9e0da3d3bc35541329439c6e0ec64a27af93fd0d6236ceff9f0949a465fff8c9

Resubmissions

29/03/2024, 01:48

240329-b8d7kaed2w 3

29/03/2024, 01:34

240329-bzjqpaef29 3

Analysis

max time kernel
162s
max time network
181s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
29/03/2024, 01:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

testestestestetw/triage - Copy (13).exe
Size

1.2MB
MD5

08b8eb8dd9681bfd0050fa7e547e1fd9
SHA1

f810b716884668bbc554aae7914dd19f1c30c265
SHA256

e8fec48d4400319a802dcc42081e768ef0bf8ec965e65d95ec4502ea3c35ac6b
SHA512

d0fb222a0b356abce4f8489e953db9c9330e2446007eb002a7c7db3022f931fb22d5686da5749ea03504cffb241e21768512c9c6d20156fac32c81b0070c878f
SSDEEP

24576:bdofGAmSIQ177wZ+A7MjiiRDXU/Sat5RgsLSmIOHsU5zMmX1xYwncqKvGqU/:bdofGbSIQ177wZvYjiiRDXASat5RgsLn

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 5 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings	firefox.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1188	triage - Copy (13).exe

Suspicious use of AdjustPrivilegeToken 5 IoCs

description	pid	Process
Token: SeDebugPrivilege	948	firefox.exe
Token: SeDebugPrivilege	948	firefox.exe
Token: SeDebugPrivilege	948	firefox.exe
Token: SeDebugPrivilege	948	firefox.exe
Token: SeDebugPrivilege	948	firefox.exe

Suspicious use of FindShellTrayWindow 5 IoCs

pid	Process
1188	triage - Copy (13).exe
948	firefox.exe
948	firefox.exe
948	firefox.exe
948	firefox.exe

Suspicious use of SendNotifyMessage 4 IoCs

pid	Process
1188	triage - Copy (13).exe
948	firefox.exe
948	firefox.exe
948	firefox.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
948	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5080 wrote to memory of 948	5080	firefox.exe	99
PID 5080 wrote to memory of 948	5080	firefox.exe	99
PID 5080 wrote to memory of 948	5080	firefox.exe	99
PID 5080 wrote to memory of 948	5080	firefox.exe	99
PID 5080 wrote to memory of 948	5080	firefox.exe	99
PID 5080 wrote to memory of 948	5080	firefox.exe	99
PID 5080 wrote to memory of 948	5080	firefox.exe	99
PID 5080 wrote to memory of 948	5080	firefox.exe	99
PID 5080 wrote to memory of 948	5080	firefox.exe	99
PID 5080 wrote to memory of 948	5080	firefox.exe	99
PID 5080 wrote to memory of 948	5080	firefox.exe	99
PID 948 wrote to memory of 1828	948	firefox.exe	100
PID 948 wrote to memory of 1828	948	firefox.exe	100
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1644	948	firefox.exe	103
PID 948 wrote to memory of 1264	948	firefox.exe	104
PID 948 wrote to memory of 1264	948	firefox.exe	104
PID 948 wrote to memory of 1264	948	firefox.exe	104

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Users\Admin\AppData\Local\Temp\testestestestetw\triage - Copy (13).exe
"C:\Users\Admin\AppData\Local\Temp\testestestestetw\triage - Copy (13).exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1188

