Analysis Overview
Threat Level: Shows suspicious behavior
The file https://www.google.com was found to be: Shows suspicious behavior.
Malicious Activity Summary
Changes its process name
Reads user data of web browsers
Checks CPU configuration
Reads CPU attributes
Enumerates kernel/hardware configuration
Reads runtime system information
Writes file to tmp directory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-17 01:56
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-17 01:56
Reported
2024-04-17 02:07
Platform
ubuntu1804-amd64-20240226-en
Max time kernel
22s
Max time network
16s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | glean.dispatche | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cache2 I/O | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Breakpad Server | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Sandbox Forked | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Chroot Helper | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | MainThread | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Process | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Worker Launcher | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Worker Launcher | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gmain | N/A | N/A |
Reads user data of web browsers
| Description | Indicator | Process | Target |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/extensions.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore-backups/recovery.baklz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/pkcs11.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/xulstore.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/cookies.sqlite | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/cookies.sqlite-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/permissions.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/cookies.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/system-extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/AlternateServices.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/temporary | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/default | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/browser-extension-data/[email protected]/storage.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/webappsstore.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/user.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/handlers.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore-backups/recovery.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/key4.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/cert_override.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore-backups/previous.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/addonStartup.json.lz4 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/cert9.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/key4.db-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/compatibility.ini | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/cert9.db | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/prefs.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/extension-preferences.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore-backups/previous.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/cert9.db-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/webappsstore.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/times.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/cert9.db-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore-backups/recovery.bak | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/permissions.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/addons.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/key4.db | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/datareporting/glean/pending_pings/49f1ffc7-21aa-4bc2-afc7-61726f9e88ef | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/ls-archive.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/ls-archive.