Analysis Overview
Threat Level: Shows suspicious behavior
The file https://www.google.com was found to be: Shows suspicious behavior.
Malicious Activity Summary
Changes its process name
Reads user data of web browsers
Checks CPU configuration
Reads CPU attributes
Enumerates kernel/hardware configuration
Reads runtime system information
Writes file to tmp directory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-17 01:28
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-17 01:28
Reported
2024-04-17 01:29
Platform
ubuntu1804-amd64-20240226-en
Max time kernel
3s
Max time network
53s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | glean.dispatche | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cache2 I/O | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Breakpad Server | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Sandbox Forked | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Chroot Helper | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | MainThread | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | FSBroker1609 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | FSBroker1609 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Process | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | ProfilerChild | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | ProfilerChild | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
Reads user data of web browsers
| Description | Indicator | Process | Target |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/sessionstore.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/cookies.sqlite-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage/ls-archive.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/idb | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/addons.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/SiteSecurityServiceState.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/sessionstore-backups/recovery.baklz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/addonStartup.json.lz4 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/key4.db-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/system-extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/permissions.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/AlternateServices.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/sessionstore-backups/previous.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/prefs.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/cookies.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/sessionstore.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/sessionstore-backups/recovery.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/sessionCheckpoints.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/key4.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/compatibility.ini | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/user.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/cookies.sqlite | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/handlers.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/permissions.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/cert9.db-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/ClientAuthRememberList.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/extensions.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage/ls-archive.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/pkcs11.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/cert9.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/cookies.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/extension-preferences.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/times.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/2os78b0c.default-release/cert_override.txt | /usr/lib/firefox/firefox | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | N/A | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/online | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/uevent | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/resource | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_device | N/A | N/A |
