Malware Analysis Report

2025-01-23 15:27

Sample ID 240417-ccna2aaf37
Target https://www.google.com
Tags
antivm spyware stealer
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

Threat Level: Shows suspicious behavior

The file https://www.google.com was found to be: Shows suspicious behavior.

Malicious Activity Summary

antivm spyware stealer

Changes its process name

Reads user data of web browsers

Checks CPU configuration

Reads CPU attributes

Enumerates kernel/hardware configuration

Reads runtime system information

Writes file to tmp directory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-17 01:56

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-17 01:56

Reported

2024-04-17 02:07

Platform

ubuntu1804-amd64-20240226-en

Max time kernel

22s

Max time network

16s

Command Line

[firefox -new-tab https://www.google.com]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself DOM Worker N/A N/A
Changes the process name, possibly in an attempt to hide itself DOM Worker N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #5 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #5 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #4 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #4 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #3 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #3 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself MainThread /usr/lib/firefox/firefox N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Process /usr/lib/firefox/firefox N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A

Reads user data of web browsers

spyware stealer
Description Indicator Process Target
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/extensions.json N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore-backups/recovery.baklz4 N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/pkcs11.txt /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore.js N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/xulstore.json /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/extensions /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/cookies.sqlite /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/cookies.sqlite-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/permissions.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/cookies.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/system-extensions /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/AlternateServices.txt N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/temporary N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/default N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/browser-extension-data/[email protected]/storage.js N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/webappsstore.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/user.js /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/handlers.json /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore-backups/recovery.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/key4.db /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/cert_override.txt /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore-backups/previous.js N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/addonStartup.json.lz4 /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/cert9.db /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/key4.db-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/compatibility.ini /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/cert9.db N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/prefs.js /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/extension-preferences.json N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore-backups/previous.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/cert9.db-journal N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/webappsstore.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/times.json N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/cert9.db-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore-backups/recovery.bak N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/permissions.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/addons.json N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/key4.db N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/datareporting/glean/pending_pings/49f1ffc7-21aa-4bc2-afc7-61726f9e88ef N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/ls-archive.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/ls-archive.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/cookies.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/sessionCheckpoints.json N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore-backups/recovery.js N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/ClientAuthRememberList.txt N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/webappsstore.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/SiteSecurityServiceState.txt N/A N/A
File opened for reading /root/.mozilla/firefox/sfu6ctk5.default-release/shield-preference-experiments.json N/A N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo N/A N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq N/A N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index2/size N/A N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index3/size N/A N/A
File opened for reading /sys/devices/system/cpu/present N/A N/A
File opened for reading /sys/devices/system/cpu/online N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor N/A N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor N/A N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device N/A N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor N/A N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/vendor N/A N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class N/A N/A
File opened for reading /sys/devices/system/cpu N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class N/A N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/fd/46 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1620/cmdline N/A N/A
File opened for reading /proc/1556/attr/current N/A N/A
File opened for reading /proc/self/fd/36 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/47 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1609/cmdline N/A N/A
File opened for reading /proc/1659/statm N/A N/A
File opened for reading /proc/meminfo N/A N/A
File opened for reading /proc/self/task/1549/stat N/A N/A
File opened for reading /proc/self/fd/39 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/75 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/40 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/44 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/6 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/1547/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/1605/cmdline N/A N/A
File opened for reading /proc/self/fd/145 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/31 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1624/cmdline N/A N/A
File opened for reading /proc/self/fd/35 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat N/A N/A
File opened for reading /proc/self/fd/45 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/51 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/1659/smaps N/A N/A
File opened for reading /proc/sys/kernel/cap_last_cap N/A N/A
File opened for reading /proc/filesystems /usr/lib/gvfs/gvfsd N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/49 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/151 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/163 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd N/A N/A
File opened for reading /proc/self/fd/29 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1586/stat N/A N/A
File opened for reading /proc/filesystems /usr/lib/gvfs/gvfsd-fuse N/A
File opened for reading /proc/1629/cmdline N/A N/A
File opened for reading /proc/self/fd/148 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo N/A N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-document-portal N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-permission-store N/A
File opened for reading /proc/self/fd/33 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/34 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal-gtk N/A
File opened for reading /proc/self/task/1665/stat N/A N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd/38 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/48 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1688/stat N/A N/A
File opened for reading /proc/1556/status N/A N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/37 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/43 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1600/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A