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/cookies.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/sessionCheckpoints.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore-backups/recovery.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/ClientAuthRememberList.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/webappsstore.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/sessionstore.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/SiteSecurityServiceState.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/sfu6ctk5.default-release/shield-preference-experiments.json | N/A | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | N/A | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/size | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/size | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/online | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor | N/A | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/uevent | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | N/A | N/A |
| File opened for reading | /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/class | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/class | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | N/A | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/self/fd/46 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1620/cmdline | N/A | N/A |
| File opened for reading | /proc/1556/attr/current | N/A | N/A |
| File opened for reading | /proc/self/fd/36 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/47 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1609/cmdline | N/A | N/A |
| File opened for reading | /proc/1659/statm | N/A | N/A |
| File opened for reading | /proc/meminfo | N/A | N/A |
| File opened for reading | /proc/self/task/1549/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/39 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/75 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/40 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/44 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/6 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1547/cmdline | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1605/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/145 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/31 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1624/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/35 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/45 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/51 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal | N/A |
| File opened for reading | /proc/1659/smaps | N/A | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd | N/A |
| File opened for reading | /proc/self/cgroup | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/49 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/151 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/163 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd | N/A | N/A |
| File opened for reading | /proc/self/fd/29 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1586/stat | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd-fuse | N/A |
| File opened for reading | /proc/1629/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/148 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/mountinfo | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-document-portal | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-permission-store | N/A |
| File opened for reading | /proc/self/fd/33 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/34 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal-gtk | N/A |
| File opened for reading | /proc/self/task/1665/stat | N/A | N/A |
| File opened for reading | /proc/mounts | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd/38 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/48 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1688/stat | N/A | N/A |
