Analysis Overview
Threat Level: Shows suspicious behavior
The file https://www.google.com was found to be: Shows suspicious behavior.
Malicious Activity Summary
Changes its process name
Reads user data of web browsers
Checks CPU configuration
Reads CPU attributes
Enumerates kernel/hardware configuration
Reads runtime system information
Writes file to tmp directory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-16 10:38
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-16 10:38
Reported
2024-04-16 10:39
Platform
ubuntu1804-amd64-20240226-en
Max time kernel
8s
Max time network
17s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | glean.dispatche | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cache2 I/O | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Breakpad Server | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Sandbox Forked | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Chroot Helper | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | MainThread | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Process | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | FSBroker1614 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | FSBroker1614 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | ProfilerChild | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | ProfilerChild | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
Reads user data of web browsers
| Description | Indicator | Process | Target |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage/ls-archive.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/addons.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/compatibility.ini | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/sessionstore-backups/recovery.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/cert9.db-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/key4.db | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/extension-preferences.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/AlternateServices.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/cert9.db | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/content-prefs.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/pkcs11.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/SiteSecurityServiceState.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/cookies.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/addonStartup.json.lz4 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/sessionstore.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/permissions.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/user.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/system-extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage/ls-archive.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/prefs.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/extensions.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/key4.db-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/cookies.sqlite | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/permissions.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/sessionstore.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/xulstore.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/cookies.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/cert9.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/search.json.mozlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/cert_override.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/sessionstore-backups/recovery.baklz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/sessionstore-backups/recovery.bak | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/key4.