Malware Analysis Report

2025-01-23 15:37

Sample ID 240416-lyhr4sgg8y
Target http://dev-unumcarta.pub.network
Tags
collection discovery evasion antivm spyware stealer
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

Threat Level: Shows suspicious behavior

The file http://dev-unumcarta.pub.network was found to be: Shows suspicious behavior.

Malicious Activity Summary

collection discovery evasion antivm spyware stealer

Checks memory information

Reads the content of photos stored on the user's device.

Checks CPU information

Reads user data of web browsers

Changes its process name

Reads CPU attributes

Checks CPU configuration

Resource Forking

Writes file to tmp directory

Reads runtime system information

Enumerates kernel/hardware configuration

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-16 09:56

Signatures

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-04-16 09:56

Reported

2024-04-16 09:56

Platform

debian9-armhf-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-04-16 09:56

Reported

2024-04-16 09:56

Platform

debian9-mipsel-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-04-16 09:56

Reported

2024-04-16 09:59

Platform

android-x64-20240221-en

Max time kernel

146s

Max time network

154s

Command Line

com.android.chrome

Signatures

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Reads the content of photos stored on the user's device.

collection
Description Indicator Process Target
URI accessed for read content://media/external/images/media N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 accounts.google.com udp
BE 142.251.168.84:443 accounts.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 dev-unumcarta.pub.network udp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 1.1.1.1:53 safebrowsing.googleapis.com udp
GB 142.250.180.10:443 safebrowsing.googleapis.com tcp
GB 142.250.180.10:443 safebrowsing.googleapis.com tcp
US 1.1.1.1:53 www.google.com udp
GB 216.58.212.196:443 www.google.com tcp
GB 142.250.180.10:443 safebrowsing.googleapis.com tcp
US 1.1.1.1:53 update.googleapis.com udp
US 1.1.1.1:53 qzcybnxzhmtwhnr udp
US 1.1.1.1:53 ekwtjwyu udp
US 1.1.1.1:53 xnqajpboh udp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-04-16 09:56

Reported

2024-04-16 09:57

Platform

ubuntu1804-amd64-20240226-en

Max time kernel

84s

Max time network

85s

Command Line

[xdg-open http://dev-unumcarta.pub.network]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself DOM Worker N/A N/A
Changes the process name, possibly in an attempt to hide itself DOM Worker N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #5 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #5 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #4 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #4 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #3 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #3 N/A N/A
Changes the process name, possibly in an attempt to hide itself MainThread /usr/lib/firefox/firefox N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself FSBroker1680 N/A N/A
Changes the process name, possibly in an attempt to hide itself FSBroker1680 N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Process /usr/lib/firefox/firefox N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself ProfilerChild N/A N/A
Changes the process name, possibly in an attempt to hide itself ProfilerChild N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A

Reads user data of web browsers

spyware stealer
Description Indicator Process Target
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/cert9.db-journal N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/sessionstore-backups/recovery.js N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/logins-backup.json N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/sessionstore.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/permissions.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/sessionstore-backups/recovery.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/cert_override.txt /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/protections.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/cert9.db /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/default N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/thumbnails N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/2918063365piupsah.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/cookies.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/cookies.sqlite /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/handlers.json /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/key4.db /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/shield-preference-experiments.json N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/temporary N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/user.js /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/cert9.db-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/xulstore.json /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/logins.json N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/sessionCheckpoints.json N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/key4.db N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/content-prefs.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/favicons.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/prefs.js /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/addons.json N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/ClientAuthRememberList.txt N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/key4.db-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/favicons.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/cookies.sqlite-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/ls-archive.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/2918063365piupsah.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/extensions /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/sessionstore-backups/recovery.bak N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/permissions.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/SiteSecurityServiceState.txt N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/sessionstore-backups/previous.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/search.json.mozlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/extension-preferences.json N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/ls-archive.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/times.json N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/protections.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/sessionstore-backups/previous.js N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/cookies.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/signedInUser.json N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/downloads.json N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/sessionstore.js N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/cert9.db N/A N/A
File opened for reading /root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-journal N/A N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo N/A N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/online N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index2/size N/A N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index3/size N/A N/A
File opened for reading /sys/devices/system/cpu/present N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor N/A N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource N/A N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class N/A N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device N/A N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class N/A N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device N/A N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor N/A N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq N/A N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/1707/cmdline N/A N/A
File opened for reading /proc/self/fd/77 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1831/stat N/A N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1642/cmdline N/A N/A
File opened for reading /proc/self/fd/34 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1683/stat N/A N/A
File opened for reading /proc/1698/cmdline N/A N/A
File opened for reading /proc/self/fd/35 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/1828/statm N/A N/A
File opened for reading /proc/1908/smaps N/A N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/fd/40 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/48 /usr/lib/firefox/firefox N/A
File opened for reading /proc/meminfo N/A N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/fd/31 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/42 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/49 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal-gtk N/A
File opened for reading /proc/self/fd/76 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/1560/status N/A N/A
File opened for reading /proc/1776/statm N/A N/A
File opened for reading /proc/self/fd/93 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1798/statm N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/1909/smaps N/A N/A
File opened for reading /proc/self/fd/51 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/gvfs/gvfsd N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1888/stat N/A N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/1555/cmdline N/A N/A
File opened for reading /proc/self/task/1644/stat N/A N/A
File opened for reading /proc/self/stat N/A N/A
File opened for reading /proc/self/fd/39 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/sys/kernel/cap_last_cap N/A N/A
File opened for reading /proc/1576/cmdline N/A N/A
File opened for reading /proc/self/task/1782/stat N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/41 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/43 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/6 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/29 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/45 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/46 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-document-portal N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/44 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1776/smaps N/A N/A
File opened for reading /proc/1798/smaps N/A N/A
File opened for reading /proc/1828/smaps N/A N/A
File opened for reading /proc/1908/statm N/A N/A
File opened for reading /proc/1560/attr/current N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A
File opened for modification /tmp/tmpaddon N/A N/A

Processes

/usr/bin/xdg-open

[xdg-open http://dev-unumcarta.pub.network]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/grep

[grep -q ^file://]

/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/http]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/bin/sed

[sed s/:/ /g]

/bin/sed

[sed -e s|-|/|]

/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox http://dev-unumcarta.pub.network]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox http://dev-unumcarta.pub.network]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20230522134052 -prefsLen 19257 -prefMapSize 230809 -appDir /usr/lib/firefox/browser {5e579d55-846e-4a98-ad42-87dcbfb1ae87} 1642 true socket]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/lib/gvfs/gvfsd

[/usr/lib/gvfs/gvfsd]

/usr/lib/gvfs/gvfsd-fuse

[/usr/lib/gvfs/gvfsd-fuse /root/.gvfs -f -o big_writes]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 21807 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {8984e352-613b-4b5c-a612-7de640e1e7c1} 1642 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 21475 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {d40a1e88-ac84-4cfa-895a-b0921e56ddf4} 1642 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 21941 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {f15458d4-6501-4d32-8ec6-12ff7e5f5135} 1642 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 28015 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {928cd97d-8c0c-4516-be51-52fa009ec33d} 1642 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsLen 27749 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {8c30d6fc-e109-4c60-9dcc-1bce114ed236} 1642 true tab]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 cdn.fwupd.org udp
US 1.1.1.1:53 cdn.fwupd.org udp
US 151.101.194.49:443 cdn.fwupd.org tcp
US 1.1.1.1:53 services.addons.mozilla.org udp
US 1.1.1.1:53 services.addons.mozilla.org udp
DE 52.222.236.48:443 services.addons.mozilla.org tcp
DE 52.222.236.48:443 services.addons.mozilla.org tcp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 52.25.6.244:443 location.services.mozilla.com tcp
GB 185.125.188.61:443 tcp
GB 185.125.188.62:443 tcp
US 151.101.193.91:443 tcp
US 151.101.193.91:443 tcp
GB 195.181.164.14:443 tcp
US 1.1.1.1:53 dev-unumcarta.pub.network udp
US 1.1.1.1:53 dev-unumcarta.pub.network udp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 1.1.1.1:53 detectportal.firefox.com udp
US 1.1.1.1:53 detectportal.firefox.com udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 1.1.1.1:53 example.org udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 example.org udp
US 1.1.1.1:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozorg.moz.works udp
DE 13.32.119.185:443 www.mozilla.org tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 1.1.1.1:53 a1887.dscq.akamai.net udp
US 34.117.188.166:443 spocs.getpocket.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 35.83.153.5:443 shavar.services.mozilla.com tcp
US 1.1.1.1:53 a1887.dscq.akamai.net udp
GB 104.86.110.232:80 a1887.dscq.akamai.net tcp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 www.healthdigest.com udp
US 1.1.1.1:53 www.healthdigest.com udp
US 1.1.1.1:53 www.huffingtonpost.co.uk udp
US 1.1.1.1:53 www.huffingtonpost.co.uk udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 buzzfeed2.map.fastly.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 normandy.cdn.mozilla.net udp
US 1.1.1.1:53 normandy.cdn.mozilla.net udp
US 1.1.1.1:53 contile-images.services.mozilla.com udp
US 1.1.1.1:53 contile-images.services.mozilla.com udp
US 1.1.1.1:53 normandy-cdn.services.mozilla.com udp
US 34.120.115.102:443 contile-images.services.mozilla.com tcp
US 34.120.115.102:443 contile-images.services.mozilla.com tcp
US 35.201.103.21:443 normandy.cdn.mozilla.net tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
GB 104.86.110.232:80 a1887.dscq.akamai.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 classify-client.services.mozilla.com udp
US 1.1.1.1:53 classify-client.services.mozilla.com udp
US 1.1.1.1:53 prod-classifyclient.normandy.prod.cloudops.mozgcp.net udp
US 34.98.75.36:443 classify-client.services.mozilla.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 www.amazon.co.uk udp
US 1.1.1.1:53 www.amazon.co.uk udp
US 1.1.1.1:53 uk.hotels.com udp
US 1.1.1.1:53 uk.hotels.com udp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 www.reddit.com udp
US 1.1.1.1:53 www.bbc.co.uk udp
US 1.1.1.1:53 www.bbc.co.uk udp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 www.reddit.com udp
US 1.1.1.1:53 gtm-uk.www.bbc.co.uk.pri.bbc.co.uk udp
US 1.1.1.1:53 reddit.map.fastly.net udp
US 1.1.1.1:53 www.ebay.co.uk udp
US 1.1.1.1:53 www.ebay.co.uk udp
US 1.1.1.1:53 www.vox.com udp
US 1.1.1.1:53 e11847.a.akamaiedge.net udp
US 1.1.1.1:53 www.forbes.com udp
US 1.1.1.1:53 www.vox.com udp
US 1.1.1.1:53 www.forbes.com udp
US 1.1.1.1:53 vox-chorus.map.fastly.net udp
US 1.1.1.1:53 m.sni.global.fastly.net udp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 autopush.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.107.243.93:443 push.services.mozilla.com udp
US 1.1.1.1:53 incoming.telemetry.mozilla.org udp
US 1.1.1.1:53 incoming.telemetry.mozilla.org udp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 34.120.208.123:443 incoming.telemetry.mozilla.org tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 fp2e7a.wpc.phicdn.net udp
US 34.120.208.123:443 incoming.telemetry.mozilla.org tcp
US 1.1.1.1:53 www.theguardian.com udp
US 1.1.1.1:53 www.theguardian.com udp
US 1.1.1.1:53 www.wired.com udp
US 1.1.1.1:53 www.wired.com udp
US 1.1.1.1:53 h2.condenast.map.fastly.net udp
US 1.1.1.1:53 www.rollingstone.com udp
US 1.1.1.1:53 www.rollingstone.com udp
US 1.1.1.1:53 rollingstone.com udp
US 1.1.1.1:53 www.independent.co.uk udp
US 1.1.1.1:53 www.independent.co.uk udp
US 1.1.1.1:53 www.idealhome.co.uk udp
US 1.1.1.1:53 www.idealhome.co.uk udp
US 1.1.1.1:53 g.sni.global.fastly.net udp
US 1.1.1.1:53 www.standard.co.uk udp
US 1.1.1.1:53 www.standard.co.uk udp
US 1.1.1.1:53 www.cnn.com udp
US 1.1.1.1:53 www.cnn.com udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
NL 2.18.121.72:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 www.vanityfair.com udp
US 1.1.1.1:53 www.vanityfair.com udp
US 1.1.1.1:53 condenast.map.fastly.net udp
US 1.1.1.1:53 www.nytimes.com udp
US 1.1.1.1:53 www.nytimes.com udp
US 1.1.1.1:53 nytimes.map.fastly.net udp

Files

/root/.dbus/session-bus/11c67417355f45d397f6be11f62e85a6-0

MD5 503ed24711735bf08e14971b2ca44da7
SHA1 ea32ab1c12f9d5495f41d7f2cce8bdb7140c7dfc
SHA256 afca1c5f55320483e66a11d66fab54ef11c0f6fef542926100b3777aaba60d65
SHA512 7195ca22be723be84fd6b9714f42f2d7d6a43657ffe5bea006cb3c2345f45a7321ece984eb24466e3af50c62894f73acb58e87e30da73ae2770b7938371b2f90

/root/.mozilla/firefox/Crash Reports/InstallTime20230522134052

MD5 6680af150917166f02de6b3da94fff7c
SHA1 995c0f7b7c095bcc71af3b4b4a80d4dfc1e1a1ec
SHA256 4316b16c7c20a4346b3154553b620824ec96e074fb420880cf355f6a12175875
SHA512 16f41ab2106e6e00984cca759f37704a7c25eb1077aa7bb95993f54fbc6bff1733c4af70f82ec928952e5245e3bcc100ab283d0b309df38eaf6b580b1ce1d35b

/root/.mozilla/firefox/yone7b0x.default-release/times.json

MD5 dfbdced14e23cf1339f79e46cf2fe5dd
SHA1 74b514aa7c66d45235edda490e30ea2e4969536e
SHA256 f0b8434c8b92dab2e500c48e4361c90a0d2e46e5a975b56492a2080789896889
SHA512 ed6c6d9a369c16c04c4bc308cd2b855c93b28c7c7ab60efe859d0a6f29a55a3cd9756eeacde1005b34d9b8cd4b89d86437b8831c179722381b214124ad4ceedf

/root/.mozilla/firefox/pk32gd0s.default/times.json

MD5 6161e3ed73cd997568bc6ba690814d49
SHA1 fb3676bc0a14eecc966fe323a9579cf7817e3f9e
SHA256 2cdb3fc34e29c1df62c7396a72dd5d1dd1e2d71948c9c488d6d9311d47b415e9
SHA512 20439f0b0751544a6689604f20f93c3d4277b9d704edd382626b8000abc6f5451b91a428759103e5ec89d1864b50453d6faaa96c7db0bd0a7832305f7e375306

/root/.mozilla/firefox/installs.ini

MD5 bb9b45c6d4fdb9e7316cc5cef867e2f6
SHA1 02179f10db43f2ef5bd71f34a4b5bdeedbc8d33d
SHA256 7abbaebbc78350926c37221c06ce16149cb104e46ae79a1649e64e6a35ba1400
SHA512 f03151ddfe1f7bc9977160fcd627ae7c0e3acab217748b8fedbca5320938c97e805aba7316aeeaf735bca14420294ec2149dab5a66b3d27a978b2c11676110db

/root/.mozilla/firefox/profiles.ini

MD5 d172a39f37f6d48c6dc1944d68415090
SHA1 63fde3e122f835a3cec4235ae138428a565499ea
SHA256 b419a47b106764586de19c9db79b6baec38f63c9ff4e8e4fd6cc750794ad239c
SHA512 27be1d433c491c3f6ccfd66dbfb4e75e19e46c7e89a6cf9eba9f07cb6c06244efa8b6445efa84ec29f43e96082350453920b2dabe5190b3bb93826ea3978f803