Processes

/usr/bin/firefox

[firefox -new-tab https://www.google.com]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -new-tab https://www.google.com]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20230522134052 -prefsLen 19257 -prefMapSize 230809 -appDir /usr/lib/firefox/browser {d1a07093-5c37-42f4-844e-a821c335522f} 1547 true socket]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/lib/gvfs/gvfsd

[/usr/lib/gvfs/gvfsd]

/usr/lib/gvfs/gvfsd-fuse

[/usr/lib/gvfs/gvfsd-fuse /root/.gvfs -f -o big_writes]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 21750 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {a32d8eda-7417-4760-a216-0c99513af91e} 1547 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 21475 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {09bc5610-d9f2-46c3-be43-060098d73453} 1547 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 6 -isForBrowser -prefsLen 27835 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {40e788c5-d580-4c40-af23-b488b1fbeab1} 1547 true tab]

Network

Country Destination Domain Proto
GB 185.125.188.62:443 tcp
GB 185.125.188.62:443 tcp
US 151.101.1.91:443 tcp
US 151.101.1.91:443 tcp
US 151.101.194.49:443 tcp
N/A 224.0.0.251:5353 udp
GB 195.181.164.20:443 tcp
US 1.1.1.1:53 services.addons.mozilla.org udp
US 1.1.1.1:53 services.addons.mozilla.org udp
NL 52.222.139.46:443 services.addons.mozilla.org tcp
NL 52.222.139.46:443 services.addons.mozilla.org tcp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 52.34.56.182:443 location.services.mozilla.com tcp
US 1.1.1.1:53 detectportal.firefox.com udp
US 1.1.1.1:53 detectportal.firefox.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
US 34.107.221.82:80 detectportal.firefox.com tcp
NL 216.58.214.4:443 www.google.com tcp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozorg.moz.works udp
US 1.1.1.1:53 example.org udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 example.org udp
US 1.1.1.1:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
GB 143.204.72.186:443 www.mozilla.org tcp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
NL 216.58.214.4:443 www.google.com udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 34.117.188.166:443 spocs.getpocket.com udp
US 1.1.1.1:53 ogs.google.com udp
US 1.1.1.1:53 ogs.google.com udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
NL 172.217.23.206:443 ogs.google.com tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
NL 172.217.23.206:443 ogs.google.com udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 1.1.1.1:53 autopush.prod.mozaws.net udp
US 52.10.78.57:443 shavar.services.mozilla.com tcp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 1.1.1.1:53 incoming.telemetry.mozilla.org udp
US 1.1.1.1:53 incoming.telemetry.mozilla.org udp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 34.120.208.123:443 incoming.telemetry.mozilla.org tcp
US 1.1.1.1:53 normandy.cdn.mozilla.net udp
US 1.1.1.1:53 normandy.cdn.mozilla.net udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 1.1.1.1:53 fp2e7a.wpc.phicdn.net udp
US 1.1.1.1:53 normandy-cdn.services.mozilla.com udp
US 35.201.103.21:443 normandy.cdn.mozilla.net tcp
US 34.107.243.93:443 push.services.mozilla.com udp
US 1.1.1.1:53 classify-client.services.mozilla.com udp
US 1.1.1.1:53 classify-client.services.mozilla.com udp
US 1.1.1.1:53 prod-classifyclient.normandy.prod.cloudops.mozgcp.net udp
US 34.98.75.36:443 classify-client.services.mozilla.com tcp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.208.123:443 incoming.telemetry.mozilla.org tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp
US 34.120.158.37:443 tracking-protection.prod.mozaws.net tcp

Files

/root/.mozilla/firefox/Crash Reports/InstallTime20230522134052

MD5 3ab18a8c2219e9a166b799da71c4e6d8
SHA1 9993149bee66cf6b48ec31056efe487223b7384b
SHA256 e94c02ef39374c9bea2f4f3345649f0a66e9310bca321c69a6f4e576da1ae80a
SHA512 bb044d1600a63e70b48e9c16778e7831a87d6082f9e5814f7a3d54c912e9054b22abfbb57afda167859b6dcdce60f4086b19357bd29ef41388d5a7fa1e3e465e

/root/.mozilla/firefox/sfu6ctk5.default-release/times.json

MD5 9029f68c8a0718b03b9c9663b344b7b4
SHA1 913fd9881a21df6f44cec068ac2d4a3007d18851
SHA256 b1a94101a80bcca73d6148342842d0684f80a53e5360f71923aefb3db0a2b449
SHA512 e17586d0b0f12ae0a4efc216635e09a0f8291da5d81d98ee5b48b2302442bfaaf19d7c755c3c08fe49fa809ab6f074141fd0d6cfc8c287c110132e6944b03ca0