| File opened for reading | /proc/1556/status | N/A | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/37 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/43 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1600/cmdline | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
Writes file to tmp directory
| Description | Indicator | Process | Target |
| File opened for modification | /tmp/firefox/.parentlock | /usr/lib/firefox/firefox | N/A |
Processes
/usr/bin/firefox
[firefox -new-tab https://www.google.com]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -new-tab https://www.google.com]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/lsb_release
[/usr/bin/lsb_release -idrc]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -parentBuildID 20230522134052 -prefsLen 19257 -prefMapSize 230809 -appDir /usr/lib/firefox/browser {d1a07093-5c37-42f4-844e-a821c335522f} 1547 true socket]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/libexec/xdg-desktop-portal
[/usr/libexec/xdg-desktop-portal]
/usr/libexec/xdg-document-portal
[/usr/libexec/xdg-document-portal]
/usr/libexec/xdg-permission-store
[/usr/libexec/xdg-permission-store]
/usr/libexec/xdg-desktop-portal-gtk
[/usr/libexec/xdg-desktop-portal-gtk]
/usr/lib/gvfs/gvfsd
[/usr/lib/gvfs/gvfsd]
/usr/lib/gvfs/gvfsd-fuse
[/usr/lib/gvfs/gvfsd-fuse /root/.gvfs -f -o big_writes]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 21750 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {a32d8eda-7417-4760-a216-0c99513af91e} 1547 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 21475 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {09bc5610-d9f2-46c3-be43-060098d73453} 1547 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 6 -isForBrowser -prefsLen 27835 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {40e788c5-d580-4c40-af23-b488b1fbeab1} 1547 true tab]
Network
| Country | Destination | Domain | Proto |
| GB | 185.125.188.62:443 | tcp | |
| GB | 185.125.188.62:443 | tcp | |
| US | 151.101.1.91:443 | tcp | |
| US | 151.101.1.91:443 | tcp | |
| US | 151.101.194.49:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 195.181.164.20:443 | tcp | |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| NL | 52.222.139.46:443 | services.addons.mozilla.org | tcp |
| NL | 52.222.139.46:443 | services.addons.mozilla.org | tcp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | locprod2-elb-us-west-2.prod.mozaws.net | udp |
| US | 52.34.56.182:443 | location.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| NL | 216.58.214.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozorg.moz.works | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| GB | 143.204.72.186:443 | www.mozilla.org | tcp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| NL | 216.58.214.4:443 | www.google.com | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | tcp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | ogs.google.com | udp |
| US | 1.1.1.1:53 | ogs.google.com | udp |
| US | 1.1.1.1:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | content-signature-2.cdn.mozilla.net | udp |
| NL | 172.217.23.206:443 | ogs.google.com | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| NL | 172.217.23.206:443 | ogs.google.com | udp |
| US | 1.1.1.1:53 | shavar.services.mozilla.com | udp |
| US | 1.1.1.1:53 | shavar.services.mozilla.com | udp |
| US | 1.1.1.1:53 | push.services.mozilla.com | udp |
| US | 1.1.1.1:53 | push.services.mozilla.com | udp |
| US | 1.1.1.1:53 | shavar.prod.mozaws.net | udp |
| US | 1.1.1.1:53 | autopush.prod.mozaws.net | udp |
| US | 52.10.78.57:443 | shavar.services.mozilla.com | tcp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | incoming.telemetry.mozilla.org | udp |
| US | 1.1.1.1:53 | incoming.telemetry.mozilla.org | udp |
| US | 1.1.1.1:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 34.120.208.123:443 | incoming.telemetry.mozilla.org | tcp |