/root/.mozilla/firefox/yone7b0x.default-release/compatibility.ini

MD5 fe452b7294d5928a9a5863b89ee0a6bd
SHA1 a5d4c245071fa96476ba48b4725bdae7f1b7940f
SHA256 d5bfb07561606a19aa96557ea109b175050dc0eb805cbef9c813503587d77900
SHA512 dc37d8507f08849e3382d2dbafd4a64555dbd57a288c95131e9aefb366630f1585811a9e1456b861bb9d2b816ed88b18ffb7580cd92b41bb9b0227ce1363843e

/root/.mozilla/firefox/yone7b0x.default-release/cookies.sqlite

MD5 9535f5fe817accc769c2c1d3354db39f
SHA1 6af62cf08717cf3bfa84eb1a7b311acf522ce560
SHA256 c53c15fcfac2bb57fdc88d23f932fc244dbaf4020f0f6eaecf0f77a37c21f8c5
SHA512 dc9c2c32eb42dda0a7a711e143aea58c603c1e9d885c3677e9fe86f525e1b0b32a46e240756263e56510b07e764ba69f2de13b90ec18210678242e10cfe17837

/root/.mozilla/firefox/yone7b0x.default-release/cookies.sqlite

MD5 5caa766855d5613a999f71b7812d6451
SHA1 ad0d9a52a0d5cc7f11858301dbe47377ed99ee37
SHA256 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27
SHA512 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba

/root/.mozilla/firefox/yone7b0x.default-release/prefs.js

MD5 516708b19367e6c980f428c54d821090
SHA1 e1cc75d9143cfe3b3c7c8a32b8e9a967cd58633e
SHA256 7f873fd1dcbbf57bbf984d2994cf944e90b6af2d9b5baa8467e38a4de58a403f
SHA512 ccee28efbfe31f739b9f24a973cc4aa204fe1b5439d7bb5954b98a4c3a6fbe6e9f6add7ff0607c39fbed69e4c69aa033507623eefe57322379675777f4395d4c

/root/.mozilla/firefox/yone7b0x.default-release/storage/ls-archive.sqlite

MD5 e0c613bfd69956a19ce2dc5e925aa223
SHA1 14accb230edcd6cb76967cdc6d4e5686db96b5df
SHA256 0d4cb11f6364c46a75f9eaddfca5c660b90dfd515df3afcd5e0baeca28a0f1ab
SHA512 01643c0131a392be92b3f281d7f633c1f502bff19090b0d716f1ac66aefecc3fcf92f393bef66b03089c9b9c6d8aaeb711b6a4f29d5a6729dd188c838f2272d1

/root/.mozilla/firefox/yone7b0x.default-release/storage/ls-archive.sqlite

MD5 178d71e5529d637ac62f7e75fdd75896
SHA1 339f2b949cc4c207b66aea11137448ba28d36dcb
SHA256 7b0050f1bfaab85c8f9067ae7d7369056ff752c0c852ef1462a96c22169004d4
SHA512 ec0e0105fcfbbae356dd55efbcf92975f35bbe5cb93fcabf4c08443e871957635d14830b27c4e1ddefbbaff8f9b7ec3590bf417a9442e1d7ee3607d14d56f664

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/.metadata-v2-tmp

MD5 4b9d07d03d7cf3b86f080d92c58a1b1f
SHA1 4abfdfa50262a83268de605fde863ef7ea03b2d9
SHA256 e57311cbfcd351eec92eb4bf5757dea686da9d9d3dfae1d4dbf4fd5e2b34df75
SHA512 fd1fcf5e9ddfc21bf90ced2252b85910658bb33ffd46c942dc7c24d6961ab757083c178bba1ad2d7ee25780cfebb5d1386069b1f74be700683a395ae435a9186

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 07a412e08825220262ad2890757ff779
SHA1 f46c127dbc070ded87a6078b3c1c761955f96de8
SHA256 da640f8b665841b520d2262a21cc3f82aeaa881cf81a1ddae27ef501d66544e4
SHA512 0134c783bf3293848e479b478ac57a1e0f4202cddfb8b57bc6275aada7345f398cf8a627e9b1c34fd618192c2f0c9737b1da487daf33f9c557ebc1377105582b

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 9d3a428f8b238a7dcaf607362f3f1e2a
SHA1 389fdac21b7780c039ecd23b51d865d83f236173
SHA256 4f35a3a0a1a204c55f001fbe816685f8d07acc57d95f10f291fd37a261f1fd95
SHA512 83287222fa82adc0e48654bdbb93d7830f0861bea617c1a38a32b22283c6f0d0bee1a34bf3de91696bb7f02b6ac4fa24f6e13fb522cecb590c581cf4b8511433

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 e8952cd308bffa19a16c81bc9536fa49
SHA1 1e5c3dbbd2ff151eb81948bbb78e7a7427825331
SHA256 5a648e345ea0413fdec2f3627b3db81ef13444a39174c7136433a09f88ca80c5
SHA512 08ba30dae4b4dab9c505a780afd2c2e3a50217c660beee14849989443c106650279346ce866f81bd1690570495c328bdb8ff882b615dab54c945c52a773552ef

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 8ae11a34a20c8e7c2f0d065889b28d76
SHA1 0052f94654efe1141a98d3497cd8e85bf7a0d222
SHA256 b29db02e114cb2c8c4de1dc5a9003b079c1203f78b71ca846248ef231ec1afb5
SHA512 91636a5491143a4044cf06868bb78972f7333d4cdf50f342f5410a3f37d6ae74a46ff5862bb2f3ddcd072eb26a0ced45e0edb7d39480e389fc7f736105b0e120

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 8703278d72709757e62d985144b050fe
SHA1 9b0542e821dfbcdf68718e314b06f86a6f12a081
SHA256 eba12a40e3dc44e2bdfa2e1af7c6f64ad2d8970584a0082a773094d3a6456904
SHA512 c01fccc8c86bd9598d9a901eeca1017bdbac91feb7a4aa181187284f0761e86df42b7a6d06da991b9ce98ea3adebb5cc2671499ea2973464b9582410234dc133

/root/.cache/dconf/user

MD5 15720a654b727d02f40175b72e987a52
SHA1 bb6b68b672dabb82fbbf1ecd4f20b2c77dcc19a4
SHA256 2f853830f422d48fce93fe7f13df6cc5a6fe86237c62cf706f5ac6e9fd6bc943
SHA512 52d57ff93c67dc6bd613ff69fe5bce3232b8f583045ef394c9aeb85a15445f8815ed3c4d7e457a2e71e2b22163fe81653f3da3e91a84fc76299fcdae89ec0c26

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 1c8ad1b08cca74e184ab5142d17edea4
SHA1 188e0ea31601015b1e1c356621600d17364560c1
SHA256 9a46885461b29253f22d4e3d0fe77c5792a2593baf00bd16429c34ce4ccb188e
SHA512 e39b8a3f1c8b20bb8b57cf6461a4999b44c6035564d94f103eb2bfcc16c7d3ecd239adf55aaadb819d983ca05f8c1056e2e6c24cbc6df5c7f79bbb382559b849

/root/.mozilla/firefox/yone7b0x.default-release/times.json

MD5 fbf717102244976e56b361e6ce8b384e
SHA1 01fee33cc823b4e14b56fd07b2926a6b90d81fbf
SHA256 d6ebb6f9389aecd7c1237561e37a3bf5c35b2c683b6407c6eb644ea2f3664bad
SHA512 b8fbb1a0829ebb0f8f4a2086ad5ad0ac5fc1c8e6fd0a52fd48288b1501e8672cb6c925b6a3033e808719b722e1edf5806316c48c08c2653d79b4b2cfbbab0055

/root/.mozilla/firefox/yone7b0x.default-release/permissions.sqlite

MD5 c5fb3ea880d2c138d724ef41fd0e7d89
SHA1 956c3bc8584a79e73dc4e7cf2b8f235898c02bea
SHA256 7d905a6e82062c51a680052667cf97590cb863c026acc47b738998851d104b40
SHA512 da8189516c4e4ceba5d78c73dfaf19c979dd5f8654d135f252a7e6c7974fbfd40069b2c9bfff9c24d5d71c8c870edaa7cdb1dcf2db410ec7795c0b5a575926f1

/root/.mozilla/firefox/yone7b0x.default-release/cert9.db

MD5 b371496f13a1004374fb19ccad618b90
SHA1 ce16915f960f9d828bd7af3981c54415583302d1
SHA256 a54042330b759995e868230f53a8fbc299f3ca3fac4a23b2930cb51184f7fe3e
SHA512 3678ea248f75b1cc53dfff83167e6ac8e6665849bf4ef576496a1a9d45a1b28c8afe390bed421fd27864f8e3ae19630a058853dcc10e0be288b0fbedae991c79

/root/.mozilla/firefox/yone7b0x.default-release/key4.db

MD5 fd18d99cad3be66806655d802b1bf908
SHA1 dc2b46fc689823db6608e159a4cab445631cb7ce
SHA256 2d60a98e6ccea4ac535db4c8b7a9f1788b9fd18077bc1d7b1d3b293474f9bf91
SHA512 7992c9f181e6bcbe0918a60541b2ba5c0bfe463a28db580c42ae20983c9db407a1d9642057216e6fb98bef3219f4f178b8f08084a47d96a6fd31c3fb597c6417

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 759544297aaa61f5fef8ee42d0ae4393
SHA1 fc2d66f6e60409e3e8d38623ce5f817fc7f571e0
SHA256 1bd2000cd972e80cefaec6e982ba261d224a818f367de0fdf8c51fa5a05d7ab5
SHA512 8aaa2ce66f10d46f7c9200af841ac7bd9f5b55c30308a14f0deda44ac62581c45daae45154487c0073a0d5847d5926cbb4072ca64a702ac6b834ad0bb482804f

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 faf3b2da49d1e433ef3e98ee8cb4683a
SHA1 883748de206482833acf9f070bc5d763e1f74f36
SHA256 6dda60a2d70c2a39b8278120c5b5676f982209c70512ad7996dd0a637ef617f1
SHA512 aa68ba508f4e317750e7858aab07c65946c2594b25206ae4bab1d5cf7053ec07329d9b56611f234dd4df4146a06e58f693ef5fdeda58e8640b513bc9c46d2a9d

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 dd3f6ba37c670af5953593535e435d04
SHA1 ecfe4e650a050bce77e8ff7468de04c1b8acc9a4
SHA256 5cc6fa137a1f3a7d0b615b178877f12c460b22f95702eb7534d5732ee6599561
SHA512 86e0482543faae6fb279ca71e1e6d6461d32317e74baebb3973e0fde9800107faeb9c2347be6cf8a47556ae43c8e6c224a595e952f621e40ad2c5eba920df2b3

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F

MD5 56d73cbef7c024347c621a9c1553daed
SHA1 7f8adf43232298ea4d6bf1de5385a5650f5e9ab4
SHA256 c69a87e307428ef1d7605d7fe91da8773085c623d33a28370120f504b003eb08
SHA512 d87b331f3b5484d76c3303d44a069f50d59596180b06ba960bf8fb7e8eb6b19e73bef29699b0741a5fb5d35c43c98f188f7c3c12c5e4d0b71650014f07eb4519

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 f5752aec925a9a8f86834069f43c95a0
SHA1 1867203455137bb91a45032ccfc1629a3a8753af
SHA256 e8b993d013c8daacbfc50b1a8786ba710d275dfb2faecafbfa48c810f7e446ba
SHA512 83873c3fa5420b3dc2e1bf06f9f9cd9feffa4ca30d380ba0c0f1b31388832f73c4a4510daa7a5fae269805a3c0c00f53fe2fa10bc6a8737402b8c54673c25084

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 b43a80fbb733174e5d198ca5234564f6
SHA1 fbea9d49730e6e84f15a3ada1b802b29ad29c27e
SHA256 540a6a28a02207fab97b1b3fb820c84f9c1f7411ecaa6c2993af47010f50e75f
SHA512 d86d4e74eed1c90562b9c16a11404dcf5b69d8f651200f1031b335b283ea689e9a95f7d8308857f3decdf568f5edb2b89e2444aeb0a1dd3403cba992841eb14b

/root/.mozilla/firefox/yone7b0x.default-release/cert9.db

MD5 2c6f9e3a2980b5d3ceffb68896f81fc9
SHA1 7f1b8cf8fb685659442b38952a99768ad86e56e0
SHA256 c070d044089d5b3b7c75cecc3c22d9782651f9b7e8275bb84fe6fab5c5babe61
SHA512 b490618e349f994f7a6cf93cbee22a40cc6aa07dd92422b083da3f22d26fb5fd3564fd3f00644dd9e0fae4ee8ca0f5906521b679f62f14b750caefdc461be141

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 05ee9d309a2959e81767d588194ebaa3
SHA1 c7465c210911baa25320cd25ab4a62f806bf9c18
SHA256 ede56c7792de9181d8aae238a8ede3d3c91e9a89c9be3bfd71ce6972bc59de59
SHA512 09423bd528f213ea635828a9a25a9c4cdd5f9b71c9c6745dd26faf5c508897e4165064d6ca03178c3292f9ed6fd4a98e1b08fd9d779d0948508ef9339fbf88dd

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 2f8d497869fc3f1c304762e18e49f5db
SHA1 c2dfbc0c555df9c1f1953c7d6ff53420e7651ffe
SHA256 3d70ec29047d2642698966590142703e47694b5b1d300374035342a924ec6e2b
SHA512 41a5b0a720c81d8c02058668f2f59dc56261bb1f182b301c9ee5e65f577ce485bfce43e68dd0217916c82a4908e12c571195901e0b8535ee169b18f4d9f8cf7b

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 2df7bd69310675ea9f0e587bc197f410
SHA1 3b1f0cdc8f2f04924da8b53e75174a1cb302acbe
SHA256 4f1b3a3df751fe242dcd218ebdd98da1a4ae5a99da235b0ba2f7a1e173c21273
SHA512 d9b695d7f8c1a08d0feabfecbd6bdb402a7688a5eb8b90b744b0ef94a35c699fe7790426a8aa78f30e9c1ad1cdc80cd1df75ba3f2cea8e64ebc08f3f2d60b688

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite

MD5 a8dd7ebaad5528b23f82ccb1534cea18
SHA1 600daceacfb5cf9df0b66ba7dce4516b2ac4df70
SHA256 e5b0d02c18ae36c4a220f41fd97c66060c17aaafcbb324a57ccdc2707c44c4ec
SHA512 67f867a8e2b37fb6bececd5ebc570ca594ea329142badd63d1281d5e735f515a5e329abc6eb9a9d3465aab0a08541b4888018d859964f160a52345ab93532bff

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite

MD5 6eef56bb9ec86bbfb9c2b620f3bfde81
SHA1 6cf894c83c79198a9298cc0608828186ffe8961a
SHA256 abb6750b41c7410544b5e80796d5e83bba1b8630cad4447d6786ff1f658b5dba
SHA512 d85a3d3881713b5e78594500d777be1961ce3d2f147cc2db834740082e45a1f7ad68129a572b35ba11395d046db94cc5ab540a70e595bd328c7301dbb25113da

/root/.mozilla/firefox/yone7b0x.default-release/cert9.db

MD5 9c5a8478bbc0e8911c4cbf477cc26c2e
SHA1 6fcb496ff586c9493a86f6bce74bd68eaa22a650
SHA256 fb94457d1384dc937e3012f17d08d5a9ad3ba26fe641227891b0e19fbd010acc
SHA512 10d54b5cdaf78904018c3806947e78337109d6f8037ec3a386890ab0ebd5821aaf3aae99bb8a3f8b7a8e00ab7749722147cb69576841e7be79bc5612c9cc2970

