Analysis Overview
Threat Level: Shows suspicious behavior
The file https://www.google.com was found to be: Shows suspicious behavior.
Malicious Activity Summary
Changes its process name
Reads user data of web browsers
Reads CPU attributes
Checks CPU configuration
Enumerates kernel/hardware configuration
Reads runtime system information
Writes file to tmp directory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-17 01:52
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-17 01:52
Reported
2024-04-17 01:53
Platform
ubuntu1804-amd64-20240226-en
Max time kernel
2s
Max time network
14s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | glean.dispatche | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cache2 I/O | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Breakpad Server | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Sandbox Forked | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Chroot Helper | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | MainThread | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | FSBroker1583 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | FSBroker1583 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Process | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | ProfilerChild | N/A | N/A |
Reads user data of web browsers
| Description | Indicator | Process | Target |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/shield-preference-experiments.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/ls-archive.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/sessionstore-backups/recovery.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/cookies.sqlite | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/extension-preferences.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/SiteSecurityServiceState.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/key4.db | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/cookies.sqlite-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/cert9.db | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/sessionstore-backups/previous.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/search.json.mozlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/system-extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/times.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/cert_override.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/sessionCheckpoints.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/handlers.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/sessionstore.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/cert9.db-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/key4.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/sessionstore-backups/previous.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/permissions.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/xulstore.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/content-prefs.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/compatibility.ini | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/cookies.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/key4.db-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/sessionstore.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/ClientAuthRememberList.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/sessionstore-backups/recovery.baklz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/user.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/extensions.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/cert9.db-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/addonStartup.json.lz4 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/sessionstore-backups/recovery.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/sessionstore-backups/recovery.bak | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/ExperimentStoreData.