| US | 1.1.1.1:53 | normandy.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | normandy.cdn.mozilla.net | udp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | fp2e7a.wpc.phicdn.net | udp |
| US | 1.1.1.1:53 | normandy-cdn.services.mozilla.com | udp |
| US | 35.201.103.21:443 | normandy.cdn.mozilla.net | tcp |
| US | 34.107.243.93:443 | push.services.mozilla.com | udp |
| US | 1.1.1.1:53 | classify-client.services.mozilla.com | udp |
| US | 1.1.1.1:53 | classify-client.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod-classifyclient.normandy.prod.cloudops.mozgcp.net | udp |
| US | 34.98.75.36:443 | classify-client.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.208.123:443 | incoming.telemetry.mozilla.org | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
Files
/root/.mozilla/firefox/Crash Reports/InstallTime20230522134052
| MD5 | 3ab18a8c2219e9a166b799da71c4e6d8 |
| SHA1 | 9993149bee66cf6b48ec31056efe487223b7384b |
| SHA256 | e94c02ef39374c9bea2f4f3345649f0a66e9310bca321c69a6f4e576da1ae80a |
| SHA512 | bb044d1600a63e70b48e9c16778e7831a87d6082f9e5814f7a3d54c912e9054b22abfbb57afda167859b6dcdce60f4086b19357bd29ef41388d5a7fa1e3e465e |
/root/.mozilla/firefox/sfu6ctk5.default-release/times.json
| MD5 | 9029f68c8a0718b03b9c9663b344b7b4 |
| SHA1 | 913fd9881a21df6f44cec068ac2d4a3007d18851 |
| SHA256 | b1a94101a80bcca73d6148342842d0684f80a53e5360f71923aefb3db0a2b449 |
| SHA512 | e17586d0b0f12ae0a4efc216635e09a0f8291da5d81d98ee5b48b2302442bfaaf19d7c755c3c08fe49fa809ab6f074141fd0d6cfc8c287c110132e6944b03ca0 |
/root/.mozilla/firefox/installs.ini
| MD5 | 46bb68cd3431b672076c75558250673c |
| SHA1 | 37efb73eae740d3e2375eec2841950562b430fd7 |
| SHA256 | 3201b1062dfa6c95db94a3f3b9e4053f6e7488515296a139ccd446a95d4f5edd |
| SHA512 | 5c75d5cd55ff01710d0697e230089113ab2b93878b3661572143a32627220920ee5b62ea6d4c6207fa4a1a99eb2c7ffcfee44256cc59c93a4c275ccb97bf1a71 |
/root/.mozilla/firefox/profiles.ini
| MD5 | 4abd8a01db327f59a33383f3a3345b58 |
| SHA1 | ea8df3e52ee36e861d020b8466d167312db85629 |
| SHA256 | 565de3e25496a5e451202fe949c424460fae22cba60c90b714cce0db0eb9bbba |
| SHA512 | e6b6ea16f6bf36c14397a6b6b321c73be0c97a182f98d09532acc2a5ff4efba21b9f6496d7adf390e5e4043a070eab6c193025d1777c269bafd9440fef5a6f51 |
/root/.dbus/session-bus/11c67417355f45d397f6be11f62e85a6-0
| MD5 | 81aa4fdf0465685d55de711e89747e95 |
| SHA1 | 3bdb4600c2499c303274aab9b02bbcaa3da4f8ac |
| SHA256 | 2b13d984cba60e07968df73491520d59209677b2fbdffd7505d06e3e5f99b063 |
| SHA512 | 7b3b5e52a7d54ccad9860a5efdb1eb5ec617145116ee69aaab23fa5e36fb295720f337a023282a936427e3108ca0f1598ca29a8b210912db264186657bfffbc5 |
/root/.mozilla/firefox/sfu6ctk5.default-release/compatibility.ini
| MD5 | fe452b7294d5928a9a5863b89ee0a6bd |
| SHA1 | a5d4c245071fa96476ba48b4725bdae7f1b7940f |
| SHA256 | d5bfb07561606a19aa96557ea109b175050dc0eb805cbef9c813503587d77900 |
| SHA512 | dc37d8507f08849e3382d2dbafd4a64555dbd57a288c95131e9aefb366630f1585811a9e1456b861bb9d2b816ed88b18ffb7580cd92b41bb9b0227ce1363843e |
/root/.mozilla/firefox/sfu6ctk5.default-release/cookies.sqlite
| MD5 | 9535f5fe817accc769c2c1d3354db39f |
| SHA1 | 6af62cf08717cf3bfa84eb1a7b311acf522ce560 |
| SHA256 | c53c15fcfac2bb57fdc88d23f932fc244dbaf4020f0f6eaecf0f77a37c21f8c5 |
| SHA512 | dc9c2c32eb42dda0a7a711e143aea58c603c1e9d885c3677e9fe86f525e1b0b32a46e240756263e56510b07e764ba69f2de13b90ec18210678242e10cfe17837 |
/root/.mozilla/firefox/sfu6ctk5.default-release/cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
/root/.mozilla/firefox/sfu6ctk5.default-release/storage/ls-archive.sqlite
| MD5 | e0c613bfd69956a19ce2dc5e925aa223 |
| SHA1 | 14accb230edcd6cb76967cdc6d4e5686db96b5df |
| SHA256 | 0d4cb11f6364c46a75f9eaddfca5c660b90dfd515df3afcd5e0baeca28a0f1ab |
| SHA512 | 01643c0131a392be92b3f281d7f633c1f502bff19090b0d716f1ac66aefecc3fcf92f393bef66b03089c9b9c6d8aaeb711b6a4f29d5a6729dd188c838f2272d1 |
/root/.mozilla/firefox/sfu6ctk5.default-release/storage/ls-archive.sqlite
| MD5 | 178d71e5529d637ac62f7e75fdd75896 |
| SHA1 | 339f2b949cc4c207b66aea11137448ba28d36dcb |
| SHA256 | 7b0050f1bfaab85c8f9067ae7d7369056ff752c0c852ef1462a96c22169004d4 |