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite

MD5 7352c8848e88edc39b7fb5e663888187
SHA1 8c3dffe25cc56c7aec1b782292d6fceed81e6304
SHA256 7a462086a26978809c719e57a7ea6a25568767fb7532014e8531fda94b660e0a
SHA512 f2a0dbbab5c2c1702b03bce15a47739481f523e127d1372b40534db9a20b2bc99fb53710ee0e5d44176188817cac704cf4f98cdf087e7e89d244281fcfc3b280

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 20628e5ea977cfb77f17cbf6ab02fc84
SHA1 7b218cf391ca2bbce1c40b31d08da9aba9dbb220
SHA256 98e490198b1adf7a80e6a84c823b2d8d6c8fec240136f1c30f6d6e9b3b225e3c
SHA512 d8069d8d764ef6520e2e52689dcef758a2927817bbfd5de001e58a6debd00e1b60e90130f8b4f69ea4fb61a37ed660e0fdb3b6629dce1547cd540f45271b1c0c

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/44230749A38B6989F56217B435A03E84CCADE62D

MD5 fb8b2e6788724ea0c1e0b041c8bc370e
SHA1 92dd1282bf1e3844ee89505a81e404e54c5aa056
SHA256 0488b2102cc1a5bfc45dcc4e78f6d863d038879833f7f4ef9baf011bf42d50fd
SHA512 777d7a6104d5e7a0c13974db2921e49cf701c2f14747d2693b37c1092bd3ad5ecf384aad5c1285670f010d70a86c4a1cea49c21ea8a500c1cc3cb1adfac065c0

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/6D89348819C8881868053197CA0754F36784BF5F

MD5 da4a73be3f803178541926164af28b38
SHA1 68a3d11af71a97726569c549545deb1e891acc1d
SHA256 6b3d2b2a64cae9ffcd03ee3975f4ac35b609aa6680087b6b415096e85cd4737e
SHA512 3fbfb4b64913b01dd33e449301d532b6fe5dcd1959ef337c8cca2b28099bb692846bbce05887cce78d9a24797dc12a57f9040bbad3459599004a24c966cd2127

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/099EB2BF8827A4F91EAB3E38B14650D0205226F2

MD5 8729808282bb19b3982b645d66f7aff5
SHA1 d187f8079be6c6b064446fc2a324964085713137
SHA256 de5f32f1c674bb4260a10e7646f3f395f6c64311eecf26187f35c60a640c53fd
SHA512 f693b1dc32829537597b2b2c826d920e22b3969e184b6c631e02a637987e3407ab02e2d233f2b03a91f90fae95578806fb56c651c9ee8f19a787e868530fd7c9

/root/.mozilla/firefox/yone7b0x.default-release/content-prefs.sqlite

MD5 1fc2e7b7fe2c5be305dfa9a2bbb60771
SHA1 4967389dea050001cb1af3ec799edb7805c3abb8
SHA256 1953edcac737d1ad3de6fbf69671163882fdc0be5bd21d00378d8d8c753c757a
SHA512 fba536378ab9b5f04d92f1029b92d255c7da445a29e2527647bc16e57d02c179de1e78a2de11db1b00cc54c24d3715980c84c0cde103f47c6150f2e7bb8f93d5

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 9fbbbf5c4189c2c9168e12eba62c4dc7
SHA1 71e1e9296d610d29a5a376c89a0cfd4b0bca3aed
SHA256 d89f0977dce160ffa8aef7578bb06d1b6cae30e507f643d3dc5a3a9bddaed746
SHA512 6073cfcba3dd62a5bf96e96bcafcb47862dbf96aa1ce09c67448830192227cf4e2e161eb70333854cb1d53604f55709712deebd6ee6c585ba7f1104e318758c8

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/234DCF9574A823100FC94DDC9DCAD40FA19A034A

MD5 e98706cbafe0b50bec4821ce582bf00b
SHA1 bceccc073cd96ad4fcf5c1f944d94bc6d4ee42e0
SHA256 a58cc6997f20143cb80eec11c3fc32d94c660f22215438e719d42ced2bcd5fda
SHA512 7ac9e4c7726b7975512bed3f786101c50d6666dc7f364ffb82bc9a28877d5bb585b17e5080380e4362d73ac353401853c47b2c31e56edd88184a17be8e7308f4

/root/.mozilla/firefox/yone7b0x.default-release/protections.sqlite

MD5 c7cc11494c34e02565df83d17beb33b3
SHA1 f379ad7c0fa73476d3828d8a89ef843046332c12
SHA256 7ca17bb171e22b4ec498c1d20587b30d62d773b114d0e66bb00ec874506eb85f
SHA512 0cfcb15a985a35e917c9652721b516e2d1c358c6db3dca4452e866d250b6269c4cc69773277f5ddd5a0c5a338f95d9f6134224f0097df194985161cd3d47cfd6

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 b774a6427a7d7834ed4a45ea68d559e1
SHA1 c8ef869a89b0f4eae2a6ddf51224c0faf3f8fb99
SHA256 bf5103fea069c9b5ab1522370867dca3aa016929b48a675b08a72ca8e24bf779
SHA512 abd2775b88079a39237884831cd20877bbc9ebc569131acd47dc598223503a47b06a55739d85c04627aba0925ed0454e3bb90f1bb55fbd026759bf29e96b6466

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/5BFB16A85A6415C5E282039C927A86A8290D09EC

MD5 f2bb1baac21c0b3bf690885a42b57fcc
SHA1 95e858d3e47e5fec66824390f591283f9a467662
SHA256 2b56d82adb416b2cdcd9f57f0f561cac1e687dc5053bdf58b84fb2172c69e191
SHA512 0ff51bbb83398894fb05656bb64f90e16b99e94b7f712794ba8516357a89d707efb9bd56d82ab6dbb6e64ba1c9411a632864a080f494d6b309b0fca1231f5f98

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/0EC4CDE0C33626CA7FA76264533E1686E66A2198

MD5 076dab3727256a31bb4e3e5f57a2ffba
SHA1 703277826ef88068904474419080610cf5239870
SHA256 66080040283efb29f26d053fd19c1cf477b48eb196d67adbfea546e49211a041
SHA512 5efe67e31f417af082e91ebf8150418bb871b53122642704c3c5703bb778ecdcde4c03073ec1c982066caf4b567f42b6996df638407e3b7b945fe5a5149c0585

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/740D98CF01550607B0C0C173BEDE235CDD244769

MD5 882469c96ac71de760f8681bc9b01239
SHA1 b573f22a300580871e64ee0d7190138bd98bea03
SHA256 8a7b4774e9627c808436d0da80a6f5a1fd379a54b1962b837a890a0bcf10340e
SHA512 4131cb9e34c6ab2fb185d892334d8230dacfad8a77d7875ee64d26beaf3c318cd8bbdc85d2499a67be1dcbc2c9e6a4e53156ebc65db183dcf25dfa4f1e2f6e9f

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/EA1E3132006CB34CB9058E6891C35B731B9C4D9B

MD5 f28184ea64e6840c231448e97fc84526
SHA1 e004d17c975bdf45fe0819da946d87a44a08a09e
SHA256 5e18013b076bde1da23355bf31644db1595d944d8de51ecaeb2828503b70de9c
SHA512 8e55e27805d635d11cd98d2ec992192b0269b030eb4a42f871681004b0a43317b9c823abdfe86611f97af38f2e479719b8e827f4611720842e350b20f60fd728

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/DF0CDE23AA0F44779E78EFEDFBAED16DB1B4DF40

MD5 5d172b34626ba33937b6033422f1d02f
SHA1 6fb629d2f82605db09bbfd39ec9a300819bfd070
SHA256 370968c3178e08c15eb9b2a96d4c0c4e6efd896b17897888f72815ce52cc60aa
SHA512 5d3919564197442212a0ce54a89ad5041875c38662fb256586ef2ebf6631c345926481ead223d7999db80c7a09961538cfa9f4ed9f7f772d955be2a2f07db33b

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/AEA4652B2EE4F73C050AF03B16A1F4233A21190A

MD5 4abfc08f210ab85cab32a79aa6508f3d
SHA1 d4844738761b3f87cf07b69fed49e34b89ab5c35
SHA256 faf8d545d32ff68bcb55498a359f714699e310078a277fce45f49ccdac00a452
SHA512 cc0574a3e8ecbe4eaecaf7e83932d977d1006433bb52c3a04c047ab82ca3147761d8cd310ca42e94cb1eb7e1889b6cf481796d2214588fdca134559985f26901

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/37199C7D5F6F6AD9F1070AEDA92F5BC12CA1697A

MD5 0f2d1f19b4b9fa85701a432082b16017
SHA1 f995ce65f0c1e6b76af818ee21dbb1e2b8483e71
SHA256 d2f0d2148e333d4e41630171a4768d17b2bbf5081412e118a1a382496214d9ae
SHA512 e33ccf287c9dd23b2fec379eb6242177396400ba6bb119adeb9438c950130f8fb1339bb92efaca0644bf325dbb3a5b98d6d550d0ba50db8c2fc83889a8b6bc47

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/8A9FFE40E2B059B59F3D4F607769C77976074DEB

MD5 53d2f846994a83d794ce0cbc8601935d
SHA1 a59d1bc407ce1857a45f88f553abc09972e35d7f
SHA256 7571a89a13a47dbeb05dcf6a8470df6c0962b0a60e9e942efc1a9010cec06c25
SHA512 1fbf0717c77f6163c3831eb58ff385a7585495b543be9ef402be415d36e692843df46e0cbaed0a3a426fa23165946b8b7a718bd911fe801e5f56342753d34a77

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/8A9FFE40E2B059B59F3D4F607769C77976074DEB

MD5 a2cada17744b9c35d2fa30123e324923
SHA1 a45a4824b058bfc938a4d2a25811e3950a150d6a
SHA256 972bdb389438d24a8968a7586a195412d217b051450400e9864fa660463be0c8
SHA512 f058ac37817ea8cfbd19c6a89be0d87bb85a5a003bec720fd14f0aa4baf0fff26cc814ffa1d06ac07f8232e7e85007a456f7c6023dbce5b6bb08e29946cb27f8

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/3C3F70E4DC3E28A1214E285C6A7CF5A45FF65071

MD5 006a486111b2704eb183a0c26bf90c26
SHA1 c5fb69e5d0dbff002083cc9f4890d70d5b8aba76
SHA256 a99aacc7445d75b4ca578850e5b98c85b5629a73787fb8aa0d80d54799480048
SHA512 461bce5291fa2ead1f15f24ab32f0e427bb27a7678381d87c41493fd2b71724267a6a788ffcef001c1b50958851a170c33fe24edadc582cfc315c6dc337bf778

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/482CC65825F28DCB92D0DC46CE356A5D06DB0ABF

MD5 538b8c79b7e4a32f9155e00f4e5d920f
SHA1 eaab1e2a8ff7c32d2ed201d32a5e6edf9657f1fc
SHA256 916ecca2712de65b912fd70b43cbb656fb54ccce6eda4a2abdf24fd2172ceffe
SHA512 629e6259321634b1452f51f5e495a2708044ccefd3d8ad5b45876674f88505fb67d54d53d2a17513f3924489579a4debffde632d02f4819ca217ff0aff721ccd

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/6F1DCBB59367EDB26B52C078DFB5C5C6E2015812

MD5 e2d5d00b1b988d5ca666e6fd5b660931
SHA1 3a9309edec0133666ba5eb093db0fe9368b45615
SHA256 1683aaa6b4c702243c378961b17fa6be881424dc7a746e451cca32f72ac3f612
SHA512 9895dd8980eb0af226fa3ea7b97d58ee789621301488ab7566ed10528a3bad4efb7852bb0dd196f32669c619b9e2b94a0792bb66122fc2ee30c49fdd3b016462

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/EDE675BC5BD66B9EEBD8A46A4C06CC47C388FD92

MD5 121f75c5d55e5553ae550ac44ce4cbe0
SHA1 926fb05e11b561f95c16726a23e58a15e4c4422a
SHA256 57860fd4830adaa5628cb8bfbfe1945c1dbf3fc64989661ad8410582eac7c9b0
SHA512 0ddd15fb00ae63fc6ff58e68af2cd4487f533b238c967610ba51ea675c44ffed62dab7c692ff8dc952bdb3258c11460cf500d8cf9dc277939dad6e928c23e2b7

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 0030ca9dd0b4b5a37af8de553b4a3a0e
SHA1 34e47000164e87dbbebe7020610217685231cd3e
SHA256 6c9b2ec2c06db7949388de4326a4529dcdcc6513e43e8d916275349074e16988
SHA512 4d0690b06d9192efb6328f07535fbf5092e870e18828a61541c5d6b95d07f5d694d607c0141fc4e114f27c9c237233abd979df9289e8e0496811e44b320ea687

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/D23F7952044A1A6016B80DED46FC563716A295DF

MD5 e71a87637cae41c0e09f8da5f62fd3e9
SHA1 2b04ef868640cdf11ba0e1925dc99593698baff4
SHA256 74d4a1864cc85471c6105bc6f3636e6b6901fba074d931592f0f2f2ae1ebe06a
SHA512 be601e0b013f4b5fdcd2629bf9dd83a2f9ab507490c663cb31423f4871ede7b37b39b64f33c1357ea3a4f791857ee66c382f96797031331de502559eebcd757f

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/6FA34B5B6783AD62C7426B9D254820E4FDCFE74D

MD5 48efbadead92ca031db494cae2d9415a
SHA1 c8a473d728cdc18318ffaf101032dfe8ebdc832d
SHA256 8e63559e2e7d05710679e02f63256a74896eaf75749b30fededb5bfbff62c8ad
SHA512 34c6b93f318a93f60be19f5da9fce8df5280855baef31f192ad131fe3506183d2357fbf3561690e7f3b5604164482c666cd9d217599346fee8222fdfe6d7c11a

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/D154E1CD66DAEBBC055D1D367858E65F2CC266C5

MD5 1fd053fa5973f2915f644d417ec23a07
SHA1 031ed7a7c74c76b8c8239cd1dc28254e408ea4ba
SHA256 870ace04b54c9f1672eeac04ce3c425990995435640c3242fede3435cd036e0d
SHA512 0c969873d9c4f5f461e560865fe41672ad0cdf8e88f42006ede1983f848503f20696b83fb4570d0c6d0e4e49daebeee624d86a86157c979dc15cebf74d268cf8

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/3F5BD2A3838305545BAF11838A20DDE8D3F6CABE

MD5 66a333af25dd4261e6107813f3a7cc22
SHA1 b8a483c9e11a0f95cf62b2460f0feb18dde97a80
SHA256 085ae9c7aefc41622848ae05a86c0292e839a6e16b83e78a7c43f15cfe6a9cc0
SHA512 7aaf35b6b71aceb9f74fb5093f7a518ec8e657850778c8e4cf3f41077618682ba7b04ac0826f77771409ea3dd60e86178db1a7d9325fd0a366da0d50c9082306

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/6762E24BB9F66A6430B9C774503510453B4EBA21

MD5 4667cde14afcb0e08c1ff628e37fa62b
SHA1 ed52bba4af5d6631333b7e892c93e802fb10b7dc
SHA256 19bba8106334814f63128a0c434c96e8b82772f59dd4e4fc070b9d4f6d2b2a41
SHA512 2a4e5aabfab59eb62492755ce6b19ebe9778a4a21f3b65e8745135bf4c69cfaa57b0455bf0bc924b9053e1c48c216508bd0cdfffcf729e8686e703c606aa5cc0

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/7DB3359FF1AE28D679D8DE03A74F2C06BC18D50B