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/ls-archive.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/cert9.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/extension-settings.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/cookies.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/pkcs11.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/content-prefs.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/AlternateServices.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/7zra3a1i.default-release/prefs.js | /usr/lib/firefox/firefox | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | N/A | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/size | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/online | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/size | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/class | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/uevent | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/class | N/A | N/A |
| File opened for reading | /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/irq | N/A | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/self/fd/36 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/49 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-document-portal | N/A |
| File opened for reading | /proc/self/task/1731/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/40 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/46 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1626/cmdline | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd-fuse | N/A |
| File opened for reading | /proc/1659/smaps | N/A | N/A |
| File opened for reading | /proc/self/fd/43 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/35 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/34 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/50 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/41 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/cgroup | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd/39 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1602/cmdline | N/A | N/A |
| File opened for reading | /proc/self/task/1688/stat | N/A | N/A |
| File opened for reading | /proc/self/fd | N/A | N/A |
| File opened for reading | /proc/self/fd/37 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/48 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/31 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/mountinfo | N/A | N/A |
| File opened for reading | /proc/self/fd/47 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1590/stat | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal | N/A |
| File opened for reading | /proc/1611/cmdline | N/A | N/A |
| File opened for reading | /proc/1559/attr/current | N/A | N/A |
| File opened for reading | /proc/self/fd/38 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/94 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/45 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1607/cmdline | N/A | N/A |
| File opened for reading | /proc/1631/cmdline | N/A | N/A |
| File opened for reading | /proc/self/task/1713/stat | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd | N/A |
| File opened for reading | /proc/self/fd/6 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/75 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1549/stat | N/A | N/A |
| File opened for reading | /proc/mounts | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1547/cmdline | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal-gtk | N/A |
| File opened for reading | /proc/1622/cmdline | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/76 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | N/A | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | N/A | N/A |