/root/.mozilla/firefox/installs.ini

MD5 46bb68cd3431b672076c75558250673c
SHA1 37efb73eae740d3e2375eec2841950562b430fd7
SHA256 3201b1062dfa6c95db94a3f3b9e4053f6e7488515296a139ccd446a95d4f5edd
SHA512 5c75d5cd55ff01710d0697e230089113ab2b93878b3661572143a32627220920ee5b62ea6d4c6207fa4a1a99eb2c7ffcfee44256cc59c93a4c275ccb97bf1a71

/root/.mozilla/firefox/profiles.ini

MD5 4abd8a01db327f59a33383f3a3345b58
SHA1 ea8df3e52ee36e861d020b8466d167312db85629
SHA256 565de3e25496a5e451202fe949c424460fae22cba60c90b714cce0db0eb9bbba
SHA512 e6b6ea16f6bf36c14397a6b6b321c73be0c97a182f98d09532acc2a5ff4efba21b9f6496d7adf390e5e4043a070eab6c193025d1777c269bafd9440fef5a6f51

/root/.dbus/session-bus/11c67417355f45d397f6be11f62e85a6-0

MD5 81aa4fdf0465685d55de711e89747e95
SHA1 3bdb4600c2499c303274aab9b02bbcaa3da4f8ac
SHA256 2b13d984cba60e07968df73491520d59209677b2fbdffd7505d06e3e5f99b063
SHA512 7b3b5e52a7d54ccad9860a5efdb1eb5ec617145116ee69aaab23fa5e36fb295720f337a023282a936427e3108ca0f1598ca29a8b210912db264186657bfffbc5

/root/.mozilla/firefox/sfu6ctk5.default-release/compatibility.ini

MD5 fe452b7294d5928a9a5863b89ee0a6bd
SHA1 a5d4c245071fa96476ba48b4725bdae7f1b7940f
SHA256 d5bfb07561606a19aa96557ea109b175050dc0eb805cbef9c813503587d77900
SHA512 dc37d8507f08849e3382d2dbafd4a64555dbd57a288c95131e9aefb366630f1585811a9e1456b861bb9d2b816ed88b18ffb7580cd92b41bb9b0227ce1363843e

/root/.mozilla/firefox/sfu6ctk5.default-release/cookies.sqlite

MD5 9535f5fe817accc769c2c1d3354db39f
SHA1 6af62cf08717cf3bfa84eb1a7b311acf522ce560
SHA256 c53c15fcfac2bb57fdc88d23f932fc244dbaf4020f0f6eaecf0f77a37c21f8c5
SHA512 dc9c2c32eb42dda0a7a711e143aea58c603c1e9d885c3677e9fe86f525e1b0b32a46e240756263e56510b07e764ba69f2de13b90ec18210678242e10cfe17837

/root/.mozilla/firefox/sfu6ctk5.default-release/cookies.sqlite

MD5 5caa766855d5613a999f71b7812d6451
SHA1 ad0d9a52a0d5cc7f11858301dbe47377ed99ee37
SHA256 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27
SHA512 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba

/root/.mozilla/firefox/sfu6ctk5.default-release/storage/ls-archive.sqlite

MD5 e0c613bfd69956a19ce2dc5e925aa223
SHA1 14accb230edcd6cb76967cdc6d4e5686db96b5df
SHA256 0d4cb11f6364c46a75f9eaddfca5c660b90dfd515df3afcd5e0baeca28a0f1ab
SHA512 01643c0131a392be92b3f281d7f633c1f502bff19090b0d716f1ac66aefecc3fcf92f393bef66b03089c9b9c6d8aaeb711b6a4f29d5a6729dd188c838f2272d1

/root/.mozilla/firefox/sfu6ctk5.default-release/storage/ls-archive.sqlite

MD5 178d71e5529d637ac62f7e75fdd75896
SHA1 339f2b949cc4c207b66aea11137448ba28d36dcb
SHA256 7b0050f1bfaab85c8f9067ae7d7369056ff752c0c852ef1462a96c22169004d4
SHA512 ec0e0105fcfbbae356dd55efbcf92975f35bbe5cb93fcabf4c08443e871957635d14830b27c4e1ddefbbaff8f9b7ec3590bf417a9442e1d7ee3607d14d56f664