MD5 fef7f9c54c87f7d45b221c9d757c7bb8
SHA1 b165c326e404ee24ca9803dbdd5d6d0eadd9a58d
SHA256 3def237bda1dab8c52510a6800c25730cc1386bb70be188f42825aefdc3d2ee9
SHA512 1f06d4b3185bccc5c00131ec7cdb1cab7668a907d2b861a8ffdad0c555f7fd8719ba15360df1ddbcbec65906ea0199f530bdc7e50baeb5054ab48f5a5937a5e3

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/58FA4C93D2C2293EB9F0554BA83740A06674316F

MD5 f0869fa4cf109e462d1857ce7741b5e1
SHA1 dcd2828f9ac6f2d5c17fe0403a0e023b7fa010ad
SHA256 dbe73d9b3354a1d242bd4bf913dc6ddd7902d8233245f4c2dc4ba3fb9ef53a46
SHA512 b057386879b26a641f6bdb2f61d73c9e772939adc8d98a06185410e76241934810045171c19c545f061347df7b240beb9b62401cd75d88cfdbe27d22a0d233c1

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/D8EF12DD3F5A0B350AEDF5A0EBB7935D12C12CE3

MD5 93467b5975b429d95694ca04d3d9b57e
SHA1 541212742ea032f98fd4e28b6a178dd4ce1722b7
SHA256 441cee07a3a74f3280f2e3d50e2b855e77ba8b0563ccc6d185636221038bd6e1
SHA512 e039ec2a0e63b6b2d03bc2542a71c5de274dbe02a9f237ca197dd1ecc7ed54fd968e0ad704f5183ab4660d5a0afc82ec51d3da41a228d1dd2e7f088f4ef6f635

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/109D080055C1548CE320A422FD98DA1D5E1A5BC8

MD5 17542d902936e1d9b193a865df160e42
SHA1 bb64b48e63efbe5bc5a9760b2ee5c0ce61c9541b
SHA256 bfaee4b982ae16d37a44d1100341947249728e82d8ec35674d30dc9689bd1340
SHA512 2c48756b6971ed1a429b9fc85116363abbeb2cbadb1116b7e0eea453a664df0aa0e6536b3e8b3f99700a9a5b1f1fb19113f899c331598b35b8415663ea8d6319

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/EB54A150D146E18373102879FEC933D15EA6532D

MD5 83509e99481970ad3054eb5c8c11a03a
SHA1 07e0711662f753c87d803b5081fe1ce2b03912fe
SHA256 42e5ed83a251c95c3abb7a2a1243389d7eb57d87ec3fa2341502b9709ab9ffac
SHA512 992453ca07996f0e9f5fcdf33da1de41ff61ab25c31167344ad5cc2ffe893ac43e1f760c4ca8c3fa150b831ee77198e54e88c054f433df69255ae61d244a541c

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/9A308F43B0BC400E7E635992F2E06E4CF27B921C

MD5 583ad5b7cb2f35b6e9e3dced0dc950fa
SHA1 f659b314259e821dc1e6ab2bd49de799f483b9ee
SHA256 6c9a45a09b761404644417396649fdd72fee4931799e56d1adc4c8df070f475f
SHA512 e46d79bec64af979ba9acf672a2fc0d09960a16f442eeb33cf30d35e8f196db45398d8b91a75f9209381a8b42dafa0dabda61a741399a6df531f61558221798c

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/C29274EB142DF9F121363010F5F3BA3BBDE0FBC5

MD5 0df3f5f380b8470fc8d6f5971124743e
SHA1 fd23f85f08206fc7d5e018a0c3a1132e33820d80
SHA256 5fc3d597324bae95da3431860867de12131fc882f309a6cb6b5a0448b4d2be3b
SHA512 b06bc0d3543bc709f2ae9a81faeeed635d4857a221f95fb9cc8b5e0a084209469c8cfb4b683a48d5a1011f193236d95c928ffe0b333301347f6ab7babae8df06

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/C29274EB142DF9F121363010F5F3BA3BBDE0FBC5

MD5 1770f36ea097e5d958b0c07f69f85478
SHA1 3994cd46f88a8927b40e279966b82c4209071600
SHA256 947d6cef15e23f891e723879ee79519360ace278364c6f2193e5bad40b7f5c2f
SHA512 df7748efbc8563c40f0beadb8f35ac376a710d7beb9a870c2ee6f652f512b472b82434a372f3782365d361df85226e1108ee9e171126448da5d2d18f122c5d06

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/99D01D160AC7ADE6301F3559541FEF1A6F6155F0

MD5 0662f53d272b96ee8af10740426470e1
SHA1 0ff499550b3d6fbab3fb887b97e78e3543815c70
SHA256 379b28db120128ba19d9df5b1826ff71b086bb3b714005f496b2e419946e3553
SHA512 0953c753b8b021704e52be80ae626ccfe416829545ccc38bdaca48faf06bc2f693daaa4bef69215bd30f8e07d691dd13c7592dbe60fc3693c36003c19d28d836

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/AA70DA0EA77AF599D16F76E79A98272BA138060D

MD5 965f0e245632c08b0ca75cda26bfe423
SHA1 840438b0aa75dae78600fd757605ff95b613a4f6
SHA256 e22c22c08b70471693841b46f4d310fedf216d48d365119883d690d49da2efb1
SHA512 8d7135784245be5c12c179a1c8f2d146110d82a8a6609d89ccea69b3cbf9cd7e8219a2042faab106a6fcd6d6f9583d7036b9567b909f3dc4846bb9f969587189

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 d96f641c5b07b58a390770d7345be947
SHA1 383fb6028fde2df483d477eda97c6c259f46af94
SHA256 6410793ee5f7279173b117691c7662ebdd48a3f649724a0d6ce2502ed2009d0d
SHA512 4296fb0dff5999a4bc35c37d3874d65504f5f4dd42b44097c7c45e45c5d6fbef803fd081b431c15b6052df7e95e6a71125082e0dd5b016da292716b3438347fd

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/D6B0ADD0DAEA00708CBB4290B85CCA0E0FA79061

MD5 465c67cab65819eae3fe28b921cad1e7
SHA1 18d9cd43b31a96b1d4c0f5988bf9aa53a83f09ee
SHA256 2bc6d4531c15e4ab30c9aa60e14664cd9a60744f9108e9e210c60c219c0621eb
SHA512 906b9cf175b6f01f5630f63ed676e5618e1f92b437694bac4beddae64b9da0d6c40a23715557b22b8f24dc475e13b3f6198bdb4c79798bb3b08564805047db11

/root/.mozilla/firefox/yone7b0x.default-release/places.sqlite

MD5 fccbf71f286e880cb3855912366dc857
SHA1 3dba5ebdfc024d1711b38882e5714ff221f453dd
SHA256 d4ef1039d9f8bef5ad31843827118615085a4d7c68cdb42fc42ecf6568b78351
SHA512 b37e05aefe0a03a184d43c4bb306f4e6a956079c532d58fd122e16a0037577992ddc333f91aa4ca42632d35f42689f35bdd9a597b5183301df3657ae10b49972

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/C982342375C355A44C213031EEAC97222E1367E1

MD5 440afbcda4acd53dc52487aaeb2ca7a8
SHA1 d2fd4b9af6a4e29af289abedc4432f49d2cfade7
SHA256 21aa8ea51cb521fec8412b662c2264f9447235bd8364c26e59edf68f0cf6f7c9
SHA512 902ddb3c044584c47ea3b6a84a979c3fb1b171d468d5a5573f8de03b9a1bde5c6fa634b52552a53d39a06d04db0d534e377deef36458d5aad4609b55e28ca1bd

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

MD5 ad013369ab6a451dd32548bf59e1aa3a
SHA1 479217b4cf52971078d3ac10f4826a8adca65007
SHA256 ad2525c0feace82f26f02058cad395d168f8dbb2009dff9c87b982f1bffce0c0
SHA512 6e85a8278ef976d82e0e01b4e541a1550da9c945ef04e95f6af037fa5d7b4c97e944cce00455eea34ba0dd5cc4b64226af3efd009620657dc9bf640e6ee65781

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 b7ff536315e98c4fcf9956acd378b910
SHA1 906386ffa3e19b32bd8b2d6abcad7f44f01c5917
SHA256 938263364aa0cacbb2a6cfebda88b1ff1e35847b00dd2b4afbb1f752b1c397ba
SHA512 ca99be9a8572783a09a5b9428430050e31ad8f131654ecf84017430d187d794d1afb0536652610b02c841a6134865d473d7c91238a55e964f1176a7e905710cb

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/254256B27E0C48CF9B80B695F0B3B8CA84610495

MD5 a0108dcd4f4b783b6343cec7a80f2e01
SHA1 cc30918ee0a4782c298a59ea0cd5c2f8e7eab43d
SHA256 1f16813f82f92f25cdc823d4c678e37e1484e58c638e0770a548ecc4054a9842
SHA512 cc0c813597ca936a653dfab89c398a019222019475cc02a3ba096b1763c3c4d154fbe5e71bd28901fecb76cb130b721be033f73408bcf0e2470973a9f9d1f1f0

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/2275F9569F28969C8FC69F9660A75ADD1F8B963B

MD5 9b53ebe826339f979224673a12daaa6b
SHA1 6bf3fb69f08ae0b4253990f815e64517ad47b70f
SHA256 256a7ae2a24bf2a6f3050474a3d1a736792fcb62fea8648f375ae7acbd7518e9
SHA512 84de9d7366a3c0c0be1230ca0e0fe79168053207dd434ccad186ae1f911bf79a15485f650989072e15fad036a2cc44870cf9de82453e0864545ba81c57821c8c

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/6341D68074682E86452F87860F4C1EDC4C7F9291

MD5 938e545f2ac33aebea869200388fae87
SHA1 6839e3168ac6c6d0ecb99237e7df4d1899083e93
SHA256 12afc32909b17416ea272172a36264152f8b9d70b0f52d3624babd5e265c124e
SHA512 d552c88a5cb26f75c14877009e178f33af6d61823925863422d3cec2f7a5d575613cc46ddcd04aab70a7883b1d8207a405e85fdc914dfba5e49f00a4271109b9

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/63F48F4F7F1BC3195F5AB831F9794F3DBA2D30E1

MD5 df7aab2ae3d656281bd6e5e79657cf77
SHA1 abb289b4e59bd1521ba8f0060676eb90d11eac84
SHA256 cc1803001801bfac51a3c35f83d3d44cc4c05d389ca216093bba628f12429908
SHA512 b5a6db5fb639bb7a56c212a23ba422c40acb3a87ea667dd2be8687848bf6d97391c620d1c0669eb5b846965c7d7b2b8b2df94369ac15f5aec776e7c649219101

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/F8CBD54DDA10F4286A41EC6A537240712D6C2308

MD5 d1200a9331dfdc2ed90427c22f124d95
SHA1 938a7e713b86ece0bb27f11ed9ddee32c9a29cc0
SHA256 047820af41be1557e64b7707939c510f79e563e5d9f40e9ad75ccc10de993c05
SHA512 b5b2a681f5c79f97c7e03b39bf0ff5b3c96ea45fb90dd75e2a7f5749d77278c5d8ea9d4456281abe4f32bb578a72cd79742102b6e761e54d27fb2fc0a41023c0

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/10EE2C4D3109203ABD2583074199E4F2FF8FF28B

MD5 ac14c4d228c059db9857feb3878b28fd
SHA1 2effbbff3a9ce3f0f14eece95671ca6e3101e1df
SHA256 dd917d1f233b9ce1623fc7b0d09cd308880a524af37ce856109a5e552ce4633e
SHA512 849f429dd46b266f546559742e63030c5f38d003b7ab5c8b89e81a3c793da4b11d15c0ba6d867b958d8c0ab246fff437352980fddd8af508644eecb1187b3c04

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 db756a0b9ba6eed2d37d5083338ac605
SHA1 91ab9b3e31664547086e1630fda7ad448c50a76d
SHA256 bb8edc7a54bc14c4b9b58526747542bba45b71021b650cd171983a34cf158d39
SHA512 ee104acf42ff4fcbf00a482d149e1f861d81b5689c99901bf20246003c27a7c0cb89de745491fc3298b442eb8f41962e82b5f2177eb9937e05025383a07ab4d9

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/2918063365piupsah.sqlite

MD5 d7797ca7ca0770758ec1843310528201
SHA1 d020a9f6711f0ec3a75a4506ec5441bfe85f43a8
SHA256 ba1e9e93d2fec406890ce6d8f57e8ca65007990857e09911d49fc21956d77401
SHA512 5425339a68a436fea01bd910e9533a20ea7089010ba1174c9bc4d0b602fbadd685100522941fb61e52f3eb68e68a5734b367e8e154c96a4a27b6df81070bd016

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/2918063365piupsah.sqlite

MD5 200e0e97a00d1609bcb632d4f1885209
SHA1 a4834f3f9383bb0961d77d0e98795c1243386940
SHA256 fdd22b520129aeddca0e77543dea98d88adf05cf04e0cf21388dbf8ff2786e8f
SHA512 060d6bdca1793d8f078cc28a9aca322df236fcee92c34f7a48012f76038f79ebaf0d76e5d46798563134733dc824f1518ff880b550c023c8fcce4f2e2ecf8eb3

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/2823318777ntouromlalnodry--naod.sqlite

MD5 cd68777209c8a3c6cbb32dafdf364b8e
SHA1 f093da9494f44f9f3e716522b4bbdc8babfb8deb
SHA256 988f2bf88f3ee56d8244f43030912d199c28eb616c9b0030307eb86469b45947
SHA512 30fe7f727a602ba8abe2dc0f14adc7af97a94c45df56bd2e18d7039069eea14e3481da40de423505c51654d25382e4503f9efbb13d654761bb23b84355d97690

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 e09c270b558eacf18db228e1ae630669
SHA1 f3cbe84f19899d43d83afff3f9a55ced03d18508
SHA256 f710d971843234803335bff039de56e61c9c5219f7d548b1068c3353fd612ae8
SHA512 9da40c24de71d198458182c52b4f8cc6fa3f12d5a88c3647f64c0e90540719db0292726600eb37258d0ccfeba7b65b13dce2e32c6e4526ecce84a625698bf4a0

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/DED23BB33EA3C88FAD1C0A1CD53916E0D8C424D3

MD5 5f8ee201d42033724278f4cb3d681c77
SHA1 9c3323fbb701f6d70129c76d3c55108fef81ab8c
SHA256 11ae9e7088c60953d44c2564070a09a166a93fc46311875eeb96e1a087f8c9bc
SHA512 6b1e29b79c11b0eb4613796a0b249a99f6349c17ba9a2b47bdb7694c8c071bdc06954ddd5f060c96072685937fe3bc2284b96713645462653086c0e568ba1933

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 2e622517f0b3378669cdf6d1baa0e51e
SHA1 b08272e63714e4985e6676ed027a410c8ee4614e
SHA256 46578b352d615cbedfa7264f624864b4f82a58615a3b94ac44e20c5adf75fd32
SHA512 3270188b6a7a101e94d278dd3b392e1a2beb944434b1177d215691569f51f23926edbd164788669a8470f57b09d68c39c794caf0a038c71ffe6091729937d9a7

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 d1e48bb5709779702234127de6d1f4ee
SHA1 b6f91257033532e51a6de69a71ebe254f5889f5a
SHA256 de099d22f142fe6613b26371dadca239a67e831fe8007ee722fc65271d6cf28c
SHA512 6d73fb08a3d4578a32582efc0cc934fefe68dd13d78755a29f31334f5a921864ceb11f96cae8fda15b88f20a2e49b59082ce25f51a245fc08e5fb14304f56edc

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 2690625b009f9d527bbbdd91b89b58b3
SHA1 e94b5cedba46f1e38767005b821c5962f4541dcd
SHA256 f31d4c96dfff84ad4441285c316fab00ee841002ea3385a08745ccc69c083043
SHA512 c53e4cee89d200b663aeea7c94d002f900c56603aaa77f5cb96b2729379818da2adabb044dc698cf240a9b8caa571b599b176dd1813d8902d09256619be2517d