| File opened for reading | /proc/1559/status | N/A | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/51 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/44 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1665/stat | N/A | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/29 | /usr/lib/firefox/firefox | N/A |
Writes file to tmp directory
| Description | Indicator | Process | Target |
| File opened for modification | /tmp/firefox/.parentlock | /usr/lib/firefox/firefox | N/A |
Processes
/usr/bin/firefox
[firefox -new-tab https://www.google.com]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -new-tab https://www.google.com]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/lsb_release
[/usr/bin/lsb_release -idrc]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -parentBuildID 20230522134052 -prefsLen 19257 -prefMapSize 230809 -appDir /usr/lib/firefox/browser {aeabaa26-e4e4-4b32-8253-76bbf9f1ed00} 1547 true socket]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/libexec/xdg-desktop-portal
[/usr/libexec/xdg-desktop-portal]
/usr/libexec/xdg-document-portal
[/usr/libexec/xdg-document-portal]
/usr/libexec/xdg-permission-store
[/usr/libexec/xdg-permission-store]
/usr/libexec/xdg-desktop-portal-gtk
[/usr/libexec/xdg-desktop-portal-gtk]
/usr/lib/gvfs/gvfsd
[/usr/lib/gvfs/gvfsd]
/usr/lib/gvfs/gvfsd-fuse
[/usr/lib/gvfs/gvfsd-fuse /root/.gvfs -f -o big_writes]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 21807 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {251fbeb6-760f-45b3-9b0c-625604a0eb1e} 1547 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 21475 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {4caca8d6-6c27-47c1-80e5-4ba4c1538101} 1547 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 21824 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {ed40e1e9-1fce-4245-a2e1-b5357ee2101b} 1547 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 27881 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {0b86c7f9-9715-4f12-8643-d33017f53eb0} 1547 true tab]
Network
| Country | Destination | Domain | Proto |
| GB | 185.125.188.62:443 | tcp | |
| GB | 185.125.188.62:443 | tcp | |
| US | 151.101.1.91:443 | tcp | |
| US | 151.101.1.91:443 | tcp | |
| US | 151.101.194.49:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 195.181.164.20:443 | tcp | |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| NL | 52.222.139.46:443 | services.addons.mozilla.org | tcp |
| NL | 52.222.139.46:443 | services.addons.mozilla.org | tcp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | locprod2-elb-us-west-2.prod.mozaws.net | udp |
| US | 52.34.56.182:443 | location.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| NL | 142.250.179.164:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 1.1.1.1:53 | www.mozorg.moz.works | udp |
| DE | 13.32.119.185:443 | www.mozilla.org | tcp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| NL | 142.250.179.164:443 | www.google.com | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | tcp |
Files
/root/.mozilla/firefox/Crash Reports/InstallTime20230522134052
| MD5 | 10027b38d5b3b2bd268551acfa0484a9 |
| SHA1 | 663a7de8b66f9d1c61506ee1c375634c52f95cad |
| SHA256 | 5f86c55c49f5463c8fe14927e831d4b11ca33efc956343c77512e933b6d7e8ca |
| SHA512 | 72f7aa0e28fb77e045da9b461e9833ba0d4c12dc21be50a2d00953a4e25ea7a210958a7c31a57c876e241b33b003eb811fe42eb97dfa84e68aaab7dd6d11bcf3 |
/root/.mozilla/firefox/7zra3a1i.default-release/times.json
| MD5 | 2ed9cf8866520010bf067c149c26b1fb |
| SHA1 | 09b7e0c1f02449926bb7b8e3d3b8caf0d20f2451 |
| SHA256 | a8f350e2c6d4fcc65ffbc6257fd4714e87270d39fd11b6b5fc1103a4d7f57d68 |
| SHA512 | 631697e07f2f288b4bf766bf0bef876deca3b5f0be49e5897ee0cd51afbd144fa44fa0e1d72449dd144137f3c692fdbfaf5779b0c8675056f393fb6a84094869 |
/root/.mozilla/firefox/installs.ini