/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/.metadata-v2-tmp

MD5 da03a28c7c7738a7481ac4edc16874b6
SHA1 98a797a258fc9422cacdeb2f918273dc22d500fc
SHA256 dede82df4a759768f4a3e1b685ba02fbb4e05d96a94f22df9725d3837d0d50a1
SHA512 8210041dcc904524b07b67e97df84187e355fa8e592e69dd8cd7b53ad98545fc05149cd9659b7cdb6e652c951b29c044eb426a4b448e1758d097b834cd3c7b7e

/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 07a412e08825220262ad2890757ff779
SHA1 f46c127dbc070ded87a6078b3c1c761955f96de8
SHA256 da640f8b665841b520d2262a21cc3f82aeaa881cf81a1ddae27ef501d66544e4
SHA512 0134c783bf3293848e479b478ac57a1e0f4202cddfb8b57bc6275aada7345f398cf8a627e9b1c34fd618192c2f0c9737b1da487daf33f9c557ebc1377105582b

/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 04ebc3c603c7a2f6cea59fc2f0df46e7
SHA1 95bb9955c0d69c1fef5961281954013421194bf3
SHA256 e77211601897a7cb41eb61bd34e6a20d520533c18e92ffca40993e283c722a8a
SHA512 111bf18d1243b6a85c774fd9ec6dab5e678d2d75408dae3ee28ff725a5fe397e80430189ccc58dd1e2f100de99d9056070f2faaf6c45ea34d9ea27a7bf2c5cf2

/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 8eed5eb235f373b7693b9dfc48036d85
SHA1 0126842fb72a2ffcf7aefcc8a631b7855f33197f
SHA256 56de7862b5536ef3b44a7f44bd971d241a6168b2b3785af9bec53eeba571111f
SHA512 b19a67dc3b4466e075d5add90bcf84ecc716160a135ca7779e3ca639a50a5c6b12e2c7f3ce3220dad58d30d5016697cb0f25e295abbe12a9fc31ba8308ea9536

/root/.cache/dconf/user

MD5 c4103f122d27677c9db144cae1394a66
SHA1 1489f923c4dca729178b3e3233458550d8dddf29
SHA256 96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7
SHA512 5ea71dc6d0b4f57bf39aadd07c208c35f06cd2bac5fde210397f70de11d439c62ec1cdf3183758865fd387fcea0bada2f6c37a4a17851dd1d78fefe6f204ee54

/root/.mozilla/firefox/sfu6ctk5.default-release/prefs.js

MD5 eb48732f57763baf1a4046f97ab8469a
SHA1 57363965f36d473c2079a26cdb508fbdc4c0dcfc
SHA256 e02e0c35c51d290e9cd35a6893ad4e8d3a4c35f3efd73c426e28625ff833b70c
SHA512 278bbf5c479878b171d40e903a7fc2bc83866b09a89d2f42d3c3cdb3729ba0a4bd46246f9681de16d277e2339820a92240b42c38fb469c039072f503a57a1834

/root/.mozilla/firefox/sfu6ctk5.default-release/permissions.sqlite

MD5 835af78ddf11d38893a9043927dce67b
SHA1 21dcdf977e65bda2399db4744697a585522af33a
SHA256 8ac1dabbc3e38c92e7e16627f884dd0d0f37dafa20c5a5877c64f9c0468bd47d
SHA512 5e3339db3aaeac6964ef44a61e6dbd8e5f41ee12c11bdaa44467ed03773ca1510e6c808e1f306542a42bd27de0268841890426cba5b80220da89637bd54f29f1

/root/.mozilla/firefox/sfu6ctk5.default-release/prefs-1.js

MD5 01fc3bd93315ac99fc329778a7ea933e
SHA1 b0bf9c7408fd1c109364ed41810ab93b2d180867
SHA256 5a34185aceb67920369fa2e28c9fd3b88c9a20e9e887ca682dc90c89e8256bf4
SHA512 481405ea95ee8727f06cbf10bed6061c6021063134c2a7e66b6c58de48af2284c0d66acd64c360883504886eb6e6b6abaf2cdd85898a5aa1673c85f68afd9722

/root/.mozilla/firefox/sfu6ctk5.default-release/times.json

MD5 e38bc8275bef308d8ed3847512de3b54
SHA1 fed4ffbd695595bc74e8c19d74370457c40c1013
SHA256 f7ee12adb50d89ca17cdc256e05c441ba0b2afa62c70b7e159461af40634f899
SHA512 c7f57fb09ce4fb892310817bb533d07fe7be77c170319b10f7703eea2f302e811328f0afd4ddaf94c2f331dbc8ac51227fc7413f7d3cd387691d15dabc91b3c4