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/ClientAuthRememberList.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/cert9.db-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/times.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/sessionstore-backups/previous.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/shield-preference-experiments.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/sessionCheckpoints.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/handlers.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/cookies.sqlite-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/sessionstore-backups/previous.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/sessionstore-backups/recovery.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/s8rf5lyu.default-release/content-prefs.sqlite | N/A | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | N/A | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/online | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/size | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/size | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/class | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | N/A | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/resource | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/resource | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/class | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/class | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/resource | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/uevent | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/self/fd/51 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1621/stat | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/49 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd/35 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1703/stat | N/A | N/A |
| File opened for reading | /proc/1697/smaps | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/37 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/94 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1572/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/42 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/45 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-permission-store | N/A |
| File opened for reading | /proc/self/fd/75 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1762/stat | N/A | N/A |
| File opened for reading | /proc/mounts | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1570/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/34 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-document-portal | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd | N/A |
| File opened for reading | /proc/self/fd | N/A | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/43 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1663/cmdline | N/A | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd-fuse | N/A |
| File opened for reading | /proc/self/task/1738/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/38 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/48 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal-gtk | N/A |
| File opened for reading | /proc/self/fd/41 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/mountinfo | N/A | N/A |
| File opened for reading | /proc/self/fd/76 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/31 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/50 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1643/cmdline | N/A | N/A |