| File opened for reading | /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/class | N/A | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/sys/kernel/cap_last_cap | N/A | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/47 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd-fuse | N/A |
| File opened for reading | /proc/self/stat | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd/44 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-document-portal | N/A |
| File opened for reading | /proc/1637/cmdline | N/A | N/A |
| File opened for reading | /proc/1648/cmdline | N/A | N/A |
| File opened for reading | /proc/1652/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd | N/A | N/A |
| File opened for reading | /proc/self/fd/40 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/39 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/51 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/mounts | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1584/status | N/A | N/A |
| File opened for reading | /proc/self/fd/49 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal | N/A |
| File opened for reading | /proc/self/fd/38 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/46 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1616/stat | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal-gtk | N/A |
| File opened for reading | /proc/self/cgroup | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/mountinfo | N/A | N/A |
| File opened for reading | /proc/self/fd/41 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/29 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1633/cmdline | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-permission-store | N/A |
| File opened for reading | /proc/1657/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/6 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/33 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1584/attr/current | N/A | N/A |
| File opened for reading | /proc/1572/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/43 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/48 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1628/cmdline | N/A | N/A |
| File opened for reading | /proc/self/task/1574/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/42 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/45 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/50 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd | N/A |
| File opened for reading | /proc/self/fd/76 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/31 | /usr/lib/firefox/firefox | N/A |
Writes file to tmp directory
| Description | Indicator | Process | Target |
| File opened for modification | /tmp/firefox/.parentlock | /usr/lib/firefox/firefox | N/A |
Processes
/usr/bin/firefox
[firefox -new-tab https://www.google.com]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -new-tab https://www.google.com]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/lsb_release
[/usr/bin/lsb_release -idrc]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -parentBuildID 20230522134052 -prefsLen 19257 -prefMapSize 230809 -appDir /usr/lib/firefox/browser {e51d1175-1d08-4a4a-8650-4b56c0d3c8cb} 1572 true socket]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/libexec/xdg-desktop-portal