| SHA512 | ec0e0105fcfbbae356dd55efbcf92975f35bbe5cb93fcabf4c08443e871957635d14830b27c4e1ddefbbaff8f9b7ec3590bf417a9442e1d7ee3607d14d56f664 |
/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/.metadata-v2-tmp
| MD5 | da03a28c7c7738a7481ac4edc16874b6 |
| SHA1 | 98a797a258fc9422cacdeb2f918273dc22d500fc |
| SHA256 | dede82df4a759768f4a3e1b685ba02fbb4e05d96a94f22df9725d3837d0d50a1 |
| SHA512 | 8210041dcc904524b07b67e97df84187e355fa8e592e69dd8cd7b53ad98545fc05149cd9659b7cdb6e652c951b29c044eb426a4b448e1758d097b834cd3c7b7e |
/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 07a412e08825220262ad2890757ff779 |
| SHA1 | f46c127dbc070ded87a6078b3c1c761955f96de8 |
| SHA256 | da640f8b665841b520d2262a21cc3f82aeaa881cf81a1ddae27ef501d66544e4 |
| SHA512 | 0134c783bf3293848e479b478ac57a1e0f4202cddfb8b57bc6275aada7345f398cf8a627e9b1c34fd618192c2f0c9737b1da487daf33f9c557ebc1377105582b |
/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 04ebc3c603c7a2f6cea59fc2f0df46e7 |
| SHA1 | 95bb9955c0d69c1fef5961281954013421194bf3 |
| SHA256 | e77211601897a7cb41eb61bd34e6a20d520533c18e92ffca40993e283c722a8a |
| SHA512 | 111bf18d1243b6a85c774fd9ec6dab5e678d2d75408dae3ee28ff725a5fe397e80430189ccc58dd1e2f100de99d9056070f2faaf6c45ea34d9ea27a7bf2c5cf2 |
/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 8eed5eb235f373b7693b9dfc48036d85 |
| SHA1 | 0126842fb72a2ffcf7aefcc8a631b7855f33197f |
| SHA256 | 56de7862b5536ef3b44a7f44bd971d241a6168b2b3785af9bec53eeba571111f |
| SHA512 | b19a67dc3b4466e075d5add90bcf84ecc716160a135ca7779e3ca639a50a5c6b12e2c7f3ce3220dad58d30d5016697cb0f25e295abbe12a9fc31ba8308ea9536 |
/root/.cache/dconf/user
| MD5 | c4103f122d27677c9db144cae1394a66 |
| SHA1 | 1489f923c4dca729178b3e3233458550d8dddf29 |
| SHA256 | 96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7 |
| SHA512 | 5ea71dc6d0b4f57bf39aadd07c208c35f06cd2bac5fde210397f70de11d439c62ec1cdf3183758865fd387fcea0bada2f6c37a4a17851dd1d78fefe6f204ee54 |
/root/.mozilla/firefox/sfu6ctk5.default-release/prefs.js
| MD5 | eb48732f57763baf1a4046f97ab8469a |
| SHA1 | 57363965f36d473c2079a26cdb508fbdc4c0dcfc |
| SHA256 | e02e0c35c51d290e9cd35a6893ad4e8d3a4c35f3efd73c426e28625ff833b70c |
| SHA512 | 278bbf5c479878b171d40e903a7fc2bc83866b09a89d2f42d3c3cdb3729ba0a4bd46246f9681de16d277e2339820a92240b42c38fb469c039072f503a57a1834 |
/root/.mozilla/firefox/sfu6ctk5.default-release/permissions.sqlite
| MD5 | 835af78ddf11d38893a9043927dce67b |
| SHA1 | 21dcdf977e65bda2399db4744697a585522af33a |
| SHA256 | 8ac1dabbc3e38c92e7e16627f884dd0d0f37dafa20c5a5877c64f9c0468bd47d |
| SHA512 | 5e3339db3aaeac6964ef44a61e6dbd8e5f41ee12c11bdaa44467ed03773ca1510e6c808e1f306542a42bd27de0268841890426cba5b80220da89637bd54f29f1 |
/root/.mozilla/firefox/sfu6ctk5.default-release/prefs-1.js
| MD5 | 01fc3bd93315ac99fc329778a7ea933e |
| SHA1 | b0bf9c7408fd1c109364ed41810ab93b2d180867 |
| SHA256 | 5a34185aceb67920369fa2e28c9fd3b88c9a20e9e887ca682dc90c89e8256bf4 |
| SHA512 | 481405ea95ee8727f06cbf10bed6061c6021063134c2a7e66b6c58de48af2284c0d66acd64c360883504886eb6e6b6abaf2cdd85898a5aa1673c85f68afd9722 |
/root/.mozilla/firefox/sfu6ctk5.default-release/times.json
| MD5 | e38bc8275bef308d8ed3847512de3b54 |
| SHA1 | fed4ffbd695595bc74e8c19d74370457c40c1013 |
| SHA256 | f7ee12adb50d89ca17cdc256e05c441ba0b2afa62c70b7e159461af40634f899 |
| SHA512 | c7f57fb09ce4fb892310817bb533d07fe7be77c170319b10f7703eea2f302e811328f0afd4ddaf94c2f331dbc8ac51227fc7413f7d3cd387691d15dabc91b3c4 |
/root/.mozilla/firefox/sfu6ctk5.default-release/cert9.db
| MD5 | 872e36f661923458c473a73a9414e26e |
| SHA1 | 465eb1573078c89b3e0dadf59b174c4a50ac18e2 |
| SHA256 | 9948ab73b2aba44ed2efb202ac52ad45c387a2560bddc863127cc5e44ba23dfc |
| SHA512 | fbbf9218df9d724d285e55d3bcf28699c15219250ecd5529d4a1b721c6e91e68007cb6bfa06da8ce6f8757c39684d575bf79f663d868f027b19bcbadbfbf6482 |
/root/.mozilla/firefox/sfu6ctk5.default-release/key4.db
| MD5 | 9d1cdb33b4b93aaf2d6a4fd314661f79 |
| SHA1 | 53eaf063cc4b5dbe29c55bfe2e5c837286511ca3 |
| SHA256 | 39c922f5e74f17f2ca269d478c85adf9b493e06ae5e885b8f1a6ca174040ca61 |