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/2918063365piupsah.sqlite

MD5 d8831e62027c0bea517596754e6580c6
SHA1 abf681e5b2c3210874d61d4669e424cd3cab9712
SHA256 492293685eb1d5e632429feac9ea9ffd9617d1d093666faf4692e0ac6c7c6028
SHA512 8965c168b423db6debb0c8d2428d1e1b3b1b9bdcd46610a80e17a59607a9e3c9742b664bf80ce17684c805dfd2276a16782f1a7a135ab9be401da7b048445fde

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 1b73936c7042f903af71b3db9e58f1b2
SHA1 98ede82e8ecd3d65c450cc34b40794e1ce1980fe
SHA256 2790fe53fb4df4172fff1530268a6477aff36418acba218415de9a1b7597245a
SHA512 0080f3ddebbed7a28da2a324f3cd50d0c1e40b3d79c4c4be6404a58f90e4416ee26d6639a5c6e6c75588a2902ac84888f43e03fda6a92474bf099d43a5784a1e

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 b9d4fec8473295a78f5a901ee23f112b
SHA1 9d96e49f4e9a94ccdcf129c931ee3846f74b09ea
SHA256 14c670963d2570d53104d2469c6ff84a4fc7861c9bac6408e6b18e265c35c99a
SHA512 e76e1ff774d2737091293c8e67ade7d154c66c45e9f474190477effec1e9c796ca118fe09cea21218815ef1817f40053cfb798874f08575cf6a76dc5ade160f3

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 a037649df9bdb141f793e1eb93a1ecda
SHA1 f046cb2d2f6df60534cfee14456caa3bebabab40
SHA256 88a68b1e9e6d2f629dba1576e66b84a8a4c4b3c70659aef4c66a6a5873e4d052
SHA512 782c552a0e5ad0fafc0f1bf124c39fcc31821ba53e00c5a22a95449205fa91a2926c7bf39705beefdedf50c1cdf8d50aba5095a1836e9385eba9f3475b062def

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/007C38C4B531C6752F6BACF8DC65A26A7B4787A2

MD5 4b365f96d9bb1ebc624091dbde2df43e
SHA1 3ffa1ca13668b4c58a4e1435d6a164952fa45565
SHA256 f6751f770f1d1880416bef94b488e3d41e2c134bf8bd8e74729257f460addd0f
SHA512 292a92eb6dfb70015fc5f56390ccfe71d163e0bd06b419b3aa254899aa60ada7288921f3888c84e0af9561dd9fd36fe223a7616802a4afc3f5c49013b3de5249

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 01c3f23b8b9670f2b685cd4a68f0ea16
SHA1 9eead3bb6c2e3af17dd5c84a492ad0c8ec86f9e7
SHA256 548d6d85938c941d3c2962d2ba8b6b31ba52be1cc690bccc60db4b066d431993
SHA512 0c2c54c72f96f345cf3b1444dedf5a5466b647a4e68202d34dab593ab52a5387595b216d20f2194e37413b9655dcdc8d8f3ec07bec1277069770c90699ac65b0

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 e897c8de7213f955d1fd5cff4367f81c
SHA1 94ee1ad021a6041aa81e6c6a7d3f3604c5351660
SHA256 c4eb7d55af2d60f54060010d7b3db762de5dd946119e4efc7e90880d1081e78a
SHA512 1fc48e4ed61f142376d6e6c2aaddb8990d7fc6c03a0a296e349dcc49a1eca0d9a4db91fd7dc4be288b6782eae3a41c32aa2136177a260042c6d13359b337be4f

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 8793d6a9ded1024155b9d34939c7ea39
SHA1 d24c23dc944dc937737da0002c4c3981c5f23f41
SHA256 230804ea87657cacf9b8107e676104269e8ba554715ed43286508cc5dac483f1
SHA512 495bcdc098a1eed63ce161a19c3a962070bfccf81393c1ddc244b79b91dd5b8d4730a332fd44633444725d0c403bf1a7a794a933fdcc00f752a0a29d90866412

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 f7078d90327a876809f1f73849a3f024
SHA1 1f3b012151bc9453266a971f2130cc8d2002202d
SHA256 efb29816874fc5e56c3e8f309b93a0c8192b147201c7d1ae952b7d315663f085
SHA512 16bc0db4ae3f6d213ae63004e37c4dada3f752d3b8705a4a5183ad9fbb51a9b6ef17f5257dfb21fd798cccf2b83347df86cb3a92270e00a8c7af37dee2ea33ac

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 3d4df766bf65991087d38519224743b9
SHA1 49efd32d59cb90624a4cfe3db75977c7c06936b1
SHA256 428e64391fdb7a12f90a19e9e252d41cad873cf49aab8dc872e1a05a18450278
SHA512 7ed656f280a08ffeddf8d63e699e81581f4919277a2186b854024a42e881636826f9f4f36966067599f798ea3095a3e6cafa8386e9e2b280f30eabc56e0aa5cb

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 fa208f6758f6f869a999ad2a3d6a4470
SHA1 6e3024d79ba188c5c79f06b5b7e2186b83a630a2
SHA256 252b300c6248bf1fc65c62e93b1c1b69123bc465b55a8268d6a18ef5a0cad1d5
SHA512 30ab2a250a80201f231ce5e659a42a8d2e1031285d3f602bf7830a7b80a8fa50249e999232bef0ac4c1572c98e4c5c297a096f7b9242fe9c49e5c9522572f7bf

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 1c44c557c0a4ea8386a3b40cb68224b4
SHA1 99c2e7b4c91358ae28ef43186a9190c94fa8d821
SHA256 18cab19b9fe8fa774ca92a66368871620f9f14bc526f0b9b00274bb3a490bb54
SHA512 6b7b1054d8885b9a7ba2b640e32970249a672d763e3311ac46821925f7120aab65eec93dcbd30e2385942eac4f6119e9cf1eb9b000474be7e954badd01db16fe

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 24c0ee471595263aa69c29669742cc46
SHA1 b9e9ebcaf9069d161f369f81158f6274f37a64eb
SHA256 78776166c60748b377dcb272aff58ef0bc428ca90fc2b6b70c5b598aca4bfac4
SHA512 fd9a7ece5002d4f6579c220d7c14c8eef9c1e34ea258091f9f1f4cc341fc2a750d9f9bf94544891c59ce4807f9cd694c0b7092815545987b5b861aa6545a898d

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 55315ab0c7bfe971ddf8d362a7b13d77
SHA1 f969b23f21edabfa6f27496a67ddef5d637005fc
SHA256 ab9985b66b94d65383bf34c0e6188e214be850c00e680219c148dcb5a8939168
SHA512 63644a1a5633af276a1bab1fed7d5d9826262dbb48530a760fe918acc91c64568ce511f0abbcfbe360eb293f6b7380a5bbfcde74228f881b68dde3d191feae73

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 5f71e8fc65fa36dfb76f56228c0a6094
SHA1 a80c680ab693c941add06fa316f9ddfdf599fa0d
SHA256 f9b8b16a80015726505277e81c9bf462cb6beb0ac5a9a572f3587d2d1920bc6a
SHA512 e68cbd84240c79f6168c4a30509f59bbf2f564f952f78874affd58c466c723b2cf72e3615aceea068768b831b784f9458533b9699a92309a44b08dd42581b3bc

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 59842a795d32d4df2ea727d9bd2f4a11
SHA1 05278485e0db9bd68479b64ae98b608a76362b4d
SHA256 a418f76daee718be5ed8e83abd35447971cf1cba3bf05143737b0dfc18e1e464
SHA512 7864fcdfe2841adb1ed3c32db1b2dcfa19a10b52069b287788aeac5d120263b52d12e585a2447bb5434a7941651221483bf2f1cb79b87bcd37d16dca19bb83ac

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 394e44610b0d55ef507268df6e99d901
SHA1 a5e170b29b2a364af58ec2b468c93efc3bcec97a
SHA256 fdde5e3c89fd9950ae187db0e26625aa7118d27b47c92fe9cbf95a1ecd5092eb
SHA512 d70dcc5d39c79e0415a518a5a61db688366b829ae63a5379550beb633e12a1729d4981370e9e31da9177fa4aed1665e758fbb760b771635d39b26c226b9595dc

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 7a0e0c95fb8838fb48099dd4e079588c
SHA1 c902dc6ddeef2d28cd966c92cc3df7f91cf7f9c1
SHA256 b8bdfa664d1b6d79268d28e9596897752fb9915c396618f85a6d3950b62478bc
SHA512 2f5f4380e532ee297d93d9f311f5dbbaa573d876c19af30ce21e69125f25a27181592c11c7e35730ce7fd2d140072926e7e368200e43fe195a1f3bff6013830e

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 22b1170b1256e49d1d20c34899f8a6be
SHA1 2d162ba710a3ead5e14d749315df4d112a46a0ec
SHA256 896100a2383dd2dc8eb989f56ce6e631092d952618b6e76898c5080f50ae6d82
SHA512 3813afd96206cd2f29708853bf670db3094886a88b54c28080b493153f0645e47a62c8e1380ceac634a9838823e6ddab4ff9498252e838f2620e0bc140ba34c6

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 35ffbd7d7a5cf32b84a9f94d808c9b98
SHA1 2b2dcfaf372708059949ba9ab01982d4bce740ee
SHA256 03aebb20c301ba86d284b948b7a603702c0d4153bbbcfa1ab0f91a5800c04510
SHA512 8a7ac878d3665fa8483a302701c76f4355216b21f63b39ac19bedc706549aa24fad8d4c7080631b20a28b363b9561a5e88e6abeade8820a4025136a8f1e2f4c5

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 42513938dc113a7320b16d440f4d3172
SHA1 32e5b225a57c367e8dbc0318086a894f88b82090
SHA256 d091cb379b1b5fc186c749e806eb71483284984d8da9de6d0014fadb82aadc05
SHA512 930c82d9ee90b103c241def066927985f7138805d75b2dd9b68f8517889f02970c68f9573edbac9785cec04763cea90a077acd8bea7958161c96104f55cc3ce6

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 9255cf5d3897385b9bbebd849459bcc9
SHA1 d89acb46645ac2efd72ea033c04b483e519a4ddb
SHA256 61d6cc63e64b1067d9a2a99272bcaff51f62cfba2235bb98ad0a09839a4a2efd
SHA512 0f4195b61ec36c3d86c4a3cc84d29ada9bb666d6c1a0209729790d655981fd0e09f8c7eee7e64ab8ee92520a6691633bb077a17b0e06b583532fc80a6a814f2b

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 e15ee60bb34ae40f2801683570c1e931
SHA1 c64d053ccf252cf55764dca2a3dfb57f1a8e18eb
SHA256 729b58e752958dfb595d556a0c7350f4106a079ba1609d9456809198e65c10be
SHA512 3ebce788f5c589145a7cc6d253e2c9fc4e40274b8a897a80e60434f79125bbe40970e670c65c46c2c680fbb1c9f97be09121c9f6fc9ee2466069d81a3e0f32c5

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 07f242b28213ce89b2633e59f3893243
SHA1 680133b0a1c433d62728e73506078d05ce7181da
SHA256 aa3a760f3aac61dc89d1595a8478a227504e49b617691feaf79f4bf5e355ed83
SHA512 2c25a4396e8b3b8f9beb63b03493a72ce64dd0e3584c909718736d296a8c8955983bd6f38a6edfa4d746540d6ec54ed5be12cc37d26b463c6d3dbf9540dc229c

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 39c53231814199c166a434390694f93e
SHA1 668ab5720d025bce4f2311f96c731a2c1aef76a0
SHA256 800f9c67173c7e9ef88ae8274c135dec393b4ec6bcb5d9dbb4609f5f3da9817e
SHA512 0f5e46ca6c3d05d392e3d80dc2b6d0fb27c8bd59231cdedccdcd4bec9271340c68f26100d87e061114655761c8e0ee7aba65454490bb633ecda483570ab1f3e6

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 670833eb0762202dffee1ad53cfb34b1
SHA1 7af1d966a2d5ca58d9f7e61d0c3d33a6847c4d2d
SHA256 25bfdaeade2dc37df31be3ddf4efbb81a39e616a7ed166a02b9b938813926518
SHA512 e0fac8f76bc6632e8d83493428c3357807dc6aba2449ff507f9f2e95ca6a2e928feb62ea1db66c049936388b2328b43c06a697370c8f95333ec848f68524c67a

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 0a4949f0e54bed9e6c1daeb1968f6171
SHA1 4dfcdd4622197a333c81fba6f9fe8eefd1080c57
SHA256 c99eae84ccea2513db3fa79714e87a7702bcee32c35a25ff5fd7b488bba0a134
SHA512 d2d421ea65431874f67131122833661a58f7a5cae22b0783d71c7c39c34ad256d99076268c981cb5c0d69b4dff300160c73aa3b818de0073752b3c00dcff3858

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 9139a4209ac0f8a4fc7341502b4ad00b
SHA1 8476d2d0134d689cc474b8df226434ce373b2e13
SHA256 c1c444c780901e37617affaa612d5f2e79de3a91acf055cde37a15cdeb565a35
SHA512 8a69f8391275d7071fa8bf4960effe2dc3b4a80bfb03b6c3081b3c949a4a0761f548b4ed5656b551e322d6911170422bfd1c018bc116db41143c2b329d075953

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/55DF0B582DCA3E36CCA90380DA090B353A1A0145

MD5 8e4756ff31a050702636e493e5bf952d
SHA1 128c7733cec7e4c49ac31d08703cedd8851c9b79
SHA256 dea23f5943cf8cd02572da1d3cd8e038b850b0815c942ffc1bb025b4fa5f999c
SHA512 3f76a05ef35423cf55a9fe2b446a36f03f64884ea3df54bdb0b7f1a5deb12e2180dae308e664d8d2145316bb8956a22993780ab7163836e28950fd173779d74e

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 de1d75262a2ceb62f2d8d5b9a2477505
SHA1 60566b419e7f685f33e74c833a639c1b2d0530a9
SHA256 741c606de27e8d78df748d3f1579bfba7d34591651539e7084274fbd75940ac9
SHA512 f8091990449d8fb7fdc3e1ed7400ccf95da880122d7978f40b037f626a2774c71aaab5e27c0a554a89ffee04074a1c0e67ee53e5bf17ef5da725b7a14fe0f0d1

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 c0e4644083576b4e0df3633bd2db2639
SHA1 fc1ab0c154f010a4609abfe1c7d62deff553c4a6
SHA256 c9d19c0e64ccc5b47a56e23c199d11d8e30fe10499086689dd615dba5385f2f2
SHA512 63a3ea1456b2d3c1e570b66866bfc6c1a2fa32ade9693018e6e445145c2ba03f281ad9c863181c5b4e56648ea63eb65b5ca3be2714cb6ddeeaf6589d15a67ee5

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/007C38C4B531C6752F6BACF8DC65A26A7B4787A2

MD5 61e4f4a67618eded9a187cbcb1c4d283
SHA1 446c4444ebbaf6ba5906f9fca16e3a0dd0ae0b8e
SHA256 2c0f89b5b28da555e15177ced450e3a9b16660202bb606e9f2698600e40daf1f
SHA512 8b9c629708ad3e65cc6d434673dfef538f4217bffd612cc99b94f6a8e877dde9e2a4bfa8a2767462b4f18b49a56335d9f28fac2ab8d77a7e524c9d70730019b1

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/55DF0B582DCA3E36CCA90380DA090B353A1A0145

MD5 5b519dc0a025f86692d8fee87ad7fc59
SHA1 276f9ce1446b7d6b6b9984f2b17d760ced36bcef
SHA256 acaf447002afca0b4283aa459c00f319747d6394403564e0f1b41c90e352f38f
SHA512 80278508c1006097180ce7218fdee9dbd6c719fc48baa4940b3e2e0bd510e60f53288e1a87ca3f6a1a413cf6af252b28334728515c0251a56d9963ca8cdfd8ea