| MD5 | 46896065ae223df61576b2e33db33344 |
| SHA1 | 9092b99a2bf9bc43e1249b1d877f776d5fcfe35c |
| SHA256 | f4bbcdfb23b66a30c9fcf6e8408bb7a6ca445fb942f3a5213a45281ebfb78ef1 |
| SHA512 | 58adc116b2af89b2f87eb21e4b7b1c62786d67b54a3798200d794805aefc25e8cf821f97b9cc129a86dd8996178b7a7d545f3c81891f40fa4764f73bde9f6d56 |
/root/.mozilla/firefox/profiles.ini
| MD5 | 5a5d41ccababaf722144d2a1574c4330 |
| SHA1 | ba4c40417710dfe23b1b120fd2355e45cf92b5dc |
| SHA256 | e0b990799fb13ca06314538be6e5311d2eecafa9b3d46a0b85b4551391c46af6 |
| SHA512 | 9dd86061fd0c977b50fb92155b24e2415e02969d5d6e56a932d34a1b10ba5214abbb48b2bb3d16844f638eb32044668e18a952f1bca470bb1f0d23a1a18d35ff |
/root/.dbus/session-bus/11c67417355f45d397f6be11f62e85a6-0
| MD5 | 77bd4a1b85cff2a3bb9f0b4d687bc18a |
| SHA1 | c3268678c74c4acd356ee661d08b98f480af5636 |
| SHA256 | 3ae3e860000d4101421354f61928a599776ddfb73efc6f94a47e3f566a13c2f3 |
| SHA512 | 55d6330c1c8ebdd49578c2da444d409e816efabcb65ebcd5a961d7cf7ef5b63c8bf0dbb69b67db9d4bb622c1bed889ecbed8ff3da71c182654bf92988c4315ff |
/root/.mozilla/firefox/7zra3a1i.default-release/compatibility.ini
| MD5 | fe452b7294d5928a9a5863b89ee0a6bd |
| SHA1 | a5d4c245071fa96476ba48b4725bdae7f1b7940f |
| SHA256 | d5bfb07561606a19aa96557ea109b175050dc0eb805cbef9c813503587d77900 |
| SHA512 | dc37d8507f08849e3382d2dbafd4a64555dbd57a288c95131e9aefb366630f1585811a9e1456b861bb9d2b816ed88b18ffb7580cd92b41bb9b0227ce1363843e |
/root/.mozilla/firefox/7zra3a1i.default-release/cookies.sqlite
| MD5 | 9535f5fe817accc769c2c1d3354db39f |
| SHA1 | 6af62cf08717cf3bfa84eb1a7b311acf522ce560 |
| SHA256 | c53c15fcfac2bb57fdc88d23f932fc244dbaf4020f0f6eaecf0f77a37c21f8c5 |
| SHA512 | dc9c2c32eb42dda0a7a711e143aea58c603c1e9d885c3677e9fe86f525e1b0b32a46e240756263e56510b07e764ba69f2de13b90ec18210678242e10cfe17837 |
/root/.mozilla/firefox/7zra3a1i.default-release/cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/ls-archive.sqlite
| MD5 | e0c613bfd69956a19ce2dc5e925aa223 |
| SHA1 | 14accb230edcd6cb76967cdc6d4e5686db96b5df |
| SHA256 | 0d4cb11f6364c46a75f9eaddfca5c660b90dfd515df3afcd5e0baeca28a0f1ab |
| SHA512 | 01643c0131a392be92b3f281d7f633c1f502bff19090b0d716f1ac66aefecc3fcf92f393bef66b03089c9b9c6d8aaeb711b6a4f29d5a6729dd188c838f2272d1 |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/ls-archive.sqlite
| MD5 | 178d71e5529d637ac62f7e75fdd75896 |
| SHA1 | 339f2b949cc4c207b66aea11137448ba28d36dcb |
| SHA256 | 7b0050f1bfaab85c8f9067ae7d7369056ff752c0c852ef1462a96c22169004d4 |
| SHA512 | ec0e0105fcfbbae356dd55efbcf92975f35bbe5cb93fcabf4c08443e871957635d14830b27c4e1ddefbbaff8f9b7ec3590bf417a9442e1d7ee3607d14d56f664 |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/.metadata-v2-tmp
| MD5 | c53ba3043a20ef8f605d4a9d123c879d |
| SHA1 | 0c21f428d4f33e41d8b3bc4a40d96c93e9072d7c |
| SHA256 | b3f8b6a0cd7ac9918c2e68c420446aae4a8b2a25a4354d3a4584f6524379049b |
| SHA512 | bd7243c86439d36461057dfd33db10dce8589167af54b9f947798125ecaedfef9afc8f54f49a8bded4bf962f3a9c5ea4f488a70aa953ead39c21d73036049da4 |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 07a412e08825220262ad2890757ff779 |
| SHA1 | f46c127dbc070ded87a6078b3c1c761955f96de8 |
| SHA256 | da640f8b665841b520d2262a21cc3f82aeaa881cf81a1ddae27ef501d66544e4 |
| SHA512 | 0134c783bf3293848e479b478ac57a1e0f4202cddfb8b57bc6275aada7345f398cf8a627e9b1c34fd618192c2f0c9737b1da487daf33f9c557ebc1377105582b |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 52c6495dbda22e1c5cf55d3d842ce978 |
| SHA1 | a30a2d2971d649c6b5833a1955d91961fb1c1913 |
| SHA256 | 02e901eb6a93698e7843ed7cf6afc22b723cd71640c42b31328d7f502465896a |
| SHA512 | 566ca412f8f1c1cc72766d1ceba86ab8a59d3ebf9a45fc168733563faa5b1f725f28525d161cdb5b76da6bdf781cc00742af4aa21e971e3bfd946d3b81fddae7 |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | dbe238b073c3d72a0ead7f7fd526b882 |
| SHA1 | 99a3de66d1fbb9ce3fdb1116d7ef9689e30d5375 |