| SHA512 | 932de2c3820e36d55a5ab6cc22a7c8dcdca4595900ad2c88e02e817b68353780c908dab2c8fed44e63dcb220b61b13cfcfb126c6c34eec2e26e542e80b054079 |
/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | 759544297aaa61f5fef8ee42d0ae4393 |
| SHA1 | fc2d66f6e60409e3e8d38623ce5f817fc7f571e0 |
| SHA256 | 1bd2000cd972e80cefaec6e982ba261d224a818f367de0fdf8c51fa5a05d7ab5 |
| SHA512 | 8aaa2ce66f10d46f7c9200af841ac7bd9f5b55c30308a14f0deda44ac62581c45daae45154487c0073a0d5847d5926cbb4072ca64a702ac6b834ad0bb482804f |
/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | 4527adac4b57739673e3ab989322233a |
| SHA1 | 6b9f4744344f28eeb3843cf72fcc8698d2685590 |
| SHA256 | 5a069dbd36f055550ecbf347eeeafdb4d9adb973afe2f3d32f6756cb8466c470 |
| SHA512 | cab9c130bbe0fa000f3a6ec3791fc3dac74e340eef78e34a654ae46410077f5872e0ad206fad40f4a6731fe016b5ff6eed8e782e65fd14b2db1f8ead79d138ff |
/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | dd3f6ba37c670af5953593535e435d04 |
| SHA1 | ecfe4e650a050bce77e8ff7468de04c1b8acc9a4 |
| SHA256 | 5cc6fa137a1f3a7d0b615b178877f12c460b22f95702eb7534d5732ee6599561 |
| SHA512 | 86e0482543faae6fb279ca71e1e6d6461d32317e74baebb3973e0fde9800107faeb9c2347be6cf8a47556ae43c8e6c224a595e952f621e40ad2c5eba920df2b3 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F
| MD5 | d52e4664953741690f3522dd0135c2aa |
| SHA1 | 59f31d7f29ddd57a6528685ff34d273f03fecb11 |
| SHA256 | 67a52264faa68c6e69f613f68da8beec11165316f952fb1c33599ab33da5f634 |
| SHA512 | f78015347dc307ab50f0a42c6adb94c0f1ca61e43e33fe38f7743d217a552d9532dbe70fcec22f159bbb47e4d20f45bf4a24d5602f43e7dad809a13e26e4585f |
/root/.mozilla/firefox/sfu6ctk5.default-release/cert9.db
| MD5 | 493490d74cf808fff5d8b2cc0d698a43 |
| SHA1 | 00829524acbdabbf680fe82de4809596cc447536 |
| SHA256 | be52c3f029f2d314d41f7ecb61a44c6644e4acbad0dce8231d55d9810d179671 |
| SHA512 | c9f8322826eb245f2152673be320858463967994b3331625c7a54fe794ac47976453f3c396be9c28bc26b69dffb130ac284fae04a7a0889bf68b2208ea23c023 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/A8743ACDA513FF27A72604EA39BAAE662138F0B9
| MD5 | 49ce2d3c63efaad809becdf0e7707ac1 |
| SHA1 | 280b96e8ddcf6f9f0557d8e8656c05919b98de01 |
| SHA256 | 8a2b0c703fdd6a6ea90967fa76695372b7ca532c7864c4303ac9c709aa4c4d49 |
| SHA512 | cd943e56dc03af38f5b94abe2baf33616898930f7f0b2a8fb0b0450df9082478daf23398bd8064a7db289bd3221012fba9512cbf9437cea09ea6c8cd24534723 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/D154E1CD66DAEBBC055D1D367858E65F2CC266C5
| MD5 | a24bf209937b702ba40767f53f0f0bfb |
| SHA1 | ceafcc3e49886ea75c3aad06828ec7a11aa36b8b |
| SHA256 | 32e51c399db258e3fe0ceb68a075b53ba8e61c23f1e0f8af9a6a4b5ee9b5837d |
| SHA512 | a99ec9181902925f400badef3a326915815d31eb2e4e73a2b5242c320b9986ffd1fa03ae7e21b2032589d3872d71a46ed69022d6551140dbdf7a9ef08d6d2ca0 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/3F5BD2A3838305545BAF11838A20DDE8D3F6CABE
| MD5 | a510802df839c592c9a89f12ca5bdcfb |
| SHA1 | ce8a2e6dbb2e352dea895947e5d58c07b25a3eec |
| SHA256 | e0cc79ea0b2381f5c94e43731f70bd2e74fd6aca0c08ae52c08b61ba476adc0b |
| SHA512 | 04228fd30e2409e8ad4e21fcece97d54245a08bd720e373d7525d868f9fcbea16c64e29d62f00ddb50f3843287da5527831dad3bf41693370c7ada2f6a1107aa |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/6762E24BB9F66A6430B9C774503510453B4EBA21
| MD5 | d141c88956ee06ac10133c249e387a29 |
| SHA1 | 2fe34c8909c6d7ca5a3a972b6351ffa735bb0c12 |
| SHA256 | 348ee7a4abd81985f2d1d2be56c805ba9978dc5a9c9d46a6de4d70db43700000 |
| SHA512 | 05ec78c209316cc6c1c7fe683082e9646a54d8f06b8a87dbc0ca20b1c59d9a3bd44053427c9d75a3739006168d22ec5fdeaaf568918319ccdb94c740dacbbc51 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/7DB3359FF1AE28D679D8DE03A74F2C06BC18D50B
| MD5 | 4b2062139c729f43a05200410ef680b2 |
| SHA1 | d7e7d7281e909a932f2798d6fbfcd3f486a74c0b |
| SHA256 | bbe94a3b5f68b5110aa72b357d1bf8f99395fd25dacffcb652afd998d194e5c2 |
| SHA512 | fe38f4c89e1048e2e94ef66b15e4b6c37502952a0921dbc26ee2a1f2592d7cd60c24739809d8f6c58ac9dc8fc32ab871d0db61a8c689214082008df37fdeef7f |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/58FA4C93D2C2293EB9F0554BA83740A06674316F