| File opened for reading | /proc/self/task/1783/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/39 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/46 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1731/statm | N/A | N/A |
| File opened for reading | /proc/self/fd/40 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1697/statm | N/A | N/A |
| File opened for reading | /proc/1652/cmdline | N/A | N/A |
| File opened for reading | /proc/1667/cmdline | N/A | N/A |
| File opened for reading | /proc/self/cgroup | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1731/smaps | N/A | N/A |
| File opened for reading | /proc/1648/cmdline | N/A | N/A |
| File opened for reading | /proc/1582/attr/current | N/A | N/A |
| File opened for reading | /proc/self/fd/29 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/6 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/44 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | N/A | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/lib/firefox/firefox | N/A |
Writes file to tmp directory
| Description | Indicator | Process | Target |
| File opened for modification | /tmp/firefox/.parentlock | /usr/lib/firefox/firefox | N/A |
Processes
/usr/bin/firefox
[firefox -new-tab https://www.google.com]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -new-tab https://www.google.com]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/lsb_release
[/usr/bin/lsb_release -idrc]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -parentBuildID 20230522134052 -prefsLen 19257 -prefMapSize 230809 -appDir /usr/lib/firefox/browser {a9c5819b-6455-4eb3-aaa2-0a28b5d5ef2e} 1570 true socket]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/libexec/xdg-desktop-portal
[/usr/libexec/xdg-desktop-portal]
/usr/libexec/xdg-document-portal
[/usr/libexec/xdg-document-portal]
/usr/libexec/xdg-permission-store
[/usr/libexec/xdg-permission-store]
/usr/libexec/xdg-desktop-portal-gtk
[/usr/libexec/xdg-desktop-portal-gtk]
/usr/lib/gvfs/gvfsd
[/usr/lib/gvfs/gvfsd]
/usr/lib/gvfs/gvfsd-fuse
[/usr/lib/gvfs/gvfsd-fuse /root/.gvfs -f -o big_writes]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 21807 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {1882df11-b780-457b-b7a8-ad55f2f41257} 1570 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 21475 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {ea55e68c-427a-413e-b9d1-eab75d6b5dbe} 1570 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 21824 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {11848233-1603-4a78-bd1e-2192d4e2a83c} 1570 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 27881 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {75bb4b45-b545-4f08-a582-688318c8d804} 1570 true tab]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 151.101.194.49:443 | tcp | |
| US | 1.1.1.1:53 | cdn.fwupd.org | udp |
| US | 1.1.1.1:53 | cdn.fwupd.org | udp |
| US | 151.101.194.49:443 | cdn.fwupd.org | tcp |
| GB | 185.125.188.61:443 | tcp | |
| GB | 185.125.188.61:443 | tcp | |
| US | 151.101.65.91:443 | tcp | |
| US | 1.1.1.1:53 | ocp-ingress.fastly.gnome.org | udp |
| US | 151.101.1.91:443 | ocp-ingress.fastly.gnome.org | tcp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| GB | 18.245.162.105:443 | services.addons.mozilla.org | tcp |
| GB | 18.245.162.105:443 | services.addons.mozilla.org | tcp |
| GB | 195.181.164.14:443 | tcp | |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | locprod2-elb-us-west-2.prod.mozaws.net | udp |
| US | 44.240.56.209:443 | location.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozorg.moz.works | udp |
Files