[/usr/libexec/xdg-desktop-portal]
/usr/libexec/xdg-document-portal
[/usr/libexec/xdg-document-portal]
/usr/libexec/xdg-permission-store
[/usr/libexec/xdg-permission-store]
/usr/libexec/xdg-desktop-portal-gtk
[/usr/libexec/xdg-desktop-portal-gtk]
/usr/lib/gvfs/gvfsd
[/usr/lib/gvfs/gvfsd]
/usr/lib/gvfs/gvfsd-fuse
[/usr/lib/gvfs/gvfsd-fuse /root/.gvfs -f -o big_writes]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| NL | 52.222.139.37:443 | services.addons.mozilla.org | tcp |
| NL | 52.222.139.37:443 | services.addons.mozilla.org | tcp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | locprod2-elb-us-west-2.prod.mozaws.net | udp |
| US | 52.34.56.182:443 | location.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| NL | 172.217.23.196:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozorg.moz.works | udp |
| DE | 13.32.119.185:443 | www.mozilla.org | tcp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| NL | 172.217.23.196:443 | www.google.com | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | tcp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | shavar.services.mozilla.com | udp |
| US | 1.1.1.1:53 | shavar.services.mozilla.com | udp |
| US | 1.1.1.1:53 | shavar.prod.mozaws.net | udp |
| US | 44.239.14.124:443 | shavar.services.mozilla.com | tcp |
| US | 151.101.130.49:443 | tcp | |
| US | 1.1.1.1:53 | ogs.google.com | udp |
| US | 1.1.1.1:53 | ogs.google.com | udp |
| NL | 142.250.179.206:443 | ogs.google.com | tcp |
| US | 1.1.1.1:53 | apis.google.com | udp |
| US | 1.1.1.1:53 | apis.google.com | udp |
| NL | 216.58.214.14:443 | apis.google.com | tcp |
| US | 1.1.1.1:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | img-getpocket.cdn.mozilla.net | udp |
| NL | 142.250.179.206:443 | ogs.google.com | udp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | play.google.com | udp |
| US | 1.1.1.1:53 | play.google.com | udp |
| NL | 142.250.179.142:443 | play.google.com | tcp |
| US | 1.1.1.1:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | a1887.dscq.akamai.net | udp |
| US | 1.1.1.1:53 | getpocket.com | udp |
| US | 1.1.1.1:53 | getpocket.com | udp |
| US | 1.1.1.1:53 | www.menshealth.com | udp |
| US | 1.1.1.1:53 | www.menshealth.com | udp |
| US | 1.1.1.1:53 | www.hellofresh.co.uk | udp |
| US | 1.1.1.1:53 | www.hellofresh.co.uk | udp |
| US | 1.1.1.1:53 | hearst-hdm.map.fastly.net | udp |
| NL | 216.58.214.14:443 | apis.google.com | udp |
| NL | 142.250.179.142:443 | play.google.com | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 151.101.193.91:443 | tcp | |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| GB | 195.181.164.14:443 | tcp | |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | www.nytimes.com | udp |
| US | 1.1.1.1:53 | www.nytimes.com | udp |
| US | 1.1.1.1:53 | www.idealhome.co.uk | udp |
| US | 1.1.1.1:53 | www.idealhome.co.uk | udp |
| US | 1.1.1.1:53 | g.sni.global.fastly.net | udp |
| US | 1.1.1.1:53 | nytimes.map.fastly.net | udp |
| NL | 172.217.23.194:443 | udp | |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.98.75.36:443 | tcp | |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | www.amazon.co.uk | udp |
| US | 1.1.1.1:53 | www.amazon.co.uk | udp |
| US | 1.1.1.1:53 | www.vodafone.co.uk | udp |
| US | 1.1.1.1:53 | www.vodafone.co.uk | udp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | www.reddit.com | udp |
| US | 1.1.1.1:53 | www.reddit.com | udp |
| US | 1.1.1.1:53 | www-live.waf.digital-prod.vodafoneaws.co.uk | udp |
| US | 1.1.1.1:53 | www.bbc.co.uk | udp |