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:5080
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:948
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.0.385878578\2139361797" -parentBuildID 20221007134813 -prefsHandle 1868 -prefMapHandle 1860 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d91d50a8-c8ab-4c6d-a2de-4171d2afe9fe} 948 "\\.\pipe\gecko-crash-server-pipe.948" 1948 268383f3158 gpu
    3⤵
    PID:1828
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.1.419918535\768858476" -parentBuildID 20221007134813 -prefsHandle 2340 -prefMapHandle 2336 -prefsLen 20785 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f8479c34-7909-40e5-a8d9-1502e68c2b76} 948 "\\.\pipe\gecko-crash-server-pipe.948" 2348 26837d3eb58 socket
    3⤵
    PID:1644
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.2.2095567335\1050214844" -childID 1 -isForBrowser -prefsHandle 3108 -prefMapHandle 2972 -prefsLen 20888 -prefMapSize 233444 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5e7d7592-ea78-44fc-8c02-28138a57fbb8} 948 "\\.\pipe\gecko-crash-server-pipe.948" 2944 2683c39e958 tab
    3⤵
    PID:1264
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.3.1640654875\1741376420" -childID 2 -isForBrowser -prefsHandle 3600 -prefMapHandle 3596 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {77f93585-9b86-4e45-8141-67d49eb084e1} 948 "\\.\pipe\gecko-crash-server-pipe.948" 3488 2682b962b58 tab
    3⤵
    PID:3020
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.4.951091878\656287346" -childID 3 -isForBrowser -prefsHandle 4512 -prefMapHandle 4508 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ed111295-bcc3-4b8a-9603-b83f4485d989} 948 "\\.\pipe\gecko-crash-server-pipe.948" 4536 2683e1cdf58 tab
    3⤵
    PID:3028
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.5.377111552\506384898" -childID 4 -isForBrowser -prefsHandle 5124 -prefMapHandle 5136 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f2b7d645-1f9d-4fcb-83ba-4c75d535f1cd} 948 "\\.\pipe\gecko-crash-server-pipe.948" 5156 2683c346258 tab
    3⤵
    PID:5392
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.6.745474116\1551815415" -childID 5 -isForBrowser -prefsHandle 5292 -prefMapHandle 5296 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {13ad409b-b237-460e-9918-dca0c82e3e04} 948 "\\.\pipe\gecko-crash-server-pipe.948" 5284 2683e1ce858 tab
    3⤵
    PID:5400
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.7.809504017\580342345" -childID 6 -isForBrowser -prefsHandle 5476 -prefMapHandle 5480 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {df8da4c6-498f-4d31-a08a-0364a8d8c119} 948 "\\.\pipe\gecko-crash-server-pipe.948" 5560 2683f412258 tab
    3⤵
    PID:5408
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.8.2098344725\1661621484" -childID 7 -isForBrowser -prefsHandle 3268 -prefMapHandle 2868 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5794ff22-e516-4335-b1d8-c0e00cd443ca} 948 "\\.\pipe\gecko-crash-server-pipe.948" 4636 2683c366858 tab
    3⤵
    PID:6084
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.9.871861614\1204867708" -parentBuildID 20221007134813 -prefsHandle 5004 -prefMapHandle 3572 -prefsLen 26206 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56954f17-8417-435a-96a1-7a621f80cf81} 948 "\\.\pipe\gecko-crash-server-pipe.948" 3436 2683e159058 rdd
    3⤵
    PID:536
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.10.1356452492\1611328010" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 3348 -prefMapHandle 2844 -prefsLen 26206 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fd15e3ba-5f24-4c90-b225-3fa093f94afe} 948 "\\.\pipe\gecko-crash-server-pipe.948" 5864 2683e15a858 utility
    3⤵
    PID:5444
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.11.659577842\511443503" -childID 8 -isForBrowser -prefsHandle 6196 -prefMapHandle 6164 -prefsLen 26460 -prefMapSize 233444 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1e2871b6-3bdb-4d79-861c-e2da9c2f6992} 948 "\\.\pipe\gecko-crash-server-pipe.948" 6208 2683fd81b58 tab
    3⤵
    PID:3440
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.12.1233385695\941906669" -childID 9 -isForBrowser -prefsHandle 6224 -prefMapHandle 5860 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f5d63218-f1c5-45fe-b351-c546ec90d887} 948 "\\.\pipe\gecko-crash-server-pipe.948" 6420 2683aa5df58 tab
    3⤵
    PID:3284
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="948.13.1844222543\1342121477" -childID 10 -isForBrowser -prefsHandle 5424 -prefMapHandle 5420 -prefsLen 27463 -prefMapSize 233444 -jsInitHandle 1476 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c58d9fb3-daea-4afd-abcb-38ebddd20c36} 948 "\\.\pipe\gecko-crash-server-pipe.948" 5412 2683f413158 tab
    3⤵
    PID:1964

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=2552 --field-trial-handle=3084,i,11997299123381683778,5904351605020331957,262144 --variations-seed-version /prefetch:8
1⤵
PID:5268

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f97d9gc7.default-release\cache2\doomed\17157