/root/.mozilla/firefox/Crash Reports/InstallTime20230522134052
| MD5 | 1adeb69fdf33ba73cbda105798c0dbe1 |
| SHA1 | 306cac07988ea06f341f9122eefbc34182e6b202 |
| SHA256 | aae984da17fb75b07cfafb1210825d535fe0b47b21ac347f26e01c8398a3754e |
| SHA512 | 961b025d751d772536828b7e33f16dc20f1fbfe8284cbec8274f6759a2cc1ea055f80e1dfecca3c538fe3cae931470d836447d50ef646e538669d48385eb9244 |
/root/.mozilla/firefox/s8rf5lyu.default-release/times.json
| MD5 | 826cc83449f8a06d16a266dfbe83891a |
| SHA1 | b41e8c87038a1997dd2bf96df3e43175d5660070 |
| SHA256 | 5a597c2264dac5159643e049fdaf252cc28cb8223bb9177275ebabe2b7336a3d |
| SHA512 | 740317781427cc6f23c52f14147f9efae6a2269b1d09ddb80cf4acb29c413d772142608db2fdc562054e6d7435efa665b6b31fc747eec9f7cee141ef13839e7c |
/root/.mozilla/firefox/6ovharwt.default/times.json
| MD5 | 19f975cf33f6f311c2f20183b2ba9694 |
| SHA1 | 16c287ae4d89f3d5742051ba65b835ed30d5a3d9 |
| SHA256 | 7729ef0c1878909db7ee7b410278c719afa45000cdf9b8566e4114b7397640fe |
| SHA512 | b573ac50f135fd72b3d58be726c974978f6cf8e2d5f58a880e8f799007d3724ce7f099e8a2569855f93ecdfea441235fd1b7fd23534d102fb98c02c60778e834 |
/root/.mozilla/firefox/installs.ini
| MD5 | d517f1dbf6f9e1fa10ce1c431828c67d |
| SHA1 | 6f113c4d16d0d7c20801632a34f5b22064c13b2e |
| SHA256 | c864cffd84b153e2fa56097c4c10e88fc9dae08ad6b9ee29c6c1735e2018f042 |
| SHA512 | 729d9c6a15c3d43dee096f106d6c8258cabc1998f959de560f090b56dd4af97985daef91b833a6c1359c1bbbafee9302e4a84d41014f88328c18abdb9a7d9471 |
/root/.mozilla/firefox/profiles.ini
| MD5 | f4ab89ba9bdfd3dde1b3e88208c0ecf3 |
| SHA1 | 13d8b5b346386805343625da8650430c355660b7 |
| SHA256 | 9320761750972f89fd6c8bde1475572af1847f22a6f988f55065a9ed25135dd9 |
| SHA512 | 0de6da16a2422f86eb870f7d98a4df770f6610404e80b53b91955a0e2739f42e089585691194cbe60049dd2888c257d5ef43f536fc7fd4b497d3f43207a18a27 |
/root/.dbus/session-bus/11c67417355f45d397f6be11f62e85a6-0
| MD5 | ef3d3c3ccf6559d5bc8a2bedd006fdc0 |
| SHA1 | 64e1ee3406593060fc5bd162c28de03faf1e6f61 |
| SHA256 | ad1c37f92fa2338383e663e48a57107e573722191537ef79f67c9e7b9a02e858 |
| SHA512 | 252d91d7eccb0bad04fccc706610015ad73a530330d1511b381e602bf622c17070a808baee909c91fc637b77ebd40061bbb1960e6b07cf93e3ccac3992af7f6f |
/root/.mozilla/firefox/s8rf5lyu.default-release/compatibility.ini
| MD5 | fe452b7294d5928a9a5863b89ee0a6bd |
| SHA1 | a5d4c245071fa96476ba48b4725bdae7f1b7940f |
| SHA256 | d5bfb07561606a19aa96557ea109b175050dc0eb805cbef9c813503587d77900 |
| SHA512 | dc37d8507f08849e3382d2dbafd4a64555dbd57a288c95131e9aefb366630f1585811a9e1456b861bb9d2b816ed88b18ffb7580cd92b41bb9b0227ce1363843e |
/root/.mozilla/firefox/s8rf5lyu.default-release/cookies.sqlite
| MD5 | 9535f5fe817accc769c2c1d3354db39f |
| SHA1 | 6af62cf08717cf3bfa84eb1a7b311acf522ce560 |
| SHA256 | c53c15fcfac2bb57fdc88d23f932fc244dbaf4020f0f6eaecf0f77a37c21f8c5 |
| SHA512 | dc9c2c32eb42dda0a7a711e143aea58c603c1e9d885c3677e9fe86f525e1b0b32a46e240756263e56510b07e764ba69f2de13b90ec18210678242e10cfe17837 |
/root/.mozilla/firefox/s8rf5lyu.default-release/cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
/root/.mozilla/firefox/s8rf5lyu.default-release/prefs.js
| MD5 | fb5a634024117eaea5de7f0a8b8f0121 |
| SHA1 | 1290a82bf57836f5791445e5a3dcaf4e99ba8423 |
| SHA256 | f4e01e61503235e8efbd05892dc1caf0ba36295506b04afab16fc906cfe4efb7 |
| SHA512 | c8f5acfe7d91a889faccdf032737e1b9afef2c29c85efe61083330087985fddd13230d0a73c3733b1a794facf19e9385810c30134db27650652d24d31f0d1bc3 |
/root/.mozilla/firefox/s8rf5lyu.default-release/storage/ls-archive.sqlite
| MD5 | e0c613bfd69956a19ce2dc5e925aa223 |
| SHA1 | 14accb230edcd6cb76967cdc6d4e5686db96b5df |
| SHA256 | 0d4cb11f6364c46a75f9eaddfca5c660b90dfd515df3afcd5e0baeca28a0f1ab |