| MD5 | d6a9182902e82c943ca71a6caad2d689 |
| SHA1 | b8e182e8d84d1a1534ffc55525b6b03d8bc9e019 |
| SHA256 | 200d4164a6e4736ee839dbf98c4d41662e510633231b6363789d205690cec058 |
| SHA512 | f5b7615e2f689ef272af2d95deb07ce329dec8e89c4964915e1dcbcc1f8c72451973a37b729f45cd21d57aa60647e7d0128fd0541e389e3ebacb3d5a6291bdf7 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/D8EF12DD3F5A0B350AEDF5A0EBB7935D12C12CE3
| MD5 | 56301c534221c78a39fb60917b84b58e |
| SHA1 | 7873c9e655a7cbfcc05eaf0355d521041141f7b0 |
| SHA256 | 018ed97c8a83c16c913ff3713a7650dec959085dce1be3059cb5450b75d99a51 |
| SHA512 | 94caad97875890e9ea2728e7c58f8040b5598f548a42f4a55c056f0abfd2b8ce0c9330afe856f885c9fadf7ba6a240ba3f5cc127814cb1c408f9c5309d389227 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/109D080055C1548CE320A422FD98DA1D5E1A5BC8
| MD5 | 6b523d1f1bab29360ee762404e927de7 |
| SHA1 | 4c862ad7019274ea088b80c27c4eaa8c29d7f0ce |
| SHA256 | dfdc25c5329de3e60990c9648f1f430f0c53a651900742f95fc09c4a0d7f9882 |
| SHA512 | d4fd83383390a44694aab0291806f7a1a80899111b82a1d057445041e0569fed98197dbf88e08db6e3e4bbf28f58e7f5d2f24b1f520a7f9b102d3510e1b3d3f9 |
/root/.mozilla/firefox/sfu6ctk5.default-release/prefs-1.js
| MD5 | bab84ecbc4f4156bb7a90de3e32cfb5e |
| SHA1 | 34de18d221f6842beb0777706525442ba5ef3f72 |
| SHA256 | 44311909a919b82eac0590e9fead49b15161827c73f733663cbbf7704cf10d56 |
| SHA512 | 5ab4a5efb281874682ea22481da29f239a4fce25a53a3533022ab6580e08d7dc8c2f497196af00289f4181f4aef261925ccd046d68feb7cf56ccae27736c5e36 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/B6F59826B025251E088E4743F506708A83BD73B9
| MD5 | 8f7843fb1deab41b5f31c82da6fc873b |
| SHA1 | 66ed2217d57253848dcbf9c4f4b0a1fb25690d97 |
| SHA256 | 3ed777501a43fa39d7384f76c356deddd5db9a228bd0ba8ce0fde65c3c206e67 |
| SHA512 | 931d59027e7c3a1ac73e4e536026c0fbceea2f78919a442bd1f6cb5fa378a2debd488b53d5f3e8586d4e4ec4226a0e7e7676dd8896d548e3e2f64f0f01bc3421 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/63F48F4F7F1BC3195F5AB831F9794F3DBA2D30E1
| MD5 | dcc175bdb84a668a6ecc480950321fbe |
| SHA1 | 0d357b667c9e57555e1d6cdf7aef568c6d250a84 |
| SHA256 | fdff9ab2bfd1a61e6905f702116e70a974baadc8010fc678ea27d9d17aa33bf8 |
| SHA512 | a4d73473bb251c8336de6c559d272895e0e3b5e48fa00972e7975ec0666275a52a01c2a5170e455550a66d4d0d5ae90386a4987d4f5a49f58ba9f411a0aef854 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C
| MD5 | 4c1ae573b8ea0569759ebec02af66b06 |
| SHA1 | e03e01c50fb20219e472b516109bd5d5183b83b4 |
| SHA256 | eed716ed52d5b735b3cf0bd2cfda5cf98c695eb489963b8a000773d376d9b31e |
| SHA512 | 1df122198fc6bdfe5a624dd72d83c2e8d7dfdccb2ee4cd107832352b8607061d2da5a323d14a27d95e91ee397a4178fdb57ecf4084971e88a7cd53496acdbe32 |
/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite
| MD5 | e9eaa207cd998001ccb9e553bd9d706a |
| SHA1 | b31558be3f524ae42aa6c8c4c78f90a1632a837f |
| SHA256 | cdcae451e1d9b868b8185679b7927fe4b197f4d89b380584e0d0af50f0f02141 |
| SHA512 | 2f9b78b87cbb94ec2697b02d3b92e2aa3b4856ed3bfd0704568fc0d761ecccf0ad317041f18afc35a2c63f893290d91e69807401cb5d604f25f4a6b118ed3dc5 |
/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 19a8d4140aa071206837adc2cf9d1c69 |
| SHA1 | 4b61d8bbd735f25e563a10822ab3f0981265c038 |
| SHA256 | e26efc5e11f9a4d092066813577ffe38c59154070c0fda38ca2ac2aa13dfde0f |
| SHA512 | 654b48ae2b65a533f95eb67203ed55c684dd4f2b0caba67117817f41957af01f02eafcab0ecab4502bc4e811b01cd231df88e773ff30736ab9701fb1df701326 |
/root/.mozilla/firefox/sfu6ctk5.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 0946bdba52dafbc9becc9767534f4525 |
| SHA1 | 313405833e14a694f2e83902e2e70f2c766698b2 |
| SHA256 | 735ba8ddec5980f7533a108871d6cfc618c51e1c98486991183c502d2b95f1eb |
| SHA512 | 0a68e1eea87178829362584b1fa36af22e5a98cce6232c4841d457f91d72edde453721add00f52d9ce74fa09e4deb6a88b150eb0c08e70fb490e185a2980adc3 |
/root/.mozilla/firefox/sfu6ctk5.default-release/prefs-1.js
| MD5 | 4b0eebc2cd37039c6c0eca14be5ed5d9 |