/root/.mozilla/firefox/sfu6ctk5.default-release/cert9.db

MD5 872e36f661923458c473a73a9414e26e
SHA1 465eb1573078c89b3e0dadf59b174c4a50ac18e2
SHA256 9948ab73b2aba44ed2efb202ac52ad45c387a2560bddc863127cc5e44ba23dfc
SHA512 fbbf9218df9d724d285e55d3bcf28699c15219250ecd5529d4a1b721c6e91e68007cb6bfa06da8ce6f8757c39684d575bf79f663d868f027b19bcbadbfbf6482

/root/.mozilla/firefox/sfu6ctk5.default-release/key4.db

MD5 9d1cdb33b4b93aaf2d6a4fd314661f79
SHA1 53eaf063cc4b5dbe29c55bfe2e5c837286511ca3
SHA256 39c922f5e74f17f2ca269d478c85adf9b493e06ae5e885b8f1a6ca174040ca61
SHA512 932de2c3820e36d55a5ab6cc22a7c8dcdca4595900ad2c88e02e817b68353780c908dab2c8fed44e63dcb220b61b13cfcfb126c6c34eec2e26e542e80b054079

/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 759544297aaa61f5fef8ee42d0ae4393
SHA1 fc2d66f6e60409e3e8d38623ce5f817fc7f571e0
SHA256 1bd2000cd972e80cefaec6e982ba261d224a818f367de0fdf8c51fa5a05d7ab5
SHA512 8aaa2ce66f10d46f7c9200af841ac7bd9f5b55c30308a14f0deda44ac62581c45daae45154487c0073a0d5847d5926cbb4072ca64a702ac6b834ad0bb482804f

/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 4527adac4b57739673e3ab989322233a
SHA1 6b9f4744344f28eeb3843cf72fcc8698d2685590
SHA256 5a069dbd36f055550ecbf347eeeafdb4d9adb973afe2f3d32f6756cb8466c470
SHA512 cab9c130bbe0fa000f3a6ec3791fc3dac74e340eef78e34a654ae46410077f5872e0ad206fad40f4a6731fe016b5ff6eed8e782e65fd14b2db1f8ead79d138ff

/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 dd3f6ba37c670af5953593535e435d04
SHA1 ecfe4e650a050bce77e8ff7468de04c1b8acc9a4
SHA256 5cc6fa137a1f3a7d0b615b178877f12c460b22f95702eb7534d5732ee6599561
SHA512 86e0482543faae6fb279ca71e1e6d6461d32317e74baebb3973e0fde9800107faeb9c2347be6cf8a47556ae43c8e6c224a595e952f621e40ad2c5eba920df2b3

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F

MD5 d52e4664953741690f3522dd0135c2aa
SHA1 59f31d7f29ddd57a6528685ff34d273f03fecb11
SHA256 67a52264faa68c6e69f613f68da8beec11165316f952fb1c33599ab33da5f634
SHA512 f78015347dc307ab50f0a42c6adb94c0f1ca61e43e33fe38f7743d217a552d9532dbe70fcec22f159bbb47e4d20f45bf4a24d5602f43e7dad809a13e26e4585f

/root/.mozilla/firefox/sfu6ctk5.default-release/cert9.db

MD5 493490d74cf808fff5d8b2cc0d698a43
SHA1 00829524acbdabbf680fe82de4809596cc447536
SHA256 be52c3f029f2d314d41f7ecb61a44c6644e4acbad0dce8231d55d9810d179671
SHA512 c9f8322826eb245f2152673be320858463967994b3331625c7a54fe794ac47976453f3c396be9c28bc26b69dffb130ac284fae04a7a0889bf68b2208ea23c023

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/A8743ACDA513FF27A72604EA39BAAE662138F0B9

MD5 49ce2d3c63efaad809becdf0e7707ac1
SHA1 280b96e8ddcf6f9f0557d8e8656c05919b98de01
SHA256 8a2b0c703fdd6a6ea90967fa76695372b7ca532c7864c4303ac9c709aa4c4d49
SHA512 cd943e56dc03af38f5b94abe2baf33616898930f7f0b2a8fb0b0450df9082478daf23398bd8064a7db289bd3221012fba9512cbf9437cea09ea6c8cd24534723

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/D154E1CD66DAEBBC055D1D367858E65F2CC266C5