| SHA512 | 01643c0131a392be92b3f281d7f633c1f502bff19090b0d716f1ac66aefecc3fcf92f393bef66b03089c9b9c6d8aaeb711b6a4f29d5a6729dd188c838f2272d1 |
/root/.mozilla/firefox/s8rf5lyu.default-release/storage/ls-archive.sqlite
| MD5 | 178d71e5529d637ac62f7e75fdd75896 |
| SHA1 | 339f2b949cc4c207b66aea11137448ba28d36dcb |
| SHA256 | 7b0050f1bfaab85c8f9067ae7d7369056ff752c0c852ef1462a96c22169004d4 |
| SHA512 | ec0e0105fcfbbae356dd55efbcf92975f35bbe5cb93fcabf4c08443e871957635d14830b27c4e1ddefbbaff8f9b7ec3590bf417a9442e1d7ee3607d14d56f664 |
/root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/.metadata-v2-tmp
| MD5 | c3afb06b17258e1b836cc3f8a8408496 |
| SHA1 | b9cb03a00cc4c51c436a224250ccf882a17b3227 |
| SHA256 | 70ad28a63b28167142e6175c4e33faa18602d659fc0468527b9dd7bad318d06c |
| SHA512 | 9ec84a8fdc876e08ae45c1e22de955be2aae57cf5e26f76707486c7dd52efb7b7ce3a5080dbc7887c73b4d2ac43e93e948cf7e12792b763a906fab99ecda3bc6 |
/root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 07a412e08825220262ad2890757ff779 |
| SHA1 | f46c127dbc070ded87a6078b3c1c761955f96de8 |
| SHA256 | da640f8b665841b520d2262a21cc3f82aeaa881cf81a1ddae27ef501d66544e4 |
| SHA512 | 0134c783bf3293848e479b478ac57a1e0f4202cddfb8b57bc6275aada7345f398cf8a627e9b1c34fd618192c2f0c9737b1da487daf33f9c557ebc1377105582b |
/root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | d1bb09e2dca26fc93a8df27b7f2ede5f |
| SHA1 | 4d1c9d418dcdab09faf6cf21797439c301088b39 |
| SHA256 | f942fdf74aa1ce0ea08dcae190023018027dae820cdeda01a8caa4ef2c8ef22b |
| SHA512 | 6c0185ae3f3030431f5138a324de987ae85eb9e25b586f49dd0805123c502ee790ee6d52d6a1e86686e60c02db6f4efb3e00e977ebd7af7e98503e0e766608d2 |
/root/.mozilla/firefox/s8rf5lyu.default-release/prefs-1.js
| MD5 | 7c8034af5fdba0a8ef1d5b2101cbb643 |
| SHA1 | 9ed12b37599db5927663495b7e7bf949fad7f1de |
| SHA256 | ae3431d8c3f085682555c709fdc8c8cf96414f614497b51a4b5080f95e3e83d3 |
| SHA512 | fec7ab4262484f457e006b46f87cae98a0ecbee50b0cf25123e9f8649858cc52733447aec60b9678001f844e74fe34623abcc5833ce600c85050ccb8a63493f9 |
/root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | c78043f7af401d1cb50bca238651c064 |
| SHA1 | 18a92cf4f10cfbb2b785bd24556acbae2f01fed0 |
| SHA256 | 65b528a2beb7855dc1e2286ac6778bc057d7935f0dd699caaa129a1f673a6157 |
| SHA512 | 3020c71f77b314cd9ca98ed0ecd7b0f3d5f2c9f4d7178e28012f21e8ce2152e06530b0cf61fce8016be159eda547dc02dbd3e117eabae9b4f0f188675ec02d35 |
/root/.cache/dconf/user
| MD5 | 06ac3c9e7b3f15660c5294badde2dfa1 |
| SHA1 | eaba1526c0f451ade3466c0c4f660c6cd4df3f48 |
| SHA256 | a1f386a0ecb061b3c46a038616212779858ba7258b2eccb818a64986c97282da |
| SHA512 | ea4e7ad8938bacf96f5ccaecf2e1cda16fa30533db7607cd57345d28e296a7d3f6bb2cde357295f5865fba42b5fe8a482443a481a5fb52606e280cf12b3a41ca |
/root/.mozilla/firefox/s8rf5lyu.default-release/permissions.sqlite
| MD5 | 232fbc22dd03a8ec41edde02bdbea61c |
| SHA1 | 6ab4b39bca95418c52f7f861fd39e5fddb9cc7b6 |
| SHA256 | d88bf367aaf79efbb2e8fbdb1dc5bde1c1c3a53e0f4d8188027a63ec55d5f5f0 |
| SHA512 | 055f1595f4a327347671db53cec8d89a310109d3f871c567e3d5b654b956fc0369d12437f7dc6d9327b973008f1327ee0dfdb5504f1b3cbe00da29941b1e5892 |
/root/.mozilla/firefox/s8rf5lyu.default-release/prefs-1.js
| MD5 | 38d5323d1b924c20b1737f49ef96b86f |
| SHA1 | c2f5a056c1f3dc94464ff27c0eab00c76b17dacb |
| SHA256 | 650edb42bce031955366a4eab23ac00bdf0d2cc1e842c87961ef61e3c963c414 |
| SHA512 | a0b65584eaae037b4fd4c567cf7bbfe6872e37905a79a44e200d0673d088279093f31ce958047579b6e5d2161e188b8ec166bf8dbe0db6eb4c1f4d330e164ace |
/root/.mozilla/firefox/s8rf5lyu.default-release/times.json
| MD5 | 22c37b799e556edb36edaecbfd4e8a0d |
| SHA1 | d75b7639d94b49d208608a25061315b03ae3325b |