| US | 1.1.1.1:53 | www.bbc.co.uk | udp |
| US | 1.1.1.1:53 | reddit.map.fastly.net | udp |
| US | 1.1.1.1:53 | bbc.map.fastly.net | udp |
| US | 1.1.1.1:53 | www.ebay.co.uk | udp |
| US | 1.1.1.1:53 | www.ebay.co.uk | udp |
| US | 1.1.1.1:53 | www.theguardian.com | udp |
| US | 1.1.1.1:53 | www.theguardian.com | udp |
| US | 1.1.1.1:53 | e11847.a.akamaiedge.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 34.107.243.93:443 | tcp | |
| US | 34.107.243.93:443 | udp | |
| US | 1.1.1.1:53 | incoming.telemetry.mozilla.org | udp |
| US | 1.1.1.1:53 | incoming.telemetry.mozilla.org | udp |
| US | 1.1.1.1:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 34.120.208.123:443 | incoming.telemetry.mozilla.org | tcp |
| US | 1.1.1.1:53 | fp2e7a.wpc.phicdn.net | udp |
| US | 1.1.1.1:53 | www.independent.co.uk | udp |
| US | 1.1.1.1:53 | www.independent.co.uk | udp |
| US | 34.120.208.123:443 | incoming.telemetry.mozilla.org | tcp |
| US | 1.1.1.1:53 | www.harpersbazaar.com | udp |
| US | 1.1.1.1:53 | www.harpersbazaar.com | udp |
| US | 1.1.1.1:53 | www.healthdigest.com | udp |
| US | 1.1.1.1:53 | www.healthdigest.com | udp |
| US | 1.1.1.1:53 | www.vox.com | udp |
| US | 1.1.1.1:53 | www.vox.com | udp |
| US | 1.1.1.1:53 | inews.co.uk | udp |
| US | 1.1.1.1:53 | inews.co.uk | udp |
| US | 1.1.1.1:53 | vox-chorus.map.fastly.net | udp |
| US | 1.1.1.1:53 | safebrowsing.googleapis.com | udp |
| US | 1.1.1.1:53 | safebrowsing.googleapis.com | udp |
| NL | 142.250.179.202:443 | safebrowsing.googleapis.com | tcp |
| NL | 142.250.179.202:443 | safebrowsing.googleapis.com | udp |
| US | 1.1.1.1:53 | www.rollingstone.com | udp |
| US | 1.1.1.1:53 | www.rollingstone.com | udp |
Files
/root/.mozilla/firefox/Crash Reports/InstallTime20230522134052
| MD5 | b898372be0d408edcc7459fc18996487 |
| SHA1 | 6c00d69d45ec0e7172d10b2e8451b41036e298ed |
| SHA256 | d6b7df824b89ef3c856fb7a3f30d73ee123c660f434700271b22066046be7bd0 |
| SHA512 | 02b23547b0973b7eafd9c3d9384987bcc22563a5372d751b0c9cca1258cbf453b5ee7c4ac4d2db39fe3ee267dde5372eb82fcd645c979b9adfa69bbf710d0cff |
/root/.mozilla/firefox/2os78b0c.default-release/times.json
| MD5 | e75af5aba8818f66b7ddbd24d4a220a6 |
| SHA1 | a2b3481eed320e4dcf56f7e825e5011f1878cb7f |
| SHA256 | cd78ed18becec79b020e5baea6aecddeb4036f4fdfda2e66b891e69fbc649912 |
| SHA512 | 4ddad7a09a544d59135c339c9ac0b57c0f6e14eb5423339979d6adf5ae20afd4a9cee22f8f36777af96f83f0ae20c16b74d08adde6bb558a155d7f5dd2f8deb6 |
/root/.mozilla/firefox/0rlot2gp.default/times.json
| MD5 | 8383a2c511b7f21579ff6b24fa908ad1 |
| SHA1 | 07fa4ed8e7fb3c170fe471d757ad435643c52d7d |
| SHA256 | f137913574ccaeb68811f7f0153ccdce96b1ca88347b979fb73a72d2212c266b |
| SHA512 | 8f216bdf210f38360a9ba5c6c25c7974bb4bd84a8524767842bc7136161b8ee6274ffbd8986ec4bfc8fa1f660dfb16c0938a6db6b7e7cde39228268df4ead4fa |
/root/.mozilla/firefox/installs.ini
| MD5 | 7ecc71bdcaebd0b99f037a599fae09ed |
| SHA1 | f85482c162d13b3283eaaf7ca41b99a0d63fec8c |
| SHA256 | e521d36d7823c4dc27e37cf40a4fdb50e65ab5a1015f1174d98d478f01f55dc0 |
| SHA512 | 58bf3fa1e76254ece2d813551996e2bbdf93bf30094909621b0fd42043b37a9cef8af4ef34ac2c2e9681a7755fe3ff327c7357397f86e678f6bf1ea0e8e74835 |
/root/.mozilla/firefox/profiles.ini
| MD5 | 7c471fb3fa5b0600dfb60e9eda62dc3b |
| SHA1 | 9db337a2ce9bb75d82dea19e45870c19a03bbe8f |
| SHA256 | 293902f273492f6e0ca6ede8469f882fb3fad88be8a3e09ff3c7b69ea40c2ab9 |
| SHA512 | f01fb27420cba4a7a25adc004fa5b47c7a0983eddac9c3e3ca9c5b2d55e45ae4812641fd7c544f84cc6204f0f47f6141febce3057398630db381d8cfeb120ccf |
/root/.dbus/session-bus/11c67417355f45d397f6be11f62e85a6-0
| MD5 | f9cfb8e3dd7b23923464ccf44794bb48 |
| SHA1 | cff96f047bd73806fa089a86257013fb2c41e815 |
