Analysis Overview
Threat Level: Shows suspicious behavior
The file https://www.google.com was found to be: Shows suspicious behavior.
Malicious Activity Summary
Reads user data of web browsers
Changes its process name
Checks CPU configuration
Reads CPU attributes
Enumerates kernel/hardware configuration
Reads runtime system information
Writes file to tmp directory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-16 06:18
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-16 06:18
Reported
2024-04-16 06:18
Platform
ubuntu1804-amd64-20240226-en
Max time kernel
3s
Max time network
14s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | glean.dispatche | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cache2 I/O | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Breakpad Server | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Sandbox Forked | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Chroot Helper | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | MainThread | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Process | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Worker Launcher | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Worker Launcher | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gmain | N/A | N/A |
Reads user data of web browsers
| Description | Indicator | Process | Target |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/key4.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/ClientAuthRememberList.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/user.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/cookies.sqlite-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/pkcs11.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/sessionstore-backups/previous.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/addonStartup.json.lz4 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/permissions.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/permissions.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/extension-preferences.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/times.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/handlers.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/prefs.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/cookies.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/sessionCheckpoints.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/system-extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/cookies.sqlite | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/content-prefs.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/xulstore.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/content-prefs.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/extensions.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/AlternateServices.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/sessionstore-backups/previous.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/sessionstore-backups/recovery.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/key4.db | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/SiteSecurityServiceState.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/sessionstore-backups/recovery.baklz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/key4.db-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/shield-preference-experiments.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/addons.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/sessionstore-backups/recovery.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/sessionstore.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/cert9.db | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/search.json.mozlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/cert_override.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/sessionstore-backups/recovery.bak | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/cert9.db-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/cert9.db-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/cookies.