/root/.mozilla/firefox/yone7b0x.default-release/cert9.db

MD5 8fa6df7554420a8717560de52d0967e5
SHA1 2edf33cdc348cb16eaf919d15c48c73860b4ebfd
SHA256 8529bf7c0b26d1eea3f44afad541c135ce6a1092c54d1747c425d930e0f533a1
SHA512 f68baf04122ab3c8c02bb666ba9c4419cf2ad63ce604bd1930f646f3764f3961d226e13da994ed8e4a23961a02552f686f502142065a09fcf2989803603db84c

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 dc41ec250374d31e006d654f4ee624b3
SHA1 89e226405a636da37cc444e05628db7e7dee9e3d
SHA256 6a79b992ea1a55ee68772a3abefa3c24bf7604f152fe887f4c5ac7c124fe1bed
SHA512 4a81beb8ca25a8e7013801425db3de543ef6e1a4b6e8af10add61386081878b342c47a59aa7ec1dbcd3ac38f13eaf2da9ce3b75de21379dbf08ce6c9305c0e1c

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/FB890F623CF57448A41ABDBC2C81FA912594BE18

MD5 6c2dc624706211c3c430544173f1e857
SHA1 5a7606f3b22f93893114f7cc90ba2f1583c52a32
SHA256 c325af7e486c4274f3fe79538e5bf5e66cedb411f822dbaff572a2ca0c3c3994
SHA512 fa983ea7a7a62489455d3a369b358febc31dfd7c14f6976c46b6867a33f17715ff09cb429396731b01fefa15da7ee56a0578e3a90583ab6104928e4960ac819b

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/498812F2DAC5C908A634441E5DA79BA0F7F1F5D8

MD5 dca2d3780edaac8b3c57014301e2cee7
SHA1 991439b21d60ce17735c761b86cd6975fe0245d4
SHA256 1f752b2f568726a4b246a8d066bbc846133314cb7a6dce1d780dc0c6bd4cfcee
SHA512 600b022559403e04a985979166ef55af0f0d9481f519e921d689582f890e0c87a5cb7430d2734547fc54f02dee7535a3d97e5caf31583b5f34622c0acf0649ca

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/537F4E37E43266B3D908CE3DA434141C2D8B5739

MD5 ff03c1c04346755c2794fed967e27841
SHA1 81594770c002b8b6b491eb40a946671529beebbc
SHA256 0f3ba2f819585a8311cde6c21ca2620fa974a45f6539db01e49def33c1061081
SHA512 d54e32194ea3d958804e4fedacbe58a347902feaaa793307c03f34096f45bce33fd0a5fc1a609727bd05859e7c6385abf8751087924fe61054547f60136248ff

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

MD5 2d0b3c3d1d83939142d4376c70af503c
SHA1 9c9f77e8be234373f914fe0f2d01f89357cbcea4
SHA256 46df90f9a99115b6051bbdbc363a6de8c30c0151b2070244c6f0ddae8ebaa764
SHA512 bc846ee1137c28093301231140b9ec3edd119688f8fe6d442df0b1df6d09d14732690d2e515c6397368579b5e50d349e9455d6c3825642bd4f11b40d29397903

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/35F0A2FF4B4555DF80956150B324D0FA66FD56B3

MD5 76305e8d0d5cd66a4ec532c8b975107a
SHA1 6fb84a371be799fe0f918e8722af4d38c23f28a2
SHA256 790c6d7b9ca2c9e458baddce3e1b000308ad1fd7b6f5b79dc79f71920a67355a
SHA512 c9cc8a464c647ed676742252399e0247d56d6f819ba190c1273aef4cb556ae6df1db5f8f109613bad96a18cc12c35f71acee18103bea73e1e25acd094c70c88b

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/F8CBD54DDA10F4286A41EC6A537240712D6C2308

MD5 38e12290cd99647a853ef7547859b3bd
SHA1 259117a7493e3e3bf04148c830f3bf407b73d47d
SHA256 bbcd29b92781c97da8ed24c2a40466d283c71819f031561ffa7b36bd514324d4
SHA512 2d8a329de0ed1fc754280d001ad2f621994d68e56543f6ad6422b052fd37ab99d9ce9b3f81f03b0101531483c3ee88825d291b2632f52005048520e2dc87833f

/tmp/tmpaddon

MD5 152eda253e242e18443ef3282495bc7c
SHA1 ff0fa85565f21ec4931baad4573b4c0bd08c4019
SHA256 8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48
SHA512 94531e267314de661b2205c606283fb066d781e5c11027578f2a3c3aa353437c2289544074a28101b6b6f0179f0fe6bd890a0ae2bb6e1cf9053650472576366c

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 3cb8f5cb277447310cbc8d5c7da152ab
SHA1 379054bd11a5663285a55e3214028aba37dd2f45
SHA256 1739e2642ab26af23bfeea7d7d237f9e80a4548a5e03cd4be7d15cc4136fd06e
SHA512 62eddb30ac3e79454a1365c210322c28e9e5d9f7fb23999f4592692a0c1bbf0812ecb25282439a5e1e06a4ffd5ee362a84668faab779533e9c331ee3e3a12f1b

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/A100D13B31B3B47B8A440E86B5443E2156994819

MD5 a8f5f970d89f374feadaf0f2c11305e6
SHA1 0b602e3d7d7d7a55b5d21340a78b87b0c40e248b
SHA256 b4387bdb467177ae6eda96bf8da682fa28646fd557cdd697deb4bfb6ea105821
SHA512 56bb0108f710c72d0db0138d403a127eebc53ea2379b706ab380a817e224ccffe333003f85a064dac50d523116554d47937ad00905acafb9d11f6425b7476953

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.files/1

MD5 0c40063de91b8b8297f5398d04d72b22
SHA1 8355767bb03a3d894f5fd142f767518603adb3c7
SHA256 3cd2ee400a959dc53fd60776cbbe220aa752903b658b262788d2be974f341fc8
SHA512 34eef7708b456e637706e6e79a5911efbf1b747fe524dceace14f586ee09907ca2b893afdd0855495014789ecb7805b252b22201be91205e33227ea24aadc2ce

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/B788D3450EE9BCD7CAE9822543E153A810532243

MD5 391eacfad4741fbc4745558af538935f
SHA1 06f0a72942317e7b82dfb091c46be89758fcc7ba
SHA256 27d3ac6ef40d42ad26c5caaed9eea7b8cbcd6975e6832e68292268f5534439cc
SHA512 691ca083e9b07e4cb9da3feecfce1732172828fd7dc1a87bbe08100d7ada9e90d5240549d719308cb0830f13db61699b310d10d100437a25183fae413fb2b5a3

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/B788D3450EE9BCD7CAE9822543E153A810532243

MD5 ce5b701b0bcc097f8f246c93a582b746
SHA1 d7b39c64831a6de0eda677a16a73c9634c4dfd0f
SHA256 5df7de0d9f21d600176bb6db28689085afc577802e25ff499988d8740ee93156
SHA512 61eb03f615e41d3ef81f14d0561a67ca48323404f9985bae94cfe90212bdf7faf9c9638cf165d033afa3279bd7bc0ff41f77e94e9a1cc28e3c3370803f61a050

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 2963746e1bc1e9f8ac44b84566363ccb
SHA1 a2ca1027a27318ec7e66e04c0d0519172fea6387
SHA256 1fcb0e35debcb72be2753f3bc4289b3dae17a3985ac4656eb1886e19769cc26c
SHA512 7b9d3142947209940929367efb1805ce598fc924e5d30a66f56ea5f2d91856bb1d27dea931b93c77448cc868f514267c05350bda2e60c3127291c0c2d1d5843a

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

MD5 629fd5962f2e5a97290153fff038c8d9
SHA1 768a8209d5c3f9ab8a91ebed423c3ae84ef0a76e
SHA256 5b69a7b98546a8b5ed00091b37cdd0fb9be01605276a1704f017b68bbf1a0b94
SHA512 6b466df46222891b314f94b4cb19c07c3649684ff3fe2738aae9d641c77d7df160eb4438718db0cbb40949a24b1195d9f582eb8b5796b695f176e9c6ddf5642b

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/551EA70DC3C0F7CBF5ADA6CCC1755D9C7044E82C

MD5 04feda5c0849fc63bc893d01257c887c
SHA1 0c7c1e04c134c7de80169b69169047342d99925f
SHA256 36f5c32ff5903e6977057950585ca9b0455fc769e89290cb64f6b91eb7ae8cc8
SHA512 84571103f2129fa74945751d091d83ce7e41ebb083236b3ed02c51096766d886c29d09842c391407c7fcee5a9ae7ecba6f5cbf567492e78d5f0951d37015e1c4

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

MD5 7bdf808312550d4ecdf8af50928f5444
SHA1 201a68492e5c31efd3d3294f8e6177d44d504891
SHA256 b9ef9c1b00312fd4ec72528945c2b8610dc714bcd290f361dd139ad26fa228c5
SHA512 bc8ad97b459e3c2ce623edbfe17b3954e808b889fc45e83de2a9a6508187c5e4b31f38478e771d343603158ec799903a3c9af586e3a69f2e44521d6d9ba321f2

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 283b55073a53623d5865f3220c432273
SHA1 0f99975302d5fa04d50d78ab6a9356e2a4acaf0f
SHA256 e4229d005cb3d62b080df383f063826b7d477b7646050502bb7fc10a2c0c3273
SHA512 23384c535e5cec91de6062c1e7c5e5b031f9aec64b878ffce02975983d6ed5e0000d7c629a690c00a1778434a69c7dcb6c563958c7ea9cda27338a55288730ea

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/30F34EAA36BFA2091C6F178ED9BFE29C547FB4F6

MD5 fe0c80f7ed15416ab73bcd05aa53a9fa
SHA1 57c9b7ed50a8a57280d64a8fb49ced728cb77561
SHA256 53b5ba221f5f227a01fdf9016f0420848105528380cccc980b66d83b0712f40c
SHA512 616fe49f614e6cc5ed6a443fe0f27817bb6b4221ec17d2d8581cb6c2ce3902c343ec8cb932acc11d0e2fd8ef5a5ae7fa2a3cb5e02c516b627f654c55946c68b3

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 a7e097b872b317a2f5541987b2e598c2
SHA1 9c0cc1adaa22eee7497315ad67c57a9ac8c6ab67
SHA256 291a8548a278bb3631566691b3e893e3e5ad672a9c4f0f7b62e02e0a32f49e5e
SHA512 f81d9b221aad323f1c4cd55e64416cadeb087f7ed5d1eff6b5a984c65a9d7897cf7d7a56f90b3ae88273ce3d0b3f8c31326d14d6e24be098c7844329c2860703

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/4A310EEF15BA8905EFB4A4C053A96628E368E3B3

MD5 324683a391b7e0feefb92ce7fe63fc88
SHA1 d3a3aa64a1ce37b6e4a17551c4baa6a1aea87432
SHA256 b9999e22697141acbb0e2e0ad2cd9fe1ccbe01bcc4e03d0a1bc18b08274e3765
SHA512 19e3b5cc10891b8fe1e8721f54e9602d0c780cf091ea352de2c3454c0310eb967ee19c43c86426f58e2a86c536c4d0943c45db43dcc97faa3be8da9cdac3b6b7

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 6a03f327df3fbc61b32b80c987c0eb49
SHA1 a6573d4e9bc89c3cfbae6a4c2738b0642c376c48
SHA256 8cd268c6b714473a5ab505a91fdf05f14c788bb34afea60e152a598fdc682588
SHA512 e039434afd4f6674c48632d763f60f772d6db67d6280ab20e8f363445b624eaa5f8f68c5484ea6b570257ebd50b12c70156ea4a981875ba294c9810f4f90bb14

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 7332dfd25864be76055745a62f631466
SHA1 9052f4d098c6bd029c8d9dbe47afdb56fe6abb22
SHA256 6aa2d466b7f12ac6072987e1b116c6682def6e2a7c4a27cff0ecf86d97dbb161
SHA512 92e02ff9061596fab19136f4ca8d0851dbd4dd198f0ffc228f2310c6f531ac5f1d68ff4eb9b9b73bd576aa2c707922e57023b93e97db13625bcb9b82adea5dc5

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/C8A0038CBF646EF8976D3F18074D209A1EF6AA80

MD5 f853833d2208a971c6c7c4f08a1c80e0
SHA1 254eb20fa79f92dca125fcdbf4928607249327a5
SHA256 d1015b98266ddc486e32e61f148a7e8c80b7de7adf6d255483ad1939304cba32
SHA512 9b4bbda7fcebe115e55aaafb6c5d4bcf4d61cce37f313d6e3e060bbbf13926486e1cb9ea40bf8f1624936abb14b20b0fce7781d213050f5d20421466322b3323

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 f0a10f088a9d21d25b83ba59bf7767f1
SHA1 cc65cc2799dac5aa0bd13fcc4c00988e8d2965b2
SHA256 06842543966e15ff3d7a02220d235f50e2a6197b37b29ac4372354f09b43434c
SHA512 eb80250195fb4a20d194c8e9e424ab494dd88a0b793fb2e905c1ef43923c652813ebd40148f82fe605928f007115844cb80e9ca7f26e49d08e8e95a65bbc4e14

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/4C5A1680D3B63616E845ACA183DD3AF5AD89C635

MD5 cfcac4c45e1c5df0803418f6b3e8557b
SHA1 b643719b23107304a4874aa8f18539299afc4f41
SHA256 4bea500d4f1e4a7068eb83577a843adc70edbf90298b8c2530bfdc1e96d509ac
SHA512 cb897086a484c6da7370117f4c82e6738b6411ca11ab76bb362605e24c8a5717be5defacc546c6247bf7e89d670035bcbba56b4d8d38b73c64d40769e9dc0a1b

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

MD5 fedb2d077b6ec17daab45f0b9a023eee
SHA1 412fda1bad5e6166c7938e26c79a8e16f57e31d8
SHA256 cd6b053763a6f7249b3a6abcd7b62ea44e52ba8d459dc2c7bd05b37c1878d28e
SHA512 7aac633926089c59f6236cf4e8ec911afa9847bf28d68d252063bb45e7cffed334edfad5334dbc34ffe042ec2cecf1784bea927a536b3a5c7f2c04b515b961ec

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/8A4AD299B2F0E55A552D3CB09E7A57213CF46041

MD5 7f835ba79a207213a6d4dedc38aac750
SHA1 82386ec667e2cb74c4fed068bfc6c58f35ac7209
SHA256 ad946da8f2ccfbe67143fb3c323527471bc092e79194c0bd2960312609eed88f
SHA512 3ce710726f581434f14c95eb3126e548c784d9fafee4cfff0dc7fd29b7600247f53a16c8979421ab07dc47a2b0da3a48a13504aabd9cb48507ea097bf8625e15

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

MD5 9187b68eeabff5bbc5ba3bae1d234add
SHA1 3a82d5ef07a4951de2cf2df88522b2fd1d7bf356
SHA256 57779d0cbdd826d79a598df6a8e1dcd92d7c9d7fcc64234ac635b78cd53393fb
SHA512 2d9218a4602b258efc35458257999401ae4d7e8b623f6a2de6ff880f73d756496a4b3b23987c0795391cf3160a51a459b5fadb0e76c6029c3df1a627887900ff

/root/.mozilla/firefox/yone7b0x.default-release/prefs-1.js

MD5 52e7a5f695f41c83a7b1ac554fecb621
SHA1 d4d3fde284b60af1b23df2b38879dcf044950fc0
SHA256 5209cf02ff7a58380ed5cae4fecb26cf5a13ba51157022f155d9552f24409be8
SHA512 8a2b0010f5ecbfd113aa7d8e08fec81a900e476e3d3003cfed39740b6fba0668807e883a47b6b5b96c57d195dc00797a548363dd120bc5e7497d3bd098c08cf4