Filesize
8KB

MD5
da660d335db42580f273d437cf47e261

SHA1
f7c2e53741c69db24e23cd35edfe7ac5e51f86bd

SHA256
cd632d1a1b181a2d0989da3ff33680475ecb3c0f3364d84a5ce7750a5f2098a2

SHA512
f7ed5eb0b4d30d511060ef8bab332bc9e1e9b7779cf9571b877374013d46d7632684d761233686f6064a53af222e65f1e2d5fd9b3a5118435f4e9752005e222b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f97d9gc7.default-release\cache2\entries\21A5B190A6BCEFAAFED2956D8D8E8E495F07C71B

Filesize
8KB

MD5
7c2154e76b6515c78cc9357986572779

SHA1
d25951832673b88944280f6a40764222b183b9d7

SHA256
f6877c74345323cccace08d02797c6f88a31058490d07a55ab6b0f4abf11afc8

SHA512
2fac8c2e2ac9587fe0d5069ef92f62537f4c9848b714422a91c86ab2b3d5f70a98e31b3367f143f4a64a2c876ffe89d49a1d9cf12753c44d515682666e065f2e

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f97d9gc7.default-release\cache2\entries\E8F82FF507585AF8655F245209766BE49794B690

Filesize
49KB

MD5
ed23c0cfad068e6079b37b875064aa4c

SHA1
0c027fc6d0f00a4aa24b4bcd01f4eacf57f1443f

SHA256
70818e11d539f06ed78991d62ee2dfd4e23daa3898ace6bb2a16d2e961146b31

SHA512
853f81638df111538f4f276169f7af42003a27fa6badc93fe77256cd865ed2a1fad0a9984196ead56e73c8336b3e11d8136155c41afeb8fdccfde100449aec71

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\datareporting\glean\db\data.safe.bin

Filesize
9KB

MD5
9b3489358b9b813a33a9ff9637e5b578

SHA1
eab5b4879afbd85835e2c35d1c30835916ecff01

SHA256
efa068aa5ba7066df2a37e9447e7d8829f5bf8bf5de0eaa92c6b2af33a1def07

SHA512
71913e7e5d3dc0417ad0ecbe459f782f9d7b841918a4fd585700f7705d5743af2f10e45868a5520bc4c929dc51bc7bb539f578bfd32a22ac2da5b5b3934fac8f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\datareporting\glean\pending_pings\6bc9c57e-80f3-4e6e-ac28-a38c26dec39b

Filesize
734B

MD5
087271309d7d22117a5e76e851908df1

SHA1
4ffde79adf733280dce712356b6acf2bba3c2db0

SHA256
fcc1c1351fcb2583a1c365c0214c96304d25a7075fcf9bb9f55ddda62e72f079

SHA512
47a50875efc4b4777fa179e32d4c7a182c0b96e8da9378f4c1f6d341c2313d6d424806acb81954389df1d097f104b1d5d7cc57c5d32d79bd21391beadcfcd88d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

Filesize
11.8MB

MD5
33bf7b0439480effb9fb212efce87b13

SHA1
cee50f2745edc6dc291887b6075ca64d716f495a

SHA256
8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

SHA512
d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\prefs-1.js

Filesize
6KB

MD5
a6fc9fa461a876617423c506806cdc77

SHA1
e6a16920b06120f6994081b7efd383e976e4abbc

SHA256
5a312c4fc7e8351d92f9a0065373ed93af502af570e579e115bcb1236f460e0c

SHA512
5d67022d2234f9c92afa55e144a6b6c9d6012e29693330b4fc34b2f953a1cac024254f425d1d3f72119dfc5f49328b2ab35b33628ee7291348f990524046c8b7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\prefs-1.js

Filesize
7KB

MD5
ddd640517fc619efea3fd12eaf79dddb

SHA1
8312b09a4d4bea90dd5586e36f184ec8b969c969

SHA256
f80bd340f4c02f90b4aefc5e127d0d54aa8d2212bfed63e77a07d33da18d46eb

SHA512
b4761cad8569f51cf6186dab7846f0228ef6cd1ade6c5148308f6d1370677bb4da587416cfb3a042b17dc7e31797b6a9f9965ef87ee83b3554a1811fe5b40c07

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\prefs-1.js

Filesize
6KB

MD5
b3201d78a3be6b438506e7f135a786f1

SHA1
ef8e5394330758e99c20012fe4d309d092527267

SHA256
f506744dbfffc4514f076611f12521c6c9fb545c95aa2387bc314eb8b77c72e7

SHA512
11b35f536d662eab14e555352bd4d1f305bfc8c450ba26a05942deae450a3b96670b58a4f69d2c4b647a3e4ad5e774f7047fc6d274e173cc91d82dd84accfdf8