| SHA256 | 4f7afd7919ab29adb9e643823e10fe30197d2cf86f7fa359b9bbcdb268795a76 |
| SHA512 | ae91d4a1def0d6199feda30a654c4f0200b7f4d5150fab1ca45d0476df619de8e996b25830f0db72a5676cdfb22167a5fc065a787d0b29b25f2daf3334495b72 |
/root/.mozilla/firefox/2os78b0c.default-release/compatibility.ini
| MD5 | fe452b7294d5928a9a5863b89ee0a6bd |
| SHA1 | a5d4c245071fa96476ba48b4725bdae7f1b7940f |
| SHA256 | d5bfb07561606a19aa96557ea109b175050dc0eb805cbef9c813503587d77900 |
| SHA512 | dc37d8507f08849e3382d2dbafd4a64555dbd57a288c95131e9aefb366630f1585811a9e1456b861bb9d2b816ed88b18ffb7580cd92b41bb9b0227ce1363843e |
/root/.mozilla/firefox/2os78b0c.default-release/cookies.sqlite
| MD5 | 9535f5fe817accc769c2c1d3354db39f |
| SHA1 | 6af62cf08717cf3bfa84eb1a7b311acf522ce560 |
| SHA256 | c53c15fcfac2bb57fdc88d23f932fc244dbaf4020f0f6eaecf0f77a37c21f8c5 |
| SHA512 | dc9c2c32eb42dda0a7a711e143aea58c603c1e9d885c3677e9fe86f525e1b0b32a46e240756263e56510b07e764ba69f2de13b90ec18210678242e10cfe17837 |
/root/.mozilla/firefox/2os78b0c.default-release/cookies.sqlite
| MD5 | 3a5aed94739390cdf937e6e66e5c0297 |
| SHA1 | 98cb8be5d12c4530b2960cd1c7f53ee25d1fc8e7 |
| SHA256 | da373275a9caaae82d7983fd8dd2f7330682c7484c6794f060c823736dd4679c |
| SHA512 | f18ddd919ecd432691f2cda8f7dece5dbc5d2f564bf8d2bbcdf03cb410599227d079baaa6737a154aeecea5b080b9455204b311b4340376458008ffa606682f0 |
/root/.mozilla/firefox/2os78b0c.default-release/storage/ls-archive.sqlite
| MD5 | e0c613bfd69956a19ce2dc5e925aa223 |
| SHA1 | 14accb230edcd6cb76967cdc6d4e5686db96b5df |
| SHA256 | 0d4cb11f6364c46a75f9eaddfca5c660b90dfd515df3afcd5e0baeca28a0f1ab |
| SHA512 | 01643c0131a392be92b3f281d7f633c1f502bff19090b0d716f1ac66aefecc3fcf92f393bef66b03089c9b9c6d8aaeb711b6a4f29d5a6729dd188c838f2272d1 |
/root/.mozilla/firefox/2os78b0c.default-release/storage/ls-archive.sqlite
| MD5 | 178d71e5529d637ac62f7e75fdd75896 |
| SHA1 | 339f2b949cc4c207b66aea11137448ba28d36dcb |
| SHA256 | 7b0050f1bfaab85c8f9067ae7d7369056ff752c0c852ef1462a96c22169004d4 |
| SHA512 | ec0e0105fcfbbae356dd55efbcf92975f35bbe5cb93fcabf4c08443e871957635d14830b27c4e1ddefbbaff8f9b7ec3590bf417a9442e1d7ee3607d14d56f664 |
/root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/.metadata-v2-tmp
| MD5 | af4a238af72d37ef68d50cdf8a65e65f |
| SHA1 | c325f9c0c82497c4df9219d065720af0d3ba7dbe |
| SHA256 | f47bdf3adb1d834af4475f1c7dda371d6288bc372c0c79806aca7b33a5d557e3 |
| SHA512 | 9a42e55a317bf67759caa2a0b2942eafa754abee69e8562448c8a9948e2057338325e4599a1ce3d6a120a06da49fcdb81ea8e5a7440057dc23336c3b46847846 |
/root/.mozilla/firefox/2os78b0c.default-release/prefs.js
| MD5 | 31ef87694484ff5da7559a7e3fba683a |
| SHA1 | e1dd1a38675b02d7f3cbc07ecea5328faf2eb5f3 |
| SHA256 | 33731a37c87dcc7872c7ce1b156c550ae330c0be55b35df9102fb42a55f2c70f |
| SHA512 | 4d7bdb4df38a5adc615b5714f591705c9e5636217ae9c0ceb40d00deeea5d75472a518afbfa577eab5bc0ed84fd05a1ed3227a45ccdac761ce5ee6e14a0896f7 |
/root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 07a412e08825220262ad2890757ff779 |
| SHA1 | f46c127dbc070ded87a6078b3c1c761955f96de8 |
| SHA256 | da640f8b665841b520d2262a21cc3f82aeaa881cf81a1ddae27ef501d66544e4 |
| SHA512 | 0134c783bf3293848e479b478ac57a1e0f4202cddfb8b57bc6275aada7345f398cf8a627e9b1c34fd618192c2f0c9737b1da487daf33f9c557ebc1377105582b |
/root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 87aecb3bd1adf57c8166dec3d0f0de25 |
| SHA1 | c3c58d6c2bf5286ec7a6c534a53f161ee2d13004 |
| SHA256 | 04f8749ac63c8ab28029162a401a637f92e1d1e56cd0c3815db43544686a7420 |
| SHA512 | 621e546e145ffbba2e9fa0de164f2ba60c8d2404cf50836bdaba4c2a90b6c77c6f37c401fef1fb2691bf11250cecc3eaa6dfe89f6812807eec1544bde03a54f0 |