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/ls-archive.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/storage/ls-archive.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/cert9.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/compatibility.ini | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/vb0uel90.default-release/sessionstore.jsonlz4 | N/A | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | N/A | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/online | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/size | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/size | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/irq | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/uevent | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | N/A | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/class | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/class | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | N/A | N/A |
| File opened for reading | /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | N/A | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/1650/cmdline | N/A | N/A |
| File opened for reading | /proc/1669/cmdline | N/A | N/A |
| File opened for reading | /proc/self/cgroup | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/35 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/mounts | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/49 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1592/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/44 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-permission-store | N/A |
| File opened for reading | /proc/self/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/41 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd-fuse | N/A |
| File opened for reading | /proc/self/task/1783/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/37 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd | N/A |
| File opened for reading | /proc/self/fd/6 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1719/stat | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/mountinfo | N/A | N/A |
| File opened for reading | /proc/self/task/1742/stat | N/A | N/A |
| File opened for reading | /proc/self/task/1594/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/31 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/39 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1713/smaps | N/A | N/A |
| File opened for reading | /proc/1604/status | N/A | N/A |
| File opened for reading | /proc/self/task/1635/stat | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/96 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/75 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/38 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/40 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/47 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/48 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/50 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1665/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/76 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | N/A | N/A |
| File opened for reading | /proc/self/fd/29 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/46 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/43 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1645/cmdline | N/A | N/A |
| File opened for reading | /proc/1713/statm | N/A | N/A |
| File opened for reading | /proc/self/fd/36 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/45 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1765/stat | N/A | N/A |
| File opened for reading | /proc/self/fd | N/A | N/A |