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
4KB

MD5
e2db8b9951dc97cf59c5f614afa5be6b

SHA1
41fa3ac63516b94dcd3844fe8c7ac3ed20bb3ac3

SHA256
9f054864b003d56fc2aabfb8ef1f898fbd0668591fc6f8848d7902d470720ff2

SHA512
ea5a03b58bd14dec6ad10ed766ffcc46628fc6b1ddc2b71c20e0661beccb021474214d5fe01b44afe605cf056700f06baa5bd7630bc5ce19f4e773aa1a7f85ef

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
3c34447f53791cf113a496fcd189e8fd

SHA1
631ef269cba550b6e07ed26dbff245581510ace8

SHA256
72ee66b4da521ccb54e7ef67e3bc4dc39b10b54f47dcfe4315c8b8280203fb08

SHA512
9a463e510f9c5c8b01f7186c2c4a17d24615e891559aff1b915fdd7e5adfcffc6a6779590d2e9f32f9c0895ac8c093a34b8305b36f149e81c79fb11b97989340

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
4KB

MD5
1f248d171c0891e6661efe8f7dd8849f

SHA1
e1e3d8d0fbc1787f139b214c954bcaf40dcb12a9

SHA256
7bb92e16c27f91e52e3a93652b126b09d6f6f004fb27665b1b984dd9dcbb0180

SHA512
ac385db239c37f5a0c17c8e9fab0b5313bd76daff4939a14d95162f8e13454bc8ad2f8fc3de5440888ce52ee6572f983f6e95959eaa802a3b74e84a165e02a2b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
9KB

MD5
dfb8d43bbdbbc9f40b9dc8f4b049f426

SHA1
533843f5c2419157a78e588113e6ed4e8e79b235

SHA256
35ca5d1c71b1ccd37f2df815e9291bab78aae8480e602657c160e5043846dd1c

SHA512
ef63a593b5801d10ec66afa526f9911418f634a13f17532fa20d2a384a06b18f3885b28c97bdf9499a1f83fdf81bd76aaef0e8c0e4efb09d39998ee06766cbfe

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
9KB

MD5
dc5fb2da2939d90a7668ea56c4b55654

SHA1
2681ac6d2b6461da6d307c76baf9d4ab4f634d64

SHA256
92b6f194a4f3ae4b7a1c51e40a2ba67da5421ac2d9cdeda0ede415d6f48a4fae

SHA512
22683f565ff5c9b75d587aafc6dc75d2f8a035d123cffd15843e3c80faa34d83bd9262dbe310c9084df343d81a2068c777cac605e9c38b69f60ec451e4d6af89

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
26ff97278cfc9800a2871dd4c93b93cc

SHA1
9213098387a61e72f485612d69fcbdf2ed897577

SHA256
5d010638a4341ef7df754151999b2a1a92045877d06b13284a706eb2d7618f88

SHA512
b645512638271dccde028874ea0aaaba6976eebcc9e31627a258e07100499310952bbbf297aa0b08c05d95fc664052a5126800227d6078e72217d320e272f80a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
9KB

MD5
1af10311af3d26253da694e33cc1695f

SHA1
6974db17690a0de584562de05b5e2aa207914e0d

SHA256
5c2e808c457d91e095d1a4826bb77b77951672c5a8f6da0f42b9e2cb0ec2f4c0

SHA512
724fb8423170ce3e37649663bd91d787dea699ac0e71fa9fa0d52a4916ed6c907eecac1f9a0d70760d6eff229d4980c0931752b111fd4c1bb9bf8a05beb31477

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f97d9gc7.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
4KB

MD5
f529fbb92bb1efd048eb7fa5161def86

SHA1
4f5111eee730b7d843d5e3d3a589918596b8df66

SHA256
b4e54324fbe1513652aa6595ed2cdda01b6feda1fa0d5bbf58054daca6bf2da4

SHA512
492aab8d44e06bd970af280dcdbccd0079e0117e3cc47a1387aa35eab24338adf88bb1c173d69414a33767ede5180b1ecf20761c6191bf8b54fd228f928e1080

Download Submit