MD5 a24bf209937b702ba40767f53f0f0bfb
SHA1 ceafcc3e49886ea75c3aad06828ec7a11aa36b8b
SHA256 32e51c399db258e3fe0ceb68a075b53ba8e61c23f1e0f8af9a6a4b5ee9b5837d
SHA512 a99ec9181902925f400badef3a326915815d31eb2e4e73a2b5242c320b9986ffd1fa03ae7e21b2032589d3872d71a46ed69022d6551140dbdf7a9ef08d6d2ca0

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/3F5BD2A3838305545BAF11838A20DDE8D3F6CABE

MD5 a510802df839c592c9a89f12ca5bdcfb
SHA1 ce8a2e6dbb2e352dea895947e5d58c07b25a3eec
SHA256 e0cc79ea0b2381f5c94e43731f70bd2e74fd6aca0c08ae52c08b61ba476adc0b
SHA512 04228fd30e2409e8ad4e21fcece97d54245a08bd720e373d7525d868f9fcbea16c64e29d62f00ddb50f3843287da5527831dad3bf41693370c7ada2f6a1107aa

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/6762E24BB9F66A6430B9C774503510453B4EBA21

MD5 d141c88956ee06ac10133c249e387a29
SHA1 2fe34c8909c6d7ca5a3a972b6351ffa735bb0c12
SHA256 348ee7a4abd81985f2d1d2be56c805ba9978dc5a9c9d46a6de4d70db43700000
SHA512 05ec78c209316cc6c1c7fe683082e9646a54d8f06b8a87dbc0ca20b1c59d9a3bd44053427c9d75a3739006168d22ec5fdeaaf568918319ccdb94c740dacbbc51

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/7DB3359FF1AE28D679D8DE03A74F2C06BC18D50B

MD5 4b2062139c729f43a05200410ef680b2
SHA1 d7e7d7281e909a932f2798d6fbfcd3f486a74c0b
SHA256 bbe94a3b5f68b5110aa72b357d1bf8f99395fd25dacffcb652afd998d194e5c2
SHA512 fe38f4c89e1048e2e94ef66b15e4b6c37502952a0921dbc26ee2a1f2592d7cd60c24739809d8f6c58ac9dc8fc32ab871d0db61a8c689214082008df37fdeef7f

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/58FA4C93D2C2293EB9F0554BA83740A06674316F

MD5 d6a9182902e82c943ca71a6caad2d689
SHA1 b8e182e8d84d1a1534ffc55525b6b03d8bc9e019
SHA256 200d4164a6e4736ee839dbf98c4d41662e510633231b6363789d205690cec058
SHA512 f5b7615e2f689ef272af2d95deb07ce329dec8e89c4964915e1dcbcc1f8c72451973a37b729f45cd21d57aa60647e7d0128fd0541e389e3ebacb3d5a6291bdf7

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/D8EF12DD3F5A0B350AEDF5A0EBB7935D12C12CE3

MD5 56301c534221c78a39fb60917b84b58e
SHA1 7873c9e655a7cbfcc05eaf0355d521041141f7b0
SHA256 018ed97c8a83c16c913ff3713a7650dec959085dce1be3059cb5450b75d99a51
SHA512 94caad97875890e9ea2728e7c58f8040b5598f548a42f4a55c056f0abfd2b8ce0c9330afe856f885c9fadf7ba6a240ba3f5cc127814cb1c408f9c5309d389227

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/109D080055C1548CE320A422FD98DA1D5E1A5BC8

MD5 6b523d1f1bab29360ee762404e927de7
SHA1 4c862ad7019274ea088b80c27c4eaa8c29d7f0ce
SHA256 dfdc25c5329de3e60990c9648f1f430f0c53a651900742f95fc09c4a0d7f9882
SHA512 d4fd83383390a44694aab0291806f7a1a80899111b82a1d057445041e0569fed98197dbf88e08db6e3e4bbf28f58e7f5d2f24b1f520a7f9b102d3510e1b3d3f9

/root/.mozilla/firefox/sfu6ctk5.default-release/prefs-1.js

MD5 bab84ecbc4f4156bb7a90de3e32cfb5e
SHA1 34de18d221f6842beb0777706525442ba5ef3f72
SHA256 44311909a919b82eac0590e9fead49b15161827c73f733663cbbf7704cf10d56
SHA512 5ab4a5efb281874682ea22481da29f239a4fce25a53a3533022ab6580e08d7dc8c2f497196af00289f4181f4aef261925ccd046d68feb7cf56ccae27736c5e36

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/B6F59826B025251E088E4743F506708A83BD73B9