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 c369e163b68788b42ee0e6ccb6e455bd
SHA1 ede066aca039af47f9b95bcca5db24e44c5aa3e2
SHA256 343459683b06970ae1263bfa6ddd3e9c95eef8ad0384bc67cf3395b17208677d
SHA512 0671617c1622db2e4a61546ad021ed5de15cd027add6c36383b3238cd2c46c37adabf8d3142c8ea3b66098359c0ac6f08d6bc3e27ad0fc352108f5e29a91dcd5

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/B0E6C0C4F042DABAA19D184DFB0F40FB6CE29594

MD5 f4fdef1d01e9bf3fe34719d1e4cb9094
SHA1 4fb0a6d99981b9f5ca9fc71a89f3f9632e3890f4
SHA256 768d51b8dc89f3bcf978693dc8e24d9daec2e1bfec198e265ed4c572c927ffd2
SHA512 dce245e7199d605905e3a5a72222cad20b63cb7af30f9ee33d667f3fdc8cc2141e7995dce8c450e9dad30bd358db667b86e78cb73ee226b8f0b6eb8b1f73c4c4

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/B0E6C0C4F042DABAA19D184DFB0F40FB6CE29594

MD5 1d7e6ce6b44ff89db50477e4f1621bb8
SHA1 c14bbb27d0f73b5fb281ba3bc2a1270eec1db956
SHA256 87fc3ae206c445967c25846c1d015c316a0a5725d6b9417fe7f1018af9089c72
SHA512 0ff205ab3269bce0c7645598a8d3f9a92614c37e051559b2d9ab62a4f5cdd1a3452185b2f728d144131ce0e5a8c270fc1233a67cee84293a4b60ecb818fbe17c

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

MD5 a599e467ab2cdf7d044285220566f78c
SHA1 f45f1f6b51c08c59b6135133ae01022063598643
SHA256 f808d98ab1d470384472db2432929aac1fd3ab2d5df069a7de9129c48555bae7
SHA512 ba1cc05e98b4873f903969658869f2a8b7e067c9527fa4e06e55e3adaa2936e76443bde604ced4e1b566ea70114c0ce3648a9dbb62879535c57c2683afaf7d60

/root/.cache/mozilla/firefox/yone7b0x.default-release/startupCache/urlCache-new.bin

MD5 72675454232c8fa23c17f9bdfe18b7c2
SHA1 4ba084d06d2b6db272b4dad861ecd94d7b5c1ce3
SHA256 90858ffa40fb771dbd929d9ade1e08a230747cbecd2408708527ef0f619816e6
SHA512 d33b9cc436718018dc2c06449bc5b9ced9a34b3af7bab31c917247072cdd9fd9abda90524a97a0010973c2c6380b72f5e0749deb8e912e54d05e04d49e517f4a

/root/.cache/mozilla/firefox/yone7b0x.default-release/startupCache/scriptCache-new.bin

MD5 8179a95d7bb27e09789b5b6646506918
SHA1 2e69138ba2c2d4c297e7bff03652b45b8032cbed
SHA256 743df4af5d2bc8580842a61518c64261a3a18fd329682ed7937c04298f1a5b66
SHA512 a9f51f58f50bfedd0d85afd4928e8d1596a07c5e7a793c7cfb12b19a78286a2696f254c6464621bfeeac5adb664977fa53df3a1e2c47b09d6c78f092c624550d

/root/.cache/mozilla/firefox/yone7b0x.default-release/startupCache/scriptCache-child-new.bin

MD5 9202c94af1fd59e4b43efea3e8160f3f
SHA1 6dae4b85d53f9a0a3ad7a3cc36379ef78a20a219
SHA256 3b4c72418b16358712bf34983a4cc7b7560f2716b419e94cacc746294812ef6b
SHA512 8a293628a9e83a183554f779a2c38d7c1a5a1bc6887df35f89cf10d4d3581ed94f4c13b3104c481fbd839d30719265a45de5282d6f046c7f13ef684fa62b020c

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/FB890F623CF57448A41ABDBC2C81FA912594BE18

MD5 3f74319377d7efc0d20bf8eb4f4d67b0
SHA1 ecc15f9ee3182d903679aade73bda4ea4889a900
SHA256 b69b1dc837899ee7b76a37b3d0c540b268f31e22016cf323f83d0893f9d26db1
SHA512 3fd3687ff4800609391b03dede0c734ff367a64a2a13013ff51405ac9069109d069c6923cf549a0d499fa1232b25e6984916604ac444737cedcf74f180060cab

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/498812F2DAC5C908A634441E5DA79BA0F7F1F5D8

MD5 550ad743fe0918faaf4dd3b96b27a5bd
SHA1 b04a80ae31b3fc1b8e9bee2d9bb0b4529b95d062
SHA256 2bde4afcc28674f269029922b70ed0c1f83b62cdbd7b3ee9c209240f814f34b9
SHA512 6faab72293c48bfedf34bd07cf25a47070f70ac08f1a3ac067b7c8a6014129c29805276ce18091ba383f61e029be662ca1c036d5525310a21d89e20bc9b4030f

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/537F4E37E43266B3D908CE3DA434141C2D8B5739

MD5 32585df90c50533b9c61a2b4e0fae40d
SHA1 ba91f45906cb49d7fbeb787078ff5ba70e8e49bd
SHA256 eaa26577f298967cfcb5d8e7a0138eb2834bd173e1aa6e460b50beb0781e1362
SHA512 a6078fa12bf0abf78d6c061c92ba5c79690538955ea794bf473fdd348b55874511ffea59fb52f3e7cb3ca4ca97b76fa1abab9f924ef2afa2e5bb20fddb7d3be5

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/A100D13B31B3B47B8A440E86B5443E2156994819

MD5 d248fc084854da075aae467d24ab5423
SHA1 24ac22a1ce0dbaa31701a74d1f3e9f791df9a84d
SHA256 f8c93c63bcde22aac2af1aabf5ef235a6aaad049e84c98087014c564a5b67b8b
SHA512 14b7bd207756a8e26d0c02ae6fba22d919a870c3622f75eff9d8f1e27b3e8712946c56932d9996ca3bf8800c088ba7c5b5b56fca158a71ef0728ec9f73c41870

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/551EA70DC3C0F7CBF5ADA6CCC1755D9C7044E82C

MD5 74954222e2093b6f82720d67d941a551
SHA1 79feb84ce999efb91b6f3acca958f0397ed701c9
SHA256 341b1a042b3cbe9c759ace5651e44600dfc09cc1eaa533f53bccf45259a75b54
SHA512 50f10d72d16c526ecf5b148da41dd3d250ec4ebe47d16ef611e94ce4549925355e5b7484a8a91cbda1768b6fee5ab80bc89263f0a53b09614f7a3decf6f9a0e6

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/4A310EEF15BA8905EFB4A4C053A96628E368E3B3

MD5 7b695b36eaa4347ea7e3632f6467169c
SHA1 f13c9797b825ca13142a45e9baa0c859ef4d49c2
SHA256 eda000ddba3676b843cc6b9ae43cc9e50036d6070c7695c0e20b57fc6d33d3ff
SHA512 5451bb656c933e96144bbb5235e248386cc90ea1420a1a9b5b4be628b30ab949a1977f80704ed898f341c9911b61abad46df6da70ce89fd2dcfef5a0ad717066

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/C8A0038CBF646EF8976D3F18074D209A1EF6AA80

MD5 7650c0f3910ea54ef9737ad3bbb2a924
SHA1 3e5423f3819da68e355516cf9a52aa82d6989364
SHA256 44fe8a6f29060c996e980af959b3ce198fd502e1140bf594c4c9c0fdcc3c815f
SHA512 54ced9c69aff6a4d2b86dc76a15268b2d9e5d412179489f3a0f64e05f4002f2a42fff2b8d057e4fe61d2afc2aeee3f68e477a41bd9443bca2b88e34bdfc41fe7

/root/.cache/mozilla/firefox/yone7b0x.default-release/cache2/entries/4C5A1680D3B63616E845ACA183DD3AF5AD89C635

MD5 7494c654e0976cc7e67d8a8457a497ff
SHA1 bcfacd3d8fdca4cfff2126bef55f8d34c71b2fc7
SHA256 5845a0f86760b7597d130952956582c17de36eeb54c2adc38c3b05c55ef886b4
SHA512 78b5ff789f6faed5e31cfce1b90c16a051c2b6e6d804a5f266bbb76e9a6571f9d376f34b89ea5c51e09efe7ad754b710cc3a2165a7893c428ef83582577cffb2

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 e114e9d742cdd2e4fa2215a9534680b2
SHA1 d4c485b4c214fda49f8d13f52c7fde84fd6c4dfc
SHA256 a3b945eabaed0601cf71193fd7c76e175c0907449cff14364498336f9c98e42c
SHA512 00f7900c3a2d7f117ab24b9da82d38322e33208198e24b6ea4849a6a09bd09ff1e843b308e4ddf7b15cc0d2d42d7805c90eadd409b07fec4c1971c0e0df2a74f

/root/.mozilla/firefox/yone7b0x.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 ab217e3525c33405e824b2d24c1748ec
SHA1 d00b2daa761ff3f74763b93ac11c9d81e3e2e7ef
SHA256 ff490d25661d9392ffe04b8be9e39e3ce8de455c53790ec5ee6fb1a9aec7213b
SHA512 931457edb470662294cbab406be063ec47bc134b96a7c5852f38c4fa02263853a3740344012d8c50eab868495f4cc2cf8b7ec7f93a81aa3879eeb3b1f93971e4

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-16 09:56

Reported

2024-04-16 09:57

Platform

win10v2004-20240412-en

Max time kernel

45s

Max time network

46s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://dev-unumcarta.pub.network

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 5080 wrote to memory of 1844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 1844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 1400 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 1400 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5080 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://dev-unumcarta.pub.network

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd46ea46f8,0x7ffd46ea4708,0x7ffd46ea4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4920 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4920 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,4245051890366763690,2306988073930951172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3600 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 9.228.82.20.in-addr.arpa udp
US 8.8.8.8:53 dev-unumcarta.pub.network udp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 21.114.53.23.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
NL 23.62.61.146:443 www.bing.com tcp
US 8.8.8.8:53 146.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 104aab1e178489256a1425b28119ec93
SHA1 0bcf8ad28df672c618cb832ba8de8f85bd858a6c
SHA256 b92c19f079ef5948cb58654ce76f582a480a82cddc5083764ed7f1eac27b8d01
SHA512 b4f930f87eb86497672f32eb7cc77548d8afb09ad9fdba0508f368d5710e3a75c44b1fd9f96c98c2f0bd08deb4afde28330b11cf23e456c92cc509d28677d2cf

\??\pipe\LOCAL\crashpad_5080_CNTKNTLFJDLHUEJI

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 846ce533b9e20979bf1857f1afb61925
SHA1 4c6726618d10805940dba5e6cf849448b552bf68
SHA256 b81574d678f49d36d874dc062a1291092ab94164b92f7e30d42d9c61cc0e77c3
SHA512 8fb228fae89f063159dabc93871db205d836bdb4ec8f54a2f642bd0b1ac531eea0c21234a8ca75a0ae9a008d2399a9bf20a481f5d6a6eab53a533cd03aeaaa2c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a48a07123c58ae1288f445e6a526aa6e
SHA1 2eb7cc0bc63397694186889d9a438943d975fec1
SHA256 6a9f26b967e81ec79826aaa23e70ba8213c195f06fdbb434b6772927dbd477a6
SHA512 76b665f80ae992d17cd94e4fc5cc039c716316622e6ebf27a9e274ce2fa71aeed4a11e4ad5cf5072ad4ad90b0aede29bfd1e43d70a2a2c688601ce77f055c880

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3fa6c7d4acb86c69ab702bccf5bd3375
SHA1 cd10100b9d1261ab49a55b94e1c2a26816310a26
SHA256 4a3883922b515bdd310ad1b67e0d0fe093557564948e33c80e80b8ab456ef9c0
SHA512 3009e233aeea5e62d1e05777e0b4bacedcdaa025a26586835cec9aba3deb511ae3d42b025ab65ab7a763a462276848937fd8409ec51468bdecd5a7135680a084

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e18b6ce6fc077279e2a91edb73e6a981
SHA1 c54685045f3279720432075713fec1cdeacc7191
SHA256 cd4587a3b9195a138af74f37191276dfb69b87ea1e7b558bb280796265ea8cb2
SHA512 bdf46163f70e079bee389e84af596999d8958300165448d1abab0d9718b31d3785e0f69c118709d36e17959ce4c76a224474e3c8f255a76b46e8ddfc6e4c1a88

Analysis: behavioral2

Detonation Overview

Submitted

2024-04-16 09:56

Reported

2024-04-16 09:57

Platform

android-x86-arm-20240221-en

Max time kernel

20s

Max time network

41s

Command Line

com.android.chrome

Signatures

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 dev-unumcarta.pub.network udp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 1.1.1.1:53 safebrowsing.googleapis.com udp
GB 172.217.16.234:443 safebrowsing.googleapis.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.179.227:443 update.googleapis.com tcp
US 1.1.1.1:53 gtuvdgyklnbdf udp
US 1.1.1.1:53 wrtbgwan udp
US 1.1.1.1:53 lidpbyve udp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.169.46:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-04-16 09:56

Reported

2024-04-16 09:59

Platform

android-x64-arm64-20240221-en

Max time kernel

149s

Max time network

153s

Command Line

com.android.chrome

Signatures

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.42:443 udp
GB 142.250.178.14:443 udp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.169.46:443 android.apis.google.com tcp
GB 172.217.169.46:443 android.apis.google.com tcp
US 1.1.1.1:53 dev-unumcarta.pub.network udp
US 1.1.1.1:53 accounts.google.com udp
BE 142.251.168.84:443 accounts.google.com tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 dev-unumcarta.pub.network udp
BE 66.102.1.84:443 accounts.google.com tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 safebrowsing.googleapis.com udp
GB 172.217.169.74:443 safebrowsing.googleapis.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 172.217.169.3:443 update.googleapis.com tcp
US 1.1.1.1:53 lobsoyuojjhbfo udp
US 1.1.1.1:53 ajpvgzzgp udp
US 1.1.1.1:53 codqligzesovhrm udp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.195:443 update.googleapis.com tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-04-16 09:56

Reported

2024-04-16 09:57

Platform

macos-20240410-en

Max time kernel

73s

Max time network

75s

Command Line

[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window http://dev-unumcarta.pub.network"]

Signatures

Resource Forking

evasion
Description Indicator Process Target
N/A "/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall" "--install=/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz" N/A N/A
N/A /usr/bin/tar -Oxjf "/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz" GoogleSoftwareUpdate.bundle/Contents/Info.plist N/A N/A

Processes

/bin/sh

[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window http://dev-unumcarta.pub.network"]

/bin/bash

[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window http://dev-unumcarta.pub.network"]

/usr/bin/sudo

[sudo /bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window http://dev-unumcarta.pub.network]

/bin/zsh

[/bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window http://dev-unumcarta.pub.network]

/Applications/Google Chrome.app/Contents/MacOS/Google Chrome

[/Applications/Google Chrome.app/Contents/MacOS/Google Chrome --simulate-outdated-no-au=Tue, 31 Dec 2099 --new-window http://dev-unumcarta.pub.network]

/usr/libexec/xpcproxy

[xpcproxy com.apple.GameController.gamecontrollerd]

/usr/libexec/gamecontrollerd

[/usr/libexec/gamecontrollerd]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/chrome_crashpad_handler