| SHA256 | 4f40df9447d299f6d04c1a18111e3358648785ae23c7fcf2e30242f73603004d |
| SHA512 | 7d105a9ae674776c3ee676b6a0f6811760340294edfe17fdeafe0324678978ae5cc83df3fc50b66b1e25f24ef58d4389d8def8389ce2665f5a2124a98da7a441 |
/root/.mozilla/firefox/s8rf5lyu.default-release/cert9.db
| MD5 | 85588ae2d1f1652a5277bd910d5bef2b |
| SHA1 | 512885c62c1fc1cc66829c5e62ba07f1d5036e8d |
| SHA256 | cece06d3fd0e91ba6dc9540ad642692bbb5a59897808d9fc22f79e1a0fab900f |
| SHA512 | 21dd3133fe87575f73fa50a8fcc95fb3f605bf85a97daa1927b329e355d75e164e7db7ab1e2fcfb45427f8a65b1728fd5da03f838e29b07f95d9c8f76f4ef2ad |
/root/.mozilla/firefox/s8rf5lyu.default-release/key4.db
| MD5 | 472f744837603feb97908e9546b289ad |
| SHA1 | afdaa965c263e872fc0ef5e23ee1680215ee9303 |
| SHA256 | 94fc79f812774bf2af20132e6cd2b01624116e1124aaed292a64fcf5c15d9b8f |
| SHA512 | 931af39ed5b2e5755cb8412601d159488e0a75b5e349b60327ffe47a9a1c00a953bfaa5259eba0a37563458eb3c6b2614d91641c07b3370dfa18a2d4db41aa9b |
/root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | 759544297aaa61f5fef8ee42d0ae4393 |
| SHA1 | fc2d66f6e60409e3e8d38623ce5f817fc7f571e0 |
| SHA256 | 1bd2000cd972e80cefaec6e982ba261d224a818f367de0fdf8c51fa5a05d7ab5 |
| SHA512 | 8aaa2ce66f10d46f7c9200af841ac7bd9f5b55c30308a14f0deda44ac62581c45daae45154487c0073a0d5847d5926cbb4072ca64a702ac6b834ad0bb482804f |
/root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | f3e7dd6ce74646e9c840d79db3e723c1 |
| SHA1 | 3639e7fe24ac5c0fee0d2d28dfa5b79767c7f9ee |
| SHA256 | 60c22d729fc8425e2040a0a14ea9dc9e2bfe197a7034b7913448e82267394706 |
| SHA512 | db51d8eae0863d8b10aed56c2c8340e62cf80c2706fe17f95e914006206df21b1bc66befccada2e86a5de24124af61ac2dd86b403b86c82ac05c119445177c6a |
/root/.cache/mozilla/firefox/s8rf5lyu.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F
| MD5 | cccf9db77f8657d30d39ded3905f1e69 |
| SHA1 | ad1c9edd64832193a84c9983663acfa0651cb6d6 |
| SHA256 | 980c110924a914b76b82f956c7ac7f6affcdcc96915f3d46b6965cd455eb0ae7 |
| SHA512 | b6d1d5d86d35a5825fd7e099dd41a09da337d0b120412d7f5da38275235e993ef547723a0be4b408b65ea0310a276ccb6144364594d51e89a975fc40de7c504d |
/root/.mozilla/firefox/s8rf5lyu.default-release/prefs-1.js
| MD5 | dc7ba924aa9ea4f06de1a80be3bb7890 |
| SHA1 | cf850a6ef524cf43565d61167d97bc401723eebf |
| SHA256 | 8e0f305cadaca95c35244d3e4e30a3e5a7d7c78396ae1e2f26e8a11fd1d23272 |
| SHA512 | 5da0c5fa0f0e657f69ecc99ae559b4ac62f485cf9ea29a8497faa27c3e46cc885b0da85402854d7151688f3efc8f31d5dcd3d73e6f0e12685bba0dce2686c914 |
/root/.mozilla/firefox/s8rf5lyu.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | dd3f6ba37c670af5953593535e435d04 |
| SHA1 | ecfe4e650a050bce77e8ff7468de04c1b8acc9a4 |
| SHA256 | 5cc6fa137a1f3a7d0b615b178877f12c460b22f95702eb7534d5732ee6599561 |
| SHA512 | 86e0482543faae6fb279ca71e1e6d6461d32317e74baebb3973e0fde9800107faeb9c2347be6cf8a47556ae43c8e6c224a595e952f621e40ad2c5eba920df2b3 |
/root/.mozilla/firefox/s8rf5lyu.default-release/prefs-1.js
| MD5 | d35de6a1f338bc0aa221c54cafbaa85a |
| SHA1 | 55ccf6dce3acac54734716e28b47b63e3dc6487e |
| SHA256 | b63b9a1f474e80bfa5c64028085aad9dd0f270f97eabadb0fd0205cd5f8b7fa1 |
| SHA512 | 88799e20b9af608c88504bac9d3a5f8287e3683d1b5826d4e71a5344b33ec854588bc3f0d9c2a11322ecf09f7d095f2670b73e1106be487c933d403586a0e1bf |
/root/.mozilla/firefox/s8rf5lyu.default-release/prefs-1.js
| MD5 | 21c49ec1a3c99f4ae6d0355c7c942096 |
| SHA1 | 9f6d8496cf9634980761a23dbc82b49dc2d115e4 |
| SHA256 | c1a88bdbdcb38d629a0c57f4b62a00298e8eb2cbb65d0589145c1eedff86e0c0 |
| SHA512 | 490dec2f7eece4c9114c17877a1f2b9547f0d88ab352d7b269667ccabcd5cee3beda5412b7703b0e1e94aff47fed097ad41ae1b80363abab3268a6db15efb974 |