/root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | db380ce9c4a5eb2f8d61521c07500d69 |
| SHA1 | 3da6db432396850bfe69341ef38d31a79331982d |
| SHA256 | d761a842bddfb4be73f24430f57746249fd1e9994b93b5031a6fea4167bd3eae |
| SHA512 | 213c05155e209f59ef7fa42d0793c4b2977dc39577b0b319c376ff0d90016eef4b5622759f0d61dfdaf2085850b198330eee910e8335b20711f516d1047f070c |
/root/.mozilla/firefox/2os78b0c.default-release/prefs-1.js
| MD5 | c4cabdef4275c523c635df31e5a3bed5 |
| SHA1 | 1cd403c6c84304adf8595cf8113cf7383d6860b0 |
| SHA256 | e516da5b1558b9e029556d9a350343c3f18dc6f5b2ac5fed1a34a95cc286df34 |
| SHA512 | 582b76438627490ae625275c73c4b28c46688411f451c9fd2646b827644c1ef5023569d2925da920bc093d1f59170606fc8649f6e8e914c9be458e3623fcf621 |
/root/.cache/dconf/user
| MD5 | 15720a654b727d02f40175b72e987a52 |
| SHA1 | bb6b68b672dabb82fbbf1ecd4f20b2c77dcc19a4 |
| SHA256 | 2f853830f422d48fce93fe7f13df6cc5a6fe86237c62cf706f5ac6e9fd6bc943 |
| SHA512 | 52d57ff93c67dc6bd613ff69fe5bce3232b8f583045ef394c9aeb85a15445f8815ed3c4d7e457a2e71e2b22163fe81653f3da3e91a84fc76299fcdae89ec0c26 |
/root/.mozilla/firefox/2os78b0c.default-release/permissions.sqlite
| MD5 | eec702601518a46cd90134490e4c9c9f |
| SHA1 | 5079628dce5679cf0d0250271f68b3491d9260cf |
| SHA256 | f59ff58cff5f6b9d895b6a74f075dce2ec4daa5c292e8ecd7df1e66e63b52007 |
| SHA512 | efd2c1e511b8bf40611543a5821ec586a316c25b036b6ce2a63e15e324c0b93ac1ccfc48de01d2ff5e59ef5e1018d86103c71ced0a4f37de21294b687bc69360 |
/root/.mozilla/firefox/2os78b0c.default-release/prefs-1.js
| MD5 | d3da705101038c44f76eb33638766cfa |
| SHA1 | e78d22643849b54b38131300902fd3e2a4fb137f |
| SHA256 | ebc85006320738b0bf99614152dd4ccca6615ebf8ff4adc68004897fb331a04d |
| SHA512 | 8a3668ae96fd6df309865da7a5e7951f78f6e849e16b81f454c84073025eb16f46aad00df2cdf8c585d7bd7966539c3ab3ddbfbcfbf8df42da6a5800d690d88e |
/root/.mozilla/firefox/2os78b0c.default-release/times.json
| MD5 | 95d7d80ea620fb5f24f99d2f915d93cd |
| SHA1 | 7bbcee30b0b83c4c88829f3db3c2818d4d8e9920 |
| SHA256 | 75e11d26bf8a165161a1aa0a594353ceb176b48511f401d00e9956620346b52e |
| SHA512 | 2794a760779214a0236a7cddac21c0a731a424821d5155d0d1706de948c9f3022eaaaebb9bc888e0fa91fdc219a32854187bb6bb9664b10f3e7e1f9bd8b3fc8d |
/root/.mozilla/firefox/2os78b0c.default-release/cert9.db
| MD5 | f27c0f94b8595d0d9c7bf0cdcc57b984 |
| SHA1 | 25e33cc5cd8ff392e0e0665e1ab0fd09dd149ffe |
| SHA256 | 3f0d2377ce7a189b0734285db8f7044e1b8abb8b46025d96d80f5abd4f7a0c4b |
| SHA512 | 5b08a3445803098c8cc6127f0bfd1f910a830851442ce46bcfb035d2a5b07570063c267a21073c5cdb670aaf92766714075291d93823dfdc1e504fcad9d3dac3 |
/root/.mozilla/firefox/2os78b0c.default-release/key4.db
| MD5 | 1f090999a6c2d5d7651ecef598db5a23 |
| SHA1 | 0fb1083f0541ef608fb7532917bc45a90eacca3f |
| SHA256 | 29e0aed26215e1ba1674094015771a40bbf8a235c2326505e8eaff30faa9e021 |
| SHA512 | 497f502f3552a7d0629aebe010874c37668e22221066796769416e8242d90d53b20ee5321ba2b538d084419960de83f1d62c758f29ddd76be84cc0cb4413c32c |
/root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | 759544297aaa61f5fef8ee42d0ae4393 |
| SHA1 | fc2d66f6e60409e3e8d38623ce5f817fc7f571e0 |
| SHA256 | 1bd2000cd972e80cefaec6e982ba261d224a818f367de0fdf8c51fa5a05d7ab5 |
| SHA512 | 8aaa2ce66f10d46f7c9200af841ac7bd9f5b55c30308a14f0deda44ac62581c45daae45154487c0073a0d5847d5926cbb4072ca64a702ac6b834ad0bb482804f |
/root/.mozilla/firefox/2os78b0c.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | 175cbe25f45edd5bb6fc67f826f5ac04 |
| SHA1 | b78641dc5a300d875ae0d6fdb6f54dcff17e31e3 |
| SHA256 | c2dc7b8c821426fea4cba54dcc0f5477a4f685757dd04005b291219079e6674e |
| SHA512 | d990600c1e9997cd57107a6b35d0bbe3ea81d8355fbdf3c1b3551a4cec190815944ed093d828260f5cfbdac57f2d7aec471c95081d91e294cd5b178c79fb3e76 |