| File opened for reading | /proc/1604/attr/current | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal-gtk | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/34 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1674/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/51 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-document-portal | N/A |
Writes file to tmp directory
| Description | Indicator | Process | Target |
| File opened for modification | /tmp/firefox/.parentlock | /usr/lib/firefox/firefox | N/A |
Processes
/usr/bin/firefox
[firefox -new-tab https://www.google.com]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -new-tab https://www.google.com]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/lsb_release
[/usr/bin/lsb_release -idrc]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -parentBuildID 20230522134052 -prefsLen 19257 -prefMapSize 230809 -appDir /usr/lib/firefox/browser {24f3cff0-2297-44ec-b8ae-7ab391c5c2cf} 1592 true socket]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/libexec/xdg-desktop-portal
[/usr/libexec/xdg-desktop-portal]
/usr/libexec/xdg-document-portal
[/usr/libexec/xdg-document-portal]
/usr/libexec/xdg-permission-store
[/usr/libexec/xdg-permission-store]
/usr/libexec/xdg-desktop-portal-gtk
[/usr/libexec/xdg-desktop-portal-gtk]
/usr/lib/gvfs/gvfsd
[/usr/lib/gvfs/gvfsd]
/usr/lib/gvfs/gvfsd-fuse
[/usr/lib/gvfs/gvfsd-fuse /root/.gvfs -f -o big_writes]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 21750 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {6523c4cd-9913-4616-85a6-dac620448e28} 1592 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 21418 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {3d633a3f-f2b9-44d4-92b2-56eeedeb42c4} 1592 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 21824 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {ca7abbce-e066-42ba-aea2-d3873fb1031a} 1592 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 27881 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {6cfd759d-4a56-4148-95c3-14c9d262ced1} 1592 true tab]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 151.101.194.49:443 | tcp | |
| US | 1.1.1.1:53 | cdn.fwupd.org | udp |
| US | 1.1.1.1:53 | cdn.fwupd.org | udp |
| US | 151.101.194.49:443 | cdn.fwupd.org | tcp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| US | 151.101.129.91:443 | tcp | |
| DE | 52.222.236.23:443 | services.addons.mozilla.org | tcp |
| DE | 52.222.236.23:443 | services.addons.mozilla.org | tcp |
| GB | 185.125.188.62:443 | tcp | |
| GB | 185.125.188.62:443 | tcp | |
| US | 151.101.129.91:443 | tcp | |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | locprod2-elb-us-west-2.prod.mozaws.net | udp |
| US | 52.25.6.244:443 | location.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| GB | 195.181.164.19:443 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.204.68:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 1.1.1.1:53 | www.mozorg.moz.works | udp |
| GB | 143.204.72.186:443 | www.mozilla.org | tcp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
Files
/root/.mozilla/firefox/Crash Reports/InstallTime20230522134052
| MD5 | 4e89717de18507273fb787a016602150 |
| SHA1 | 0ad7d9c6f69bb7f5f8eda3c6ff1152115faa0b70 |
| SHA256 | 8abc7facab66507ce39c29b9461eea9ef3e0abd3e92a6f13bf8ed04eab131f39 |
| SHA512 | f0571ca6239de631b4e6aeadf0049b23846961c3039be6dbd000531aa3c3fe7fd358e77f2c851201f71a3906fd927bc565da2dab24531bb6a8e71dc846e65453 |
/root/.mozilla/firefox/vb0uel90.default-release/times.json
| MD5 | 4ae0ad3f102b5480b8a5ba475aff898d |
| SHA1 | c6c1def494bdfc00b387eb82dfc29b05eb84e737 |
| SHA256 | 88c3bd08f89e1ae66d54ca7daf1c1eea9b2a7311eba515212a841c83b4481408 |
| SHA512 | 53e520e406e0c04912d094886ae648c70f9c410f435ec5c2c18c91d80b339f929a13acc8e736223b2df5c2b5070d76a0fb971c40a767b700b600f8b274f77a86 |
/root/.mozilla/firefox/installs.ini
| MD5 | 5d1f5d41ff329a36710cfd04e8a3b517 |
| SHA1 | 6cd9821380d3da2579b64cc028862ba08d2f2e65 |
| SHA256 | 346c0cad587a9e5e3e40be2ed7727298da738e99bd484163ffc9a867838c459d |