MD5 8f7843fb1deab41b5f31c82da6fc873b
SHA1 66ed2217d57253848dcbf9c4f4b0a1fb25690d97
SHA256 3ed777501a43fa39d7384f76c356deddd5db9a228bd0ba8ce0fde65c3c206e67
SHA512 931d59027e7c3a1ac73e4e536026c0fbceea2f78919a442bd1f6cb5fa378a2debd488b53d5f3e8586d4e4ec4226a0e7e7676dd8896d548e3e2f64f0f01bc3421

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/63F48F4F7F1BC3195F5AB831F9794F3DBA2D30E1

MD5 dcc175bdb84a668a6ecc480950321fbe
SHA1 0d357b667c9e57555e1d6cdf7aef568c6d250a84
SHA256 fdff9ab2bfd1a61e6905f702116e70a974baadc8010fc678ea27d9d17aa33bf8
SHA512 a4d73473bb251c8336de6c559d272895e0e3b5e48fa00972e7975ec0666275a52a01c2a5170e455550a66d4d0d5ae90386a4987d4f5a49f58ba9f411a0aef854

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

MD5 4c1ae573b8ea0569759ebec02af66b06
SHA1 e03e01c50fb20219e472b516109bd5d5183b83b4
SHA256 eed716ed52d5b735b3cf0bd2cfda5cf98c695eb489963b8a000773d376d9b31e
SHA512 1df122198fc6bdfe5a624dd72d83c2e8d7dfdccb2ee4cd107832352b8607061d2da5a323d14a27d95e91ee397a4178fdb57ecf4084971e88a7cd53496acdbe32

/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite

MD5 e9eaa207cd998001ccb9e553bd9d706a
SHA1 b31558be3f524ae42aa6c8c4c78f90a1632a837f
SHA256 cdcae451e1d9b868b8185679b7927fe4b197f4d89b380584e0d0af50f0f02141
SHA512 2f9b78b87cbb94ec2697b02d3b92e2aa3b4856ed3bfd0704568fc0d761ecccf0ad317041f18afc35a2c63f893290d91e69807401cb5d604f25f4a6b118ed3dc5

/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 19a8d4140aa071206837adc2cf9d1c69
SHA1 4b61d8bbd735f25e563a10822ab3f0981265c038
SHA256 e26efc5e11f9a4d092066813577ffe38c59154070c0fda38ca2ac2aa13dfde0f
SHA512 654b48ae2b65a533f95eb67203ed55c684dd4f2b0caba67117817f41957af01f02eafcab0ecab4502bc4e811b01cd231df88e773ff30736ab9701fb1df701326

/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 0946bdba52dafbc9becc9767534f4525
SHA1 313405833e14a694f2e83902e2e70f2c766698b2
SHA256 735ba8ddec5980f7533a108871d6cfc618c51e1c98486991183c502d2b95f1eb
SHA512 0a68e1eea87178829362584b1fa36af22e5a98cce6232c4841d457f91d72edde453721add00f52d9ce74fa09e4deb6a88b150eb0c08e70fb490e185a2980adc3

/root/.mozilla/firefox/sfu6ctk5.default-release/prefs-1.js

MD5 4b0eebc2cd37039c6c0eca14be5ed5d9
SHA1 c266998dfcc0afd3333351ce69220680a2b3f4e7
SHA256 a8705dd7852e7ff68868e036082bc9f085ca7155041bbf7dd3b54e8c73cc3d9d
SHA512 cdf959e97a2ae14110719c72d899c098d5e737851e4924a1d42847cf80476fadff948de08ee3a4f2eeece690cfc2b06cde0b46c1f9e955feebff2526c13b71e8

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/startupCache/startupCache.8.little

MD5 64a4364617e52a365f58adff22bee61c
SHA1 275f6f6e0168dfcd0a3461c26c1514670ba698ca
SHA256 bed44c2fc01b8411324ba5001d56016daccd784e8e05d6671fce789c254a8289
SHA512 514d829840fe3b8f2615a5d9dab9f84658eba14d924464097923ec6a96ef7c0aee6e05a947246c7d4bf71deb481f13fed1c6f608a4d664355b0cc7e3352181c9

/root/.mozilla/firefox/sfu6ctk5.default-release/datareporting/glean/events/newtab

MD5 43d518dde6a64f502e70414dc510b878
SHA1 c95bf0ece2b2920d92522c92e24fd52890e1ad77
SHA256 57f9de721b0ddf8a22dec1c13c370c17bddf4e37cfca42bd290f09bdfd0103f5
SHA512 7daa73bfd63b5847ba561b68e82ca4e063ae31b552f623e61a845dde3c5256db119236973b86af983e26d8e29f18c67d35d40ab3e2474d5b0d58edfc320a0cdf

