355acfa03fa53146a092e40c5ee508383876babef8a5d60713db983ca6e5591f885425edf6078a27fa29b9f0d16078606b5aea8fcba631

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\prefs-1.js
Filesize
10KB

MD5
2b11efb50885ef7523674c619ba264be

SHA1
232b138cfe81ae5b4ee4e360d7ccee045a7956a8

SHA256
f102dbbd65b6f963d59b84882872a4ee8ae3c1268a28cda04543eeeb9bd2df25

SHA512
483f295c88a24719828ca934b09b1e352dd9a772aa05a0c7685bceb1248a4c86333ad1e2cdd38cff60727ba94827fce23de8b1e691c10b4e9a21f6cac470883d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\prefs-1.js
Filesize
10KB

MD5
41efc06fae40a20245f8fdb4da2ce424

SHA1
0a01833bd4a726d9c7f3a6113cb12ca568e6bedd

SHA256
032b4a8bab8585950869c8c8468ae30b1763a3399e045b5d8107406d58b85808

SHA512
2e7affc11b76c499d5e50972ba0dada3eef5bf40934198c8791f13d18ee993cbd35f1bfe82dd26347b362d5b1094cdaa7af3bab95b9c5a76a8799852566e2221

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\sessionCheckpoints.json
Filesize
90B

MD5
c4ab2ee59ca41b6d6a6ea911f35bdc00

SHA1
5942cd6505fc8a9daba403b082067e1cdefdfbc4

SHA256
00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2

SHA512
71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\sessionstore-backups\recovery.jsonlz4
Filesize
988B

MD5
bc99f5759dce5d782b72d74c255f2f60

SHA1
19499bf0ff3fadaf4367667ed2248385ed8fde00

SHA256
221ff24b46b78607e1cd380f833b88e003957c468480886efca06fc805d7c27a

SHA512
a6109decd6774a8e7118c49f08091be53b4bdb5fd7405fcb4db7b00f67a2a7ab03455ad3ac21b3d9932bdc9c17bea6c36ec1d9e2be2d9df0d85ae853c48089df

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\sessionstore-backups\recovery.jsonlz4
Filesize
1KB

MD5
a405e4bb518a701dc81036239f8eaf6e

SHA1
f3f764f8c16cf422d35949f13dbbce40dc688af8

SHA256
0b1ec50914e7454a1185b5c1d1bb5aad4376bc91a54becb2b1204d7a5557187e

SHA512
c38816bfdd4a32108f7c1beb7d8bdd8f32ff5d4342a14359acbd0e0fa81038c3de20aba5692a627fb148c4290461ce8d44469382e6932821ede8372714fedada

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xh4b7nwe.default-release\targeting.snapshot.json
Filesize
3KB

MD5
eee0fca2b674909bb963d60462999da9

SHA1
b10ae0d8346464327c5ec227e7f3ad4cc0790577

SHA256
613ca937857a4471651c9319590d0b938552721d681171b3682ebc0d490315e3

SHA512
a0d55ef24cc910d8bf7a41e0f4b6a591b71723d03680c6f0a3dbc64ca864512d5632e12b10358f08ba4eb16018be03a4251737ad59ee658701085dea3de270b1

Download Submit