| SHA1 | c266998dfcc0afd3333351ce69220680a2b3f4e7 |
| SHA256 | a8705dd7852e7ff68868e036082bc9f085ca7155041bbf7dd3b54e8c73cc3d9d |
| SHA512 | cdf959e97a2ae14110719c72d899c098d5e737851e4924a1d42847cf80476fadff948de08ee3a4f2eeece690cfc2b06cde0b46c1f9e955feebff2526c13b71e8 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/startupCache/startupCache.8.little
| MD5 | 64a4364617e52a365f58adff22bee61c |
| SHA1 | 275f6f6e0168dfcd0a3461c26c1514670ba698ca |
| SHA256 | bed44c2fc01b8411324ba5001d56016daccd784e8e05d6671fce789c254a8289 |
| SHA512 | 514d829840fe3b8f2615a5d9dab9f84658eba14d924464097923ec6a96ef7c0aee6e05a947246c7d4bf71deb481f13fed1c6f608a4d664355b0cc7e3352181c9 |
/root/.mozilla/firefox/sfu6ctk5.default-release/datareporting/glean/events/newtab
| MD5 | 43d518dde6a64f502e70414dc510b878 |
| SHA1 | c95bf0ece2b2920d92522c92e24fd52890e1ad77 |
| SHA256 | 57f9de721b0ddf8a22dec1c13c370c17bddf4e37cfca42bd290f09bdfd0103f5 |
| SHA512 | 7daa73bfd63b5847ba561b68e82ca4e063ae31b552f623e61a845dde3c5256db119236973b86af983e26d8e29f18c67d35d40ab3e2474d5b0d58edfc320a0cdf |
/root/.mozilla/firefox/sfu6ctk5.default-release/datareporting/glean/tmp/49f1ffc7-21aa-4bc2-afc7-61726f9e88ef
| MD5 | 799197ebd0af5ddb301c3017cbd306f9 |
| SHA1 | 32546ad7e4a88373056450356ddb7d39204274e3 |
| SHA256 | 5e2703fa385568a8cebb015d2ba4057e7c012fef5b9945be7cdce63731a33e66 |
| SHA512 | 61cdee1586b926aec278e721e5dbf29fbbb3ec26be612069cdfdc882185d01da7dc22c0521af5755412d9edf709406469c2e5c9b730090b86b5ce86f0d61f8be |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/E2E881760F00F0F0C8D09AA7AEF6050169792FC5
| MD5 | f44c13eaade2113e941707b7c1dc6a39 |
| SHA1 | 77976a9e522820254c7ce935e9ef8161799750dd |
| SHA256 | 7cb61857dc4448a888e7df4ac1eb6d7660ae2b251cb77a5d8af5b40db85b6cd8 |
| SHA512 | 9084f40a8f35d36dc045b31011632d9b7a66779ee1b2e03276a7539ce12e4787b501cb9257c988be1a2537fe3e8a66a67d628822ac57fac2bf3870c6f1e6102d |
/root/.mozilla/firefox/sfu6ctk5.default-release/webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
/root/.mozilla/firefox/sfu6ctk5.default-release/prefs-1.js
| MD5 | b15fbd6225c5fd6f91a7d8125bd6db4e |
| SHA1 | d4a3a164421c0a051eca6bfb1ef7af31434ed260 |
| SHA256 | 31b433f06828ff5fe77b69ad600545a6a0e2440f5e27ee3d5768c329c17473b7 |
| SHA512 | 20ea38472cb16ada72edd9c7fbde26538a47073a58d7e488e254c8ada59a8f8346d56eb3d11539a9a625ed14262c14bfd4e66ec7cb35b8c5cfabd3d251cd8697 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/cache2/entries/E2E881760F00F0F0C8D09AA7AEF6050169792FC5
| MD5 | 7f3f0dde1e1826a0ed2764086e255391 |
| SHA1 | a31fba29fb4b1c37d1ee08ddb77e39a8838804ab |
| SHA256 | 8e80592c14e9f1bb46d16bbb712d62f5e85c572823e6af0970697ba814cf0212 |
| SHA512 | db8ef764e3fe09df6e5d68a5801fc1ce2cefc80a3124a903c0f9af13a26455401aaf3a9cc1275cadb31226d9c7a6cfb784e6fe9e8b5a6e46a4079c1564e536ca |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/startupCache/urlCache-new.bin
| MD5 | 091effad3cce22e735d014e30a26a1f2 |
| SHA1 | a073fa45908e1be185973351cb9cf79d7d7061b8 |
| SHA256 | 0b0cbe4735eaace90a3415e6d179ddcf6d07e356376650a47aade7a761111f3e |
| SHA512 | e4e644aa19e6b52df9689f73915cf6f9988e4060683b118c7b50903c3813170909b5f42c4f576a3463a420c719c52ec66a156de20931f476052d618fea34f00e |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/startupCache/scriptCache-new.bin
| MD5 | 3463a89d2372a835e3122896616afb89 |
| SHA1 | 4d40618753e3f957a509391b7d9992537a6b6073 |
| SHA256 | bc31985104d8b2224e8b6f38b5af60deb50cad1dce536bfa88bd1a604422136b |
| SHA512 | a21026b0f5b0fdabbd6936f74abe7727841fc01b240a37b3c6fc87ac355a829bf27cefd81a17934c67e50e2432112194a31caa6e6b307f49cf162c5ca827ae73 |
/root/.cache/mozilla/firefox/sfu6ctk5.default-release/startupCache/scriptCache-child-new.bin
| MD5 | 9202c94af1fd59e4b43efea3e8160f3f |
| SHA1 | 6dae4b85d53f9a0a3ad7a3cc36379ef78a20a219 |
| SHA256 | 3b4c72418b16358712bf34983a4cc7b7560f2716b419e94cacc746294812ef6b |
| SHA512 | 8a293628a9e83a183554f779a2c38d7c1a5a1bc6887df35f89cf10d4d3581ed94f4c13b3104c481fbd839d30719265a45de5282d6f046c7f13ef684fa62b020c |