| SHA512 | 8efe2ab40c5e87be732d6e2c836f4b0a6691d5c00807171edf016dae76cea3c363be0ffd156554116b45d8b80143c99e656be31a2db329fde67a908a03b75db4 |
/root/.mozilla/firefox/profiles.ini
| MD5 | 65922bcc9ba7f1c4ffb655fc5eb74b2f |
| SHA1 | df0c3ff3d7586a3998a38937f23864ae9db21b4b |
| SHA256 | 8ff2b99b1d182825803c36cb9eff155fd6da3c557e495ffeb52e101940efcade |
| SHA512 | 8f1a5eb7b84514912d0f564faa48834ea2191aa1de1393acd40bd2f234abb431b3c764e26f412822917bc15563016fb289f589394911ec5f4f04bb3a22ce7573 |
/root/.dbus/session-bus/11c67417355f45d397f6be11f62e85a6-0
| MD5 | d58491c43be290dd91b3a4640a0168d3 |
| SHA1 | b4be23fca863559a940b75916c6c6cba51e41e49 |
| SHA256 | 7aaf196db2981a1300685065bc4f3f12966566bc53a3fb4abe56c2f5c10cfb66 |
| SHA512 | 7a740a64d37589f0a0132c8bd259d5a6fa4b91ee9cbdffba8221e42c8e75a4db0b8e33e507c69eb442337b59926b80a0db0bff430e4a1307db5bf2d1e6c30a9e |
/root/.mozilla/firefox/vb0uel90.default-release/compatibility.ini
| MD5 | fe452b7294d5928a9a5863b89ee0a6bd |
| SHA1 | a5d4c245071fa96476ba48b4725bdae7f1b7940f |
| SHA256 | d5bfb07561606a19aa96557ea109b175050dc0eb805cbef9c813503587d77900 |
| SHA512 | dc37d8507f08849e3382d2dbafd4a64555dbd57a288c95131e9aefb366630f1585811a9e1456b861bb9d2b816ed88b18ffb7580cd92b41bb9b0227ce1363843e |
/root/.mozilla/firefox/vb0uel90.default-release/cookies.sqlite
| MD5 | 9535f5fe817accc769c2c1d3354db39f |
| SHA1 | 6af62cf08717cf3bfa84eb1a7b311acf522ce560 |
| SHA256 | c53c15fcfac2bb57fdc88d23f932fc244dbaf4020f0f6eaecf0f77a37c21f8c5 |
| SHA512 | dc9c2c32eb42dda0a7a711e143aea58c603c1e9d885c3677e9fe86f525e1b0b32a46e240756263e56510b07e764ba69f2de13b90ec18210678242e10cfe17837 |
/root/.mozilla/firefox/vb0uel90.default-release/cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
/root/.mozilla/firefox/vb0uel90.default-release/storage/ls-archive.sqlite
| MD5 | e0c613bfd69956a19ce2dc5e925aa223 |
| SHA1 | 14accb230edcd6cb76967cdc6d4e5686db96b5df |
| SHA256 | 0d4cb11f6364c46a75f9eaddfca5c660b90dfd515df3afcd5e0baeca28a0f1ab |
| SHA512 | 01643c0131a392be92b3f281d7f633c1f502bff19090b0d716f1ac66aefecc3fcf92f393bef66b03089c9b9c6d8aaeb711b6a4f29d5a6729dd188c838f2272d1 |
/root/.mozilla/firefox/vb0uel90.default-release/storage/ls-archive.sqlite
| MD5 | 178d71e5529d637ac62f7e75fdd75896 |
| SHA1 | 339f2b949cc4c207b66aea11137448ba28d36dcb |
| SHA256 | 7b0050f1bfaab85c8f9067ae7d7369056ff752c0c852ef1462a96c22169004d4 |
| SHA512 | ec0e0105fcfbbae356dd55efbcf92975f35bbe5cb93fcabf4c08443e871957635d14830b27c4e1ddefbbaff8f9b7ec3590bf417a9442e1d7ee3607d14d56f664 |
/root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/.metadata-v2-tmp
| MD5 | d2c9cd4c16e0c4b0cb210fe307e20dc8 |
| SHA1 | 4e82daba903d2cbee541999528d220befd6e5999 |
| SHA256 | 80625fbb78f5f9ef533a21ecfb88398569119bb5c8c077bdeedbef62eb90792f |
| SHA512 | 94b9947fbf76a4b6ae6a967a4736b55749adf6ddc18b77bcf67e4756df8fbadaba62bfb17bf580c2fc98af215e32edfb29264458975ece17fa2159f597d18387 |
/root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 07a412e08825220262ad2890757ff779 |
| SHA1 | f46c127dbc070ded87a6078b3c1c761955f96de8 |
| SHA256 | da640f8b665841b520d2262a21cc3f82aeaa881cf81a1ddae27ef501d66544e4 |
| SHA512 | 0134c783bf3293848e479b478ac57a1e0f4202cddfb8b57bc6275aada7345f398cf8a627e9b1c34fd618192c2f0c9737b1da487daf33f9c557ebc1377105582b |
/root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 993d6a827b05215734d5bce0af7a9623 |
| SHA1 | 1bcb47b360fb0d81d12c9cc142af6942a365b0c4 |
| SHA256 | 759b55196800f604e0161318cff459fb1e9bed7b4eb77fc2b040379d41f541f8 |
| SHA512 | d1c01ac83030104acaa311f98f639592c4f04a82836cfd956870a1919ad90347b41868b4bac98383986c693ed2e838c59bda4a12b808619a6a5a192e00681b2f |
/root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 8922e80878af40b51a093756a442b81f |
| SHA1 | 52cd4cab3c688560c10296ba728f94c8223071c2 |
| SHA256 | e3b049076cd128cac66358a723ee90b0982389e3af670b0d57545616c101e8a1 |
| SHA512 | 9c832160797e3fc824c3786c86955aa05f672d0883e2481a7f0b3888bfcea14c660317bb64b3f799ccdb970751dfb2d449e33a12eebc31b5ae776c05dfd93b33 |