/root/.mozilla/firefox/sfu6ctk5.default-release/datareporting/glean/tmp/49f1ffc7-21aa-4bc2-afc7-61726f9e88ef

MD5 799197ebd0af5ddb301c3017cbd306f9
SHA1 32546ad7e4a88373056450356ddb7d39204274e3
SHA256 5e2703fa385568a8cebb015d2ba4057e7c012fef5b9945be7cdce63731a33e66
SHA512 61cdee1586b926aec278e721e5dbf29fbbb3ec26be612069cdfdc882185d01da7dc22c0521af5755412d9edf709406469c2e5c9b730090b86b5ce86f0d61f8be

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/E2E881760F00F0F0C8D09AA7AEF6050169792FC5

MD5 f44c13eaade2113e941707b7c1dc6a39
SHA1 77976a9e522820254c7ce935e9ef8161799750dd
SHA256 7cb61857dc4448a888e7df4ac1eb6d7660ae2b251cb77a5d8af5b40db85b6cd8
SHA512 9084f40a8f35d36dc045b31011632d9b7a66779ee1b2e03276a7539ce12e4787b501cb9257c988be1a2537fe3e8a66a67d628822ac57fac2bf3870c6f1e6102d

/root/.mozilla/firefox/sfu6ctk5.default-release/webappsstore.sqlite

MD5 41c22c9f81a84b1b0e5ee7ec2ff7c545
SHA1 d12424cba9e4e9124bf3f15e556c562b95c9b6a3
SHA256 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f
SHA512 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b

/root/.mozilla/firefox/sfu6ctk5.default-release/prefs-1.js

MD5 b15fbd6225c5fd6f91a7d8125bd6db4e
SHA1 d4a3a164421c0a051eca6bfb1ef7af31434ed260
SHA256 31b433f06828ff5fe77b69ad600545a6a0e2440f5e27ee3d5768c329c17473b7
SHA512 20ea38472cb16ada72edd9c7fbde26538a47073a58d7e488e254c8ada59a8f8346d56eb3d11539a9a625ed14262c14bfd4e66ec7cb35b8c5cfabd3d251cd8697

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/E2E881760F00F0F0C8D09AA7AEF6050169792FC5

MD5 7f3f0dde1e1826a0ed2764086e255391
SHA1 a31fba29fb4b1c37d1ee08ddb77e39a8838804ab
SHA256 8e80592c14e9f1bb46d16bbb712d62f5e85c572823e6af0970697ba814cf0212
SHA512 db8ef764e3fe09df6e5d68a5801fc1ce2cefc80a3124a903c0f9af13a26455401aaf3a9cc1275cadb31226d9c7a6cfb784e6fe9e8b5a6e46a4079c1564e536ca

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/startupCache/urlCache-new.bin

MD5 091effad3cce22e735d014e30a26a1f2
SHA1 a073fa45908e1be185973351cb9cf79d7d7061b8
SHA256 0b0cbe4735eaace90a3415e6d179ddcf6d07e356376650a47aade7a761111f3e
SHA512 e4e644aa19e6b52df9689f73915cf6f9988e4060683b118c7b50903c3813170909b5f42c4f576a3463a420c719c52ec66a156de20931f476052d618fea34f00e

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/startupCache/scriptCache-new.bin

MD5 3463a89d2372a835e3122896616afb89
SHA1 4d40618753e3f957a509391b7d9992537a6b6073
SHA256 bc31985104d8b2224e8b6f38b5af60deb50cad1dce536bfa88bd1a604422136b
SHA512 a21026b0f5b0fdabbd6936f74abe7727841fc01b240a37b3c6fc87ac355a829bf27cefd81a17934c67e50e2432112194a31caa6e6b307f49cf162c5ca827ae73

/root/.cache/mozilla/firefox/sfu6ctk5.default-release/startupCache/scriptCache-child-new.bin

MD5 9202c94af1fd59e4b43efea3e8160f3f
SHA1 6dae4b85d53f9a0a3ad7a3cc36379ef78a20a219
SHA256 3b4c72418b16358712bf34983a4cc7b7560f2716b419e94cacc746294812ef6b
SHA512 8a293628a9e83a183554f779a2c38d7c1a5a1bc6887df35f89cf10d4d3581ed94f4c13b3104c481fbd839d30719265a45de5282d6f046c7f13ef684fa62b020c