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/chrome_crashpad_handler --monitor-self-annotation=ptype=crashpad-handler --database=/var/root/Library/Application Support/Google/Chrome/Crashpad --metrics-dir=/var/root/Library/Application Support/Google/Chrome --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=OS X --annotation=prod=Chrome_Mac --annotation=ver=101.0.4951.54 --handshake-fd=5]

/usr/bin/profiles

[/usr/bin/profiles status -type enrollment]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall --install=/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/developer_id_certificate_reauthorize

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/developer_id_certificate_reauthorize com.google.Chrome]

/usr/bin/tar

[/usr/bin/tar -Oxjf /Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz GoogleSoftwareUpdate.bundle/Contents/Info.plist]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (GPU).app/Contents/MacOS/Google Chrome Helper (GPU)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (GPU).app/Contents/MacOS/Google Chrome Helper (GPU) --type=gpu-process --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --gpu-preferences=UAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJgEAAAAAAAAmAQAAAAAAACIAQAAMAAAAIABAAAAAAAAiAEAAAAAAACQAQAAAAAAAJgBAAAAAAAAoAEAAAAAAACoAQAAAAAAALABAAAAAAAAuAEAAAAAAADAAQAAAAAAAMgBAAAAAAAA0AEAAAAAAADYAQAAAAAAAOABAAAAAAAA6AEAAAAAAADwAQAAAAAAAPgBAAAAAAAAAAIAAAAAAAAIAgAAAAAAABACAAAAAAAAGAIAAAAAAAAgAgAAAAAAACgCAAAAAAAAMAIAAAAAAAA4AgAAAAAAAEACAAAAAAAASAIAAAAAAABQAgAAAAAAAFgCAAAAAAAAYAIAAAAAAABoAgAAAAAAAHACAAAAAAAAeAIAAAAAAACAAgAAAAAAAIgCAAAAAAAAkAIAAAAAAACYAgAAAAAAAKACAAAAAAAAqAIAAAAAAACwAgAAAAAAALgCAAAAAAAAwAIAAAAAAADIAgAAAAAAANACAAAAAAAA2AIAAAAAAADgAgAAAAAAAOgCAAAAAAAA8AIAAAAAAAD4AgAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAHAAAAEAAAAAAAAAAAAAAACAAAABAAAAAAAAAAAAAAAAkAAAAQAAAAAAAAAAAAAAALAAAAEAAAAAAAAAAAAAAADAAAABAAAAAAAAAAAAAAAA4AAAAQAAAAAAAAAAAAAAAPAAAAEAAAAAAAAAABAAAAAAAAABAAAAAAAAAAAQAAAAcAAAAQAAAAAAAAAAEAAAAIAAAAEAAAAAAAAAABAAAACQAAABAAAAAAAAAAAQAAAAsAAAAQAAAAAAAAAAEAAAAMAAAAEAAAAAAAAAABAAAADgAAABAAAAAAAAAAAQAAAA8AAAAQAAAAAAAAAAQAAAAAAAAAEAAAAAAAAAAEAAAABwAAABAAAAAAAAAABAAAAAgAAAAQAAAAAAAAAAQAAAAJAAAAEAAAAAAAAAAEAAAACwAAABAAAAAAAAAABAAAAAwAAAAQAAAAAAAAAAQAAAAOAAAAEAAAAAAAAAAEAAAADwAAABAAAAAAAAAABwAAAAAAAAAQAAAAAAAAAAcAAAAHAAAAEAAAAAAAAAAHAAAACAAAABAAAAAAAAAABwAAAAkAAAAQAAAAAAAAAAcAAAALAAAAEAAAAAAAAAAHAAAADAAAABAAAAAAAAAABwAAAA4AAAAQAAAAAAAAAAcAAAAPAAAAEAAAAAAAAAAIAAAAAAAAABAAAAAAAAAACAAAAAcAAAAQAAAAAAAAAAgAAAAIAAAAEAAAAAAAAAAIAAAACQAAABAAAAAAAAAACAAAAAsAAAAQAAAAAAAAAAgAAAAMAAAAEAAAAAAAAAAIAAAADgAAABAAAAAAAAAACAAAAA8AAAAQAAAAAAAAAAoAAAAAAAAAEAAAAAAAAAAKAAAABwAAABAAAAAAAAAACgAAAAgAAAAQAAAAAAAAAAoAAAAJAAAAEAAAAAAAAAAKAAAACwAAABAAAAAAAAAACgAAAAwAAAAQAAAAAAAAAAoAAAAOAAAAEAAAAAAAAAAKAAAADwAAAAgAAAAAAAAACAAAAAAAAAA= --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=21]

/usr/libexec/xpcproxy

[xpcproxy com.apple.CoreLocationAgent]

/System/Library/CoreServices/CoreLocationAgent.app/Contents/MacOS/CoreLocationAgent

[/System/Library/CoreServices/CoreLocationAgent.app/Contents/MacOS/CoreLocationAgent]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=network --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=21]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=21]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Alerts).app/Contents/MacOS/Google Chrome Helper (Alerts)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Alerts).app/Contents/MacOS/Google Chrome Helper (Alerts) --type=utility --utility-sub-type=mac_notifications.mojom.MacNotificationProvider --lang=en-GB --service-sandbox-type=none --message-loop-type-ui --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=7 --launch-time-ticks=300263576 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=58]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=6 --launch-time-ticks=300316015 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=58]

/usr/libexec/xpcproxy

[xpcproxy com.apple.ViewBridgeAuxiliary]

/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary

[/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary]

/usr/bin/pluginkit

[/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync]

/usr/libexec/xpcproxy

[xpcproxy com.apple.pbs]

/System/Library/CoreServices/pbs

[/System/Library/CoreServices/pbs]

/usr/sbin/spctl

[/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdaterB516C108/OneDrive.app]

/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin

[/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin --productid com.google.Chrome --print-tickets --store /Library/Google/GoogleSoftwareUpdate/TicketStore/Keystone.ticketstore]

/usr/libexec/xpcproxy

[xpcproxy com.apple.SafariLaunchAgent]

/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent

[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]

/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin

[/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin -P com.google.Chrome --delete --user-store]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=8 --launch-time-ticks=304351712 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=72]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=12 --launch-time-ticks=304754335 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=71]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=10 --launch-time-ticks=304888802 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=78]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=11 --launch-time-ticks=304892246 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=78]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=90]

/usr/sbin/system_profiler

[/usr/sbin/system_profiler SPConfigurationProfileDataType -detailLevel mini -timeout 15 -xml]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=101]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=113]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=113]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=19]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=19 --launch-time-ticks=313359911 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=116]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=121]

/usr/libexec/xpcproxy

[xpcproxy com.apple.sysmond]

/usr/libexec/sysmond

[/usr/libexec/sysmond]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=118]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=119]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,13619444473145467429,16700505923689369400,131072 --seatbelt-client=118]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 mobile.events.data.trafficmanager.net udp
US 20.189.173.23:443 tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:53 dev-unumcarta.pub.network udp
GB 172.217.16.238:443 clients2.google.com tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 35.184.192.148:80 dev-unumcarta.pub.network tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 api.apple-cloudkit.fe2.apple-dns.net udp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google udp
GB 216.58.204.74:443 optimizationguide-pa.googleapis.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
GB 216.58.204.74:443 optimizationguide-pa.googleapis.com tcp
NL 108.177.96.84:443 accounts.google.com tcp
US 8.8.8.8:53 apis.apple.map.fastly.net udp
US 8.8.8.8:53 apis.apple.map.fastly.net udp
US 8.8.8.8:443 dns.google udp
GB 142.250.178.3:443 update.googleapis.com tcp
US 8.8.4.4:443 dns.google udp
GB 142.250.178.4:443 www.google.com tcp

Files

/var/root/Library/Application Support/Google/Chrome/Crashpad/settings.dat

MD5 c6db1caaee0095f017c09113d53ed054
SHA1 cc37e2b3948325a0eeb51080f45b17ebf52a7035
SHA256 ca3252b297284a87de2ee1688585f7c37d26b98c05d7ed04bd7d6df10c0d1476
SHA512 3013340ee4157dfef7dcacd690b840f12b876e8241d4e8bc419016d5336810ab77023cdbbeaa896544e4c29f386d21296649542ef2b0fc6b58c49e2ad0337d85

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsObject.db

MD5 d3a1859e6ec593505cc882e6def48fc8
SHA1 f8e6728e3e9de477a75706faa95cead9ce13cb32
SHA256 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c
SHA512 ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsDirectory.db

MD5 0e4a0d1ceb2af6f0f8d0167ce77be2d3
SHA1 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c
SHA256 cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030
SHA512 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

/var/root/Library/Application Support/Google/Chrome/Default/Site Characteristics Database/000003.ldb

MD5 5c4e7ade5753ab7de2c42c04111fa42e
SHA1 fb577b8c07d9617f507a3f2950df0a6dcfebe4e2
SHA256 d3979fd2d9ecfdb05498d79d1f24998c38cfd107e321f6810d8b7f9f12affd82
SHA512 7a7452bcd22e66190e36ff0036f21d854fa57bdcbaebf637aa3a6d932a385a7c90525ede0c124853c218445d583c0edcf45d12159ca452732f31d16c3901929b

/var/root/Library/Application Support/Google/Chrome/Default/Sync Data/LevelDB/000003.ldb

MD5 fe382e791274914bee5950777e4f1fd3
SHA1 53b523b5fc87e66f2520a0b5f9ea080072668f4d
SHA256 935d36c021d0e08a5648c622f3f6fde376e3310013680ae598c0e22dc943d132
SHA512 a5f608fb4f0a1dbc4c5d1b739b1a5b6f50cac1d6a61312b19abf9f601882a291d73524ac55bbe183e4e64db8dcc203d4bf3cedc734fd04bd448cb825d98d1e67

/var/root/Library/Application Support/Google/Chrome/Default/Extension Scripts/CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

/var/root/Library/Application Support/Google/Chrome/Default/Extension Scripts/MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

/var/root/Library/Application Support/Google/Chrome/Default/Session Storage/000003.ldb

MD5 38fc535a8f11d7e955ef58cc63158eff
SHA1 c45ad3ee106dbfb65dce7c09b53140f34454cd0e
SHA256 085c44dfa11e65ac3548c4d0fe1ae641570f90c7caaa2881c3990efcf555e6a8
SHA512 26e70000f77c1b6388dd470f9d7ec6bedc4fc3c43e48efcc853812eb076108bcdd9f50f7a89265e431d33df96e71755ca242dfd0aac16a51d99dea50a5a1e505

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.NadkxZ

MD5 541f52e24fe1ef9f8e12377a6ccae0c0
SHA1 189898bb2dcae7d5a6057bc2d98b8b450afaebb6
SHA256 81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82
SHA512 d779d78a15c5efca51ebd6b96a7ccb6d718741bdf7d9a37f53b2eb4b98aa1a78bc4cfa57d6e763aab97276c8f9088940ac0476690d4d46023ff4bf52f3326c88

/var/root/Library/Application Support/Google/Chrome/Default/shared_proto_db/metadata/000003.ldb

MD5 17a2dc5826aeb539547f00f52eccccd5
SHA1 fd36ad6db84312792cffac0267f6329b21727d66
SHA256 746da9cf33c3e4d29907dfdf1065f06ae16dcb5c2e9a34cfb5dd0dae9130f151
SHA512 6bca3e308d0446211570021c1f1dc6d8e9704a2a68a90c5c8daf26b20cb2702bccfae8ddfeb6f16c8bfea83e1b648810054a25a7967bb9539feb241f2950ea73

/var/root/Library/Application Support/Google/Chrome/Default/shared_proto_db/000003.ldb

MD5 ea517aa120c972c602673d331dfa35bc
SHA1 7ff539eec544cf306b80137bc182fb544e58aad5
SHA256 0c53b2ef8ec9bd6c3b81955b45cd9fc69705e7b435ad747b50c150c7e341f8da
SHA512 e2bc6f26b0db61af3b7f1648e890be2b748aa886ff3ab51e207a915432c6d9a426b188fe9c979b443e8fe8aad248442b20b2e6cd38f494264cb7cdbcaa88eecd

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/scoped_dirbP4ewX/CRX_INSTALL/manifest.json

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/scoped_dirbP4ewX/CRX_INSTALL/images/icon_128.png

MD5 30899b6c4e4a757b8ec6dd2208acdfb4
SHA1 f2c5880a724c6d75cce1b5191e0d82c3bc7de768
SHA256 4f17efbd974a41d88cb36567aab6bf4586579e78780f00b1826676819e14bff4
SHA512 58539e3f0ad7fef30792efcdbbd955599e11e4261c9946e7c3dff6267e01747354ea3b901c46fc8329f81c68afbeb2d05fe3fcb266bc5948de8befa5b8d040ee

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/scoped_dirbP4ewX/CRX_INSTALL/images/icon_16.png

MD5 344554d96e418120bd80ef5de5194697
SHA1 23e141c3a6ce368acc1c299f062ab85914bcb17e
SHA256 0a4bd08db6422f8e7a8a218ef39c1b99a5a675f12697f26be88f9afc2e1f9378
SHA512 7ae38853e5acca479d7fd81d48bb88c671cf4dce63342209bcff045ac581a04b7b0ed48f6c58253db950935c0522caaa4fbc6cf5a25151a8960ba56fc804569e

/private/var/root/Library/Application Support/Google/Chrome/Default/Extensions/nmmhkkegccagdldgiimedpiccmgmieda/1.0.0.6_1/craw_background.js

MD5 6eebed29e6a6301e92a9b8b347807f5f
SHA1 65dfb69b650560551110b33dcba50b25e5b876de
SHA256 04cd9494b0ed83924dad12202630b20d053d9e2819c8e826a386c814cc0a1697
SHA512 fede6db31f2ad242e7bc7b52a8859ba7f466a0b920a8dadcb32dcfb5b2a2742e98b767ff22e0c5bc5c11fec021240aa9e458486c9039eb4ebe5cf6af7be97bf2

/var/root/Library/Application Support/Google/Chrome/OptimizationGuidePredictionModels/a7e9124b-4401-45ce-9c6a-e2bc7dca4cb1/model.tflite

MD5 6d7c2f9e94664539dec99b3233301b01
SHA1 85812b004742cc1c211c92911131ce270f8ba769
SHA256 a0956386dc64fd9f4883c8741f950cd60a56859616b159c9e4251c9eb0ac5534
SHA512 4d06917f30651c3bf13c509aae79793b3f1ec93de12179464b18fd9fd16c7bf466884b1c70e425d7e937adde341cf24bd08f19a132bbb9683e804f29b4ed0c33

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.zn3UR4/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

MD5 b92bbcfd3c31f799c5863d78154db555
SHA1 86b1b058e1e7d2f1f35e830db446b59e15670e5e
SHA256 6f6bc93dcd62dc251850d2ff458fda96083ceb7fbe8eeb11248b8485ef2aea23
SHA512 38be0c179619c045a321d1fa2c67dda8419a33075a87f548feed9a858f5ba19b5b980c53d4a3bb5b745c7ce566b53773785aa1f7677e37dd5793ccae76e83787

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.e1Tu2d/lmelglejhemejginpboagddgdfbepgmp_442_all_ZZ_acy7defk7zfhlgrh3rutnme644jq.crx3

MD5 dd130d876b6436639d5b3b9ada352555
SHA1 e451180c5b296cbeade1fcd25192ce7d8d56e42d
SHA256 0312d42f5f3877a12e6f5da85001549cd9dd435debf72aee5652d1f6a550d351
SHA512 e0ddb76f8119466e435706c5bede42d83be5797ccbadb48eba5339d2582d1e038ae36bd667df4bcd09015e7889acee2124b013d5fc954bf2b15048f7c75c19d1

Analysis: behavioral8

Detonation Overview

Submitted

2024-04-16 09:56

Reported

2024-04-16 09:56

Platform

debian9-mipsbe-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A