/root/.cache/dconf/user
| MD5 | c4103f122d27677c9db144cae1394a66 |
| SHA1 | 1489f923c4dca729178b3e3233458550d8dddf29 |
| SHA256 | 96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7 |
| SHA512 | 5ea71dc6d0b4f57bf39aadd07c208c35f06cd2bac5fde210397f70de11d439c62ec1cdf3183758865fd387fcea0bada2f6c37a4a17851dd1d78fefe6f204ee54 |
/root/.mozilla/firefox/vb0uel90.default-release/prefs.js
| MD5 | 362473670c7df9a0f57f4224b7796c52 |
| SHA1 | f86cde8a92263be2f4382f4b3911448f65227e97 |
| SHA256 | cca00d11f58ac82716fc001cd2d4118169425fe4d4568e9b0b6b9b4935015cec |
| SHA512 | 3970d9c8b6a01c85ffb7245558cf847de4f6aa5af8e42fe44f312c1211979810b22365812f3c75abc325622b13c75828928fd0a205d7f8be17b4dd74f4478459 |
/root/.mozilla/firefox/vb0uel90.default-release/permissions.sqlite
| MD5 | 3609a756dc78ba6df254da0155a97deb |
| SHA1 | 19ed4605adbae95adbc4127009d2fd1b93f1f7fe |
| SHA256 | 5951f7faf9ef207fe195fbb316ab25e2652209fcffc677a7582222268833a7a3 |
| SHA512 | adb06659b4175a7b68d455db32521d7ece6f0f963f75990766c430615d1e4425d3478d840efc398c289e1883a154a6aa25c7921ed604dfecdd8937733a1db908 |
/root/.mozilla/firefox/vb0uel90.default-release/prefs-1.js
| MD5 | d44709c7e3c35d900726ad73e96b9b13 |
| SHA1 | 0123beee0bfea3a65bb682ccda44a74f568eca4f |
| SHA256 | 7267c8a47fd92f76dfe99dad9ea5533e12eee74252d16ea7f6851d116331d47e |
| SHA512 | 60eddb02b93e712d06b7e0ea8e77a14b3549b2beab12bf817a7d26eec419199a4ebda1f0de92123a12b0ff08a8146be043040a21c9e47fc735ae8bf967b98527 |
/root/.mozilla/firefox/vb0uel90.default-release/times.json
| MD5 | 3a999b30e0b8ef083f445e4764ee42eb |
| SHA1 | 0a008e4537721ccdd10e60ed8f9f9440573c918f |
| SHA256 | 0c407ba983dea1d211887b49805434a25fd8b05853c9cad561da0b49eec96b64 |
| SHA512 | e24f02de00f14759932ecb7c2a3afb83fcdabe39fd8c2a2e84baaa10c1571f97d22447fcc75c115ea991435e40c5d2dfc71071656cfe18268b53fc9cddb75869 |
/root/.mozilla/firefox/vb0uel90.default-release/cert9.db
| MD5 | 7d424ab56eb43374cfd8e660cee886bd |
| SHA1 | 7f6b08dead6b178f5cb51e51ef05a039f2ba1e98 |
| SHA256 | 13dd64215ae7ba6da4a487dd327d68bf390842364f5c22941a56f9d54d1ddb89 |
| SHA512 | 6bbeca1643f34a40348c1cee2d95b8491dbcb90107d52f19faa9b7abc5b92a76f228572e2146151ea2b2c5c4110c0011444719140dc0ddee9f2995319fbadcc1 |
/root/.mozilla/firefox/vb0uel90.default-release/key4.db
| MD5 | 09a22a625d58028e019802bb4bb02417 |
| SHA1 | 603285bce270c1d4f4bde539d011b246aae0e7ff |
| SHA256 | 775ae4631ce068c1ccdb24b2f7a1187d2f0559f0a691f921adafb0eb87ba4a17 |
| SHA512 | 3d41ac511932a17e756c6ffc43ec89ca206189461a7f31af0de88dfbecd9dd1b3b8ff3f035cfc13d0ea4bb1d52c077f6cc1ed3aebfd5b2653915a36b34632226 |
/root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | 759544297aaa61f5fef8ee42d0ae4393 |
| SHA1 | fc2d66f6e60409e3e8d38623ce5f817fc7f571e0 |
| SHA256 | 1bd2000cd972e80cefaec6e982ba261d224a818f367de0fdf8c51fa5a05d7ab5 |
| SHA512 | 8aaa2ce66f10d46f7c9200af841ac7bd9f5b55c30308a14f0deda44ac62581c45daae45154487c0073a0d5847d5926cbb4072ca64a702ac6b834ad0bb482804f |
/root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | 15c33e833d3aa0446b816013baad9c77 |
| SHA1 | 2fb5532e78f9ac245126275ec25cebdb9d807a4f |
| SHA256 | 3b99ad96aa3347db46bb904cfb75511814b47b107d69a6672ba6a6aeab45c6dc |
| SHA512 | 729519abcacf72da109dadc768b2c57816fc96f82153ea15dcec2e0e771381af56c098b21e00a2a6525cb8323db3f1b57da161fca27fce7709e6a4900cf8fd94 |
/root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | dd3f6ba37c670af5953593535e435d04 |
| SHA1 | ecfe4e650a050bce77e8ff7468de04c1b8acc9a4 |
| SHA256 | 5cc6fa137a1f3a7d0b615b178877f12c460b22f95702eb7534d5732ee6599561 |
| SHA512 | 86e0482543faae6fb279ca71e1e6d6461d32317e74baebb3973e0fde9800107faeb9c2347be6cf8a47556ae43c8e6c224a595e952f621e40ad2c5eba920df2b3 |
/root/.mozilla/firefox/vb0uel90.default-release/prefs-1.js
| MD5 | 090e126c7052d9f06ccd08b26b64a5fb |
| SHA1 | bcb2ca3e19702fcade9899fd7e75d9da2c500a48 |
| SHA256 | d5540b53721d7f06fd5d29c6660d2369d6911cded72c0a8957062c6b028b9d31 |