| SHA256 | 6e21b20bd587ec0b67aa604ddec8aa7a8694afa3fe6fda0bd53976b6abcdf685 |
| SHA512 | 27f3185685166596c918f0e18e8b034d9d656cca7920aa2cb4a224c5a28ba6f1401e576f893223b6d12cc94e6e62b36301b1de24b30a813a4a36fc25faff4cee |
/root/.mozilla/firefox/7zra3a1i.default-release/prefs.js
| MD5 | 1d66fca0013f84fa4f9085e843d8b3eb |
| SHA1 | c6d843120a60ab8f2a8cb5411a3677291b4bd24a |
| SHA256 | 154d11aa553317566dff91f8a163a0fddbedb0d4d2a7bfa33692890a6fa2564f |
| SHA512 | e0d1835e7f9423626e17fd158e0965c633f5a406990767514b4a685f2ec9e553278e2c1beb7b89fb2b36e082f91a4e65f9c57386c74d876ee43b764e8f8238c8 |
/root/.cache/dconf/user
| MD5 | 2015eb238d706eceefc784742928054f |
| SHA1 | f901e1e2064b9b049ef3581c27bebacfc24976aa |
| SHA256 | 2824a7ccda2caa720c85c9fba1e8b5b735eecfdb03878e4f8dfe6c3625030bc4 |
| SHA512 | 4bc50c9b0d8515d3eaae1e74b29a95804346c491ee1a95bf25e4aab854a6a6511eeb73387f96b0e7536830664b9073e66e2ff2b9962377379304860aefb5e9c5 |
/root/.mozilla/firefox/7zra3a1i.default-release/permissions.sqlite
| MD5 | 914afc167db5859144ffff1d8bc432e6 |
| SHA1 | 09f8c9b9cd2b158a9d65d6b63cb90127a2ca90f0 |
| SHA256 | f7c183af28be397cd544b93c766e3d8ccc0ab2a05813827c116a3e3c265a5a56 |
| SHA512 | c77dfe9dacb58768d2613e5d3b7c5d42a7df6713a5704e9848232000093ac4d0dd754a16e96133f6b06da4fda102b6c9b908c0ef0f36ec8fa05240b72ee93dab |
/root/.mozilla/firefox/7zra3a1i.default-release/prefs-1.js
| MD5 | 1bebd3f00192a3e31e2d9d3628dd1ea5 |
| SHA1 | 321019da02b81c795b00d39ea96cf12a695d9df0 |
| SHA256 | e40c158007aebf8b25297cbf7d9f642dedfed2205176c6fbcf4ce87583f718d7 |
| SHA512 | 54ae95de04bfb16f42c84a8b9965b624eb866ac92dd22666e622317c2fcbfde0a80283810ff592f3b8db29757bda1e6a20dc0c9dd903176336d6b68d40a26dff |
/root/.mozilla/firefox/7zra3a1i.default-release/times.json
| MD5 | f9125bf774970e4a8a778de0348a6e2c |
| SHA1 | 61ba7b9f66d94acc928b4bc0a3ca4f26d51756bf |
| SHA256 | e05997db7aeaeffcf3f0b7206fc5df8683d446af497370bc24db7baa30ab25c6 |
| SHA512 | 555148837f726a7de28c50148cc59463a5123f76bb49fd0ca5dcf5f3216b9a239549c964232b2c3ed0a1c46eb7e498023e8b8031648c3ab7e5f9ed48861e16c8 |
/root/.mozilla/firefox/7zra3a1i.default-release/cert9.db
| MD5 | 1ee4dae828ece78719bc76f6e284fbb9 |
| SHA1 | ed47998e0ca01b182236f970ae20d5a2f269ce01 |
| SHA256 | b1ace2ac04616e8c3c1cb14a3aebdc21687aaedce7fcc4353c20f59e17b1b92c |
| SHA512 | c5023d4a9e1f30ed717a6e6fa0c7cdae9a4d413bd0e51cf4faa9265b9f1ec5ebcb74b7e0a877d6da5af559241c3de966e60346d52351ebd24e7cb8499aaf090a |
/root/.mozilla/firefox/7zra3a1i.default-release/key4.db
| MD5 | 3002abd7624dc777d0b2a80fce298ab9 |
| SHA1 | 22dabec4ce527319b4a79803a13156cb5b950a0c |
| SHA256 | 83472e49aeb7ebb6dfd43a96fed31ac583f5330a27c2a9219ac9b492d3baa6fe |
| SHA512 | 0ed603ed7433c4149c79ee9dd019e5f983a8ede48af74bb204f273255bbfaa6ba9cfd0936f340504cb8e4dd986d56b98268051b24d3a3a4cff99fd1502576eab |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | 759544297aaa61f5fef8ee42d0ae4393 |
| SHA1 | fc2d66f6e60409e3e8d38623ce5f817fc7f571e0 |
| SHA256 | 1bd2000cd972e80cefaec6e982ba261d224a818f367de0fdf8c51fa5a05d7ab5 |
| SHA512 | 8aaa2ce66f10d46f7c9200af841ac7bd9f5b55c30308a14f0deda44ac62581c45daae45154487c0073a0d5847d5926cbb4072ca64a702ac6b834ad0bb482804f |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | c4e5f61776d1f360cde20a2a1bfe0328 |
| SHA1 | 4377e5cdd14c02e01d5b441279de4ba254392619 |
| SHA256 | 3d2bb9b40a55de04a7f1e8037210da163fca248556fbcaf930eead7d337c0626 |
| SHA512 | 99d8d76fbef03e5cc9e55d41b323c61fdfb29a5a5d29050d1272480d3c3f729b6646d08b065a7600883c99867e5036350c62ddcc3e900e54f6e983943a6c1018 |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | dd3f6ba37c670af5953593535e435d04 |
| SHA1 | ecfe4e650a050bce77e8ff7468de04c1b8acc9a4 |
| SHA256 | 5cc6fa137a1f3a7d0b615b178877f12c460b22f95702eb7534d5732ee6599561 |
| SHA512 | 86e0482543faae6fb279ca71e1e6d6461d32317e74baebb3973e0fde9800107faeb9c2347be6cf8a47556ae43c8e6c224a595e952f621e40ad2c5eba920df2b3 |