| SHA512 | 817b512d6de61f6a9936b9f5d6d6e3723494415802d1a943197c774a0b4b910f2b366cfdd0cb6ae4ccb91708ffec637cbf95e841c9f342bbd38adf07a232dee2 |
/root/.mozilla/firefox/vb0uel90.default-release/prefs-1.js
| MD5 | 432d5b1d66e7f5858fbdee10090da44a |
| SHA1 | 2bc29df178c4bd9dd99e501971c09a310239f7e4 |
| SHA256 | f8ba754542a9d55d2c2b4b0596850a9e2266182f95aa37d3dc2204edbfe3b6e4 |
| SHA512 | ff90a1fa5fd28b6d095e32db5f2a347d469a2e795ec6d0970df1b4112d279c82a75e1659934c3dbb2471ec38a6263d57bb1e6343405c3a781ed0ed908579c64c |
/root/.cache/mozilla/firefox/vb0uel90.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F
| MD5 | 107213a85909a2cc704555603e482a94 |
| SHA1 | 9498803080362ec04eadbb81d4d647b8fb810990 |
| SHA256 | 9965ad137ded023f99e72da31ac99d80c8a57461fe37e733b9dca57a9dbe304b |
| SHA512 | 5bd1e4f7663ad6dab27219e3826d2ea68f6e545fb0a6da012b1bb0143103030dbc4b6ec19279cecbbeaf6edc15e2d62218f0a3cd9e928dd6edc9e1d03b9a367d |
/root/.mozilla/firefox/vb0uel90.default-release/prefs-1.js
| MD5 | f3a0050925ea7abb8fdff3c146963b78 |
| SHA1 | 65360dc4e2d67e9e9a45b20f20fe42a9ef393758 |
| SHA256 | 57e05c6488ded88177b664829ab66fc2e332c70b53d9eeeacb9158f88669797f |
| SHA512 | 9b5e11c66f350e5237d7a26fc9062f628130836f240207682533a38f7e7c80ba4c23eb882b96e2e5e200a5481af4e38aa26121f3d0b1f8f50e6a5fd6830aa9ab |
/root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite
| MD5 | a8dd7ebaad5528b23f82ccb1534cea18 |
| SHA1 | 600daceacfb5cf9df0b66ba7dce4516b2ac4df70 |
| SHA256 | e5b0d02c18ae36c4a220f41fd97c66060c17aaafcbb324a57ccdc2707c44c4ec |
| SHA512 | 67f867a8e2b37fb6bececd5ebc570ca594ea329142badd63d1281d5e735f515a5e329abc6eb9a9d3465aab0a08541b4888018d859964f160a52345ab93532bff |
/root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite
| MD5 | 43a8916c902e7adfc3379af8c8923c4b |
| SHA1 | 1c4da42197a913f133922964772c173d3cd53c20 |
| SHA256 | b6a7ca15f7402026c191fcc8a00dbd75e606ac629f7a5a18d39533a079ab90ac |
| SHA512 | baa94b64ba592de742cbafc5d1144e8da5582aea3d6a4b136b2ce4a0763278d18c10c3fad8cbd22438a8f120a2084abe7af1165d0dcefece8d88d31d8b576baa |
/root/.mozilla/firefox/vb0uel90.default-release/prefs-1.js
| MD5 | e3a2f08461d00e6aab1d8f68cca43553 |
| SHA1 | 4d91f0b8c135599a3764c98c41023cb2db6cb821 |
| SHA256 | eedcc2f5bfd06b0c3e37919682aa744eb868feed07fb866db54c8ab8f2a4e25d |
| SHA512 | 85ab9fdc40a29f8b4a092ac4305afa707e59c5f15bdbf38d7d1780aae17019a5f7122a2d1f34950134fa76ce97e84645e44c727a45f54338ee9205fe44341f60 |
/root/.mozilla/firefox/vb0uel90.default-release/cert9.db
| MD5 | a9586ace6f59b77aaa5af449b83a751a |
| SHA1 | 5a40397dc13ce1bae3dfbd8d3514059c817bcb4f |
| SHA256 | 6c040cf2a2a68822a0c020c44da2aec6aaa549a1da9ed70df9842a6355e1e876 |
| SHA512 | fd0775b004e7dcf1bd9cc7e9ca252e22ce05e48f70a968c0dd437a920a3cb9d4cb221923866e21b968b47a7616a3229534b29877287722c445ba3372777ceeac |
/root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite
| MD5 | 7352c8848e88edc39b7fb5e663888187 |
| SHA1 | 8c3dffe25cc56c7aec1b782292d6fceed81e6304 |
| SHA256 | 7a462086a26978809c719e57a7ea6a25568767fb7532014e8531fda94b660e0a |
| SHA512 | f2a0dbbab5c2c1702b03bce15a47739481f523e127d1372b40534db9a20b2bc99fb53710ee0e5d44176188817cac704cf4f98cdf087e7e89d244281fcfc3b280 |
/root/.mozilla/firefox/vb0uel90.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite
| MD5 | b4cd206dfd142286ee444bb8b7cfd611 |
| SHA1 | 68e8cda2fde2c0a52681fc1a98d00ac6520d819e |
| SHA256 | 195520e63151835d0e8aeb19d98df4133fe95a8aa48a55739f0a26a66cda71f4 |
| SHA512 | 7080406760e2f8e76fef774e48b01429b5fa4caf91676b2fe06ef75a3fa07e206df3d5dac2db01a4d49be827a44be1f72f8f22f2ccedb7bd92f3e65c4023b2c1 |
/root/.mozilla/firefox/vb0uel90.default-release/cert9.db
| MD5 | e56927cafaea85561914706b51523004 |
| SHA1 | 69b44d1e1096026d0929eda2f9c6b28556898c6c |
| SHA256 | 91a94321d20b88679ca70082930c8097131daf27c031925eeb19279ba53df6ee |
| SHA512 | 1c456ff6cda6436014148efc88587cc60389d35e06679fee70b7d1eae278fe51b42724e643846b6fef3457ae7d89226705eb13a08a84adbc6bdd1f4f671dabc1 |