/root/.mozilla/firefox/7zra3a1i.default-release/prefs-1.js
| MD5 | 6f58e9eae0b390f63c71b276cabc667b |
| SHA1 | ce51daa9619f74c479adde91e228422ced3edd47 |
| SHA256 | aac47be52f297a8cc00a20d2520a297dae8e2088576009114b616329bb2ece7a |
| SHA512 | 46a9568bae7dd96a30320fe44fb98b773d7c8b3f148f081f2fe54cd73705ccc8b77112e919aeb077be51bc965a34e0171f64c3b358e4ab8c83099598f49810a5 |
/root/.cache/mozilla/firefox/7zra3a1i.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F
| MD5 | e0dae45f5320b50d420e591db5fd14e5 |
| SHA1 | edda801a7a373fe537d1c284b7ab3ecd68c00faa |
| SHA256 | ebebec286995fddf9604566a0cf05ea74ea94a0e6620c71fd360e0183662b69a |
| SHA512 | 10756ae8a855a27033b46f06e9e1bf34b56265879910460a71df3183cb58c1a0349a0bd4cc9249310aec043f7c144779ad97f9cb7355cef9afa863d16ba6b81c |
/root/.mozilla/firefox/7zra3a1i.default-release/prefs-1.js
| MD5 | 86feb761e70056b2b7204baff794f82e |
| SHA1 | a4f55f3de157fe407bf80bb1afe4ec19c122f0ad |
| SHA256 | 055ba13259a13547a9c3de0bd0da5c6cd105c29d1f9a2257544e5951f9e2188b |
| SHA512 | 5bdd993afddb93260a286a8e00c5cc49504ae7e9f44cfcb8effe1eb1d0d059ca1d1b68ddfe2afd895e8091798572ee34d33779fa415c0cafd4c5bbcce8764c27 |
/root/.mozilla/firefox/7zra3a1i.default-release/prefs-1.js
| MD5 | baf5c4ef367bd8e905cc4606b309f3dc |
| SHA1 | 0bcb068d12722875d63a46c727844a40583255c5 |
| SHA256 | fcb83dca64a62a25715c47961308e29a23ae7a9bca68491463853adade8ecda1 |
| SHA512 | 10d3f31dd88b2acbb773f4ec537119bbed4902896f40353164db9204edd1d0ed6355d699f0f95e1c105221fb29423f234a095b4262341d22e3f2b68bd7935dbd |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite
| MD5 | a8dd7ebaad5528b23f82ccb1534cea18 |
| SHA1 | 600daceacfb5cf9df0b66ba7dce4516b2ac4df70 |
| SHA256 | e5b0d02c18ae36c4a220f41fd97c66060c17aaafcbb324a57ccdc2707c44c4ec |
| SHA512 | 67f867a8e2b37fb6bececd5ebc570ca594ea329142badd63d1281d5e735f515a5e329abc6eb9a9d3465aab0a08541b4888018d859964f160a52345ab93532bff |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite
| MD5 | ed1965fd4177438dfdedce98c5ba606a |
| SHA1 | 8738bb121899bbfa2a405a65102ac7011b2de36d |
| SHA256 | b37ca13ebffc169831e86ae2c22a9d3eb42d562b9494871a47be552e33fdd2e3 |
| SHA512 | 890fc67d3fe2d7c830fc96b82c443584d0bcb3ca750e6db9f882554ecd1f0d049b51dc1b9ad78bc244aa5903c913662384451f63d8181e778f8570f28d4c1ad8 |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite
| MD5 | 7352c8848e88edc39b7fb5e663888187 |
| SHA1 | 8c3dffe25cc56c7aec1b782292d6fceed81e6304 |
| SHA256 | 7a462086a26978809c719e57a7ea6a25568767fb7532014e8531fda94b660e0a |
| SHA512 | f2a0dbbab5c2c1702b03bce15a47739481f523e127d1372b40534db9a20b2bc99fb53710ee0e5d44176188817cac704cf4f98cdf087e7e89d244281fcfc3b280 |
/root/.mozilla/firefox/7zra3a1i.default-release/cert9.db
| MD5 | fbda706eaa8bca451839dba4963ff32b |
| SHA1 | b1e75ab0060bc091bf64317b7640e0b73577c24b |
| SHA256 | f48e41af6a2dc1d0bd064f7a3fff161fce8945e527c934b6afb6cccc622d9052 |
| SHA512 | 14127e87ba6c964239ff0e851a72dc8c2c3fa8a3a0ae27449fc24b71d8516fe23c2b13eb455967a99b01104af3a689d24d906db3998ea583f184bf2a9246a413 |
/root/.mozilla/firefox/7zra3a1i.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite
| MD5 | 5f32a70a4967ec8c73152f070496490d |
| SHA1 | f12d7d77a3c92c7d60673977d2a352bf7798136d |
| SHA256 | ea74c5260223ae90ddffd06dc8bc1f96da500223969ed0c17e2483f1ef9f51a0 |
| SHA512 | dc761ac718eef559b36e3d5c67089456964cb7e7a2e33b43d75ffe1b609ae2a9cdb69309f910498729e94098fbdc1141e5e4579602827e951b415d875f76c67a |
/root/.mozilla/firefox/7zra3a1i.default-release/cert9.db
| MD5 | b885034200877c003d05ea779dd833c6 |
| SHA1 | e60fff5b96c87c51a4cc3bf019c6a3d4d99cd0c0 |
| SHA256 | b6e128719cd9800fc39111a7fbc8f09cbcc95067b0be82d7f63ecfefe0300d16 |
| SHA512 | 7f5909bc7ae5ee121c569cae97c322f89c097a79d1aaced54af22fda24fb28e1c2f71c1024f01be87c204e8eee58b1220105373abdfa619a5ce778ef18901794 |