Analysis Overview
Threat Level: Shows suspicious behavior
The file https://www.google.com was found to be: Shows suspicious behavior.
Malicious Activity Summary
Changes its process name
Reads user data of web browsers
Reads CPU attributes
Checks CPU configuration
Enumerates kernel/hardware configuration
Reads runtime system information
Writes file to tmp directory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-17 02:57
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-17 02:57
Reported
2024-04-17 02:57
Platform
ubuntu1804-amd64-20240226-en
Max time kernel
3s
Max time network
7s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | glean.dispatche | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cache2 I/O | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Breakpad Server | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Sandbox Forked | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Chroot Helper | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | MainThread | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | FSBroker1625 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | FSBroker1625 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Process | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | ProfilerChild | N/A | N/A |
Reads user data of web browsers
| Description | Indicator | Process | Target |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/search.json.mozlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/favicons.sqlite | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/cert9.db | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/content-prefs.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/places.sqlite-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/extension-preferences.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/ls-archive.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/pkcs11.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/SiteSecurityServiceState.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/protections.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/favicons.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/permissions.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/sessionstore-backups/recovery.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/shield-preference-experiments.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/xulstore.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/places.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/system-extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/sessionstore.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/key4.db-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/prefs.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/ExperimentStoreData.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/favicons.sqlite-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/default | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/places.sqlite | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/cookies.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/places.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/extensions.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/times.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/sessionstore.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/key4.db | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/favicons.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/thumbnails | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/places.sqlite-wal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/sessionCheckpoints.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/permissions.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/cert_override.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/sessionstore-backups/previous.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/cert9.db-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/cookies.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/ls-archive.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/key4.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/AlternateServices.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/sessionstore-backups/recovery.baklz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/temporary | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/handlers.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/addons.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/content-prefs.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/user.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/cookies.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/zio5au8y.default-release/addonStartup.json.lz4 | /usr/lib/firefox/firefox | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | N/A | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/size | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/online | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/size | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | N/A | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/class | N/A | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/uevent | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_device | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/resource | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu | N/A | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1601/attr/current | N/A | N/A |
| File opened for reading | /proc/self/cgroup | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1707/stat | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1723/smaps | N/A | N/A |
| File opened for reading | /proc/1589/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/41 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1644/cmdline | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd-fuse | N/A |
| File opened for reading | /proc/self/fd/51 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/34 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1753/stat | N/A | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | N/A | N/A |
| File opened for reading | /proc/1601/status | N/A | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/45 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/46 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1701/smaps | N/A | N/A |
| File opened for reading | /proc/self/task/1771/stat | N/A | N/A |
| File opened for reading | /proc/1767/statm | N/A | N/A |
| File opened for reading | /proc/self/fd | N/A | N/A |
| File opened for reading | /proc/self/fd/31 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/37 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/40 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/74 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd | N/A |
| File opened for reading | /proc/1673/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/111 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/76 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/49 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-document-portal | N/A |
| File opened for reading | /proc/self/fd/44 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1664/cmdline | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal-gtk | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1730/stat | N/A | N/A |
| File opened for reading | /proc/self/task/1591/stat | N/A | N/A |
| File opened for reading | /proc/self/fd/35 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/43 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1632/stat | N/A | N/A |
| File opened for reading | /proc/1649/cmdline | N/A | N/A |
| File opened for reading | /proc/1701/statm | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal | N/A |
| File opened for reading | /proc/1750/statm | N/A | N/A |
| File opened for reading | /proc/self/fd/107 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/29 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/75 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/mounts | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1767/smaps | N/A | N/A |
| File opened for reading | /proc/self/fd/50 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1723/statm | N/A | N/A |
| File opened for reading | /proc/1653/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/6 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
Writes file to tmp directory
| Description | Indicator | Process | Target |
| File opened for modification | /tmp/firefox/.parentlock | /usr/lib/firefox/firefox | N/A |
Processes
/usr/bin/firefox
[firefox -new-tab https://www.google.com]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -new-tab https://www.google.com]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/lsb_release
[/usr/bin/lsb_release -idrc]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -parentBuildID 20230522134052 -prefsLen 19257 -prefMapSize 230809 -appDir /usr/lib/firefox/browser {9c7cee36-43de-4132-befb-35d5ef4bea5c} 1589 true socket]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/libexec/xdg-desktop-portal
[/usr/libexec/xdg-desktop-portal]
/usr/libexec/xdg-document-portal
[/usr/libexec/xdg-document-portal]
/usr/libexec/xdg-permission-store
[/usr/libexec/xdg-permission-store]
/usr/libexec/xdg-desktop-portal-gtk
[/usr/libexec/xdg-desktop-portal-gtk]
/usr/lib/gvfs/gvfsd
[/usr/lib/gvfs/gvfsd]
/usr/lib/gvfs/gvfsd-fuse
[/usr/lib/gvfs/gvfsd-fuse /root/.gvfs -f -o big_writes]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 21750 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {5977e67e-cf1a-42f0-9403-4e663c6fb168} 1589 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 21475 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {babbd61c-a620-4bc2-bd97-8a675c52b13a} 1589 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 21824 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {43ecc707-125f-482f-8cd6-700a2147c69c} 1589 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 27881 -prefMapSize 230809 -jsInitLen 238780 -parentBuildID 20230522134052 -appDir /usr/lib/firefox/browser {06b0ebf1-f99c-4b41-a79d-769b770e57ac} 1589 true tab]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| NL | 52.222.139.68:443 | services.addons.mozilla.org | tcp |
| NL | 52.222.139.68:443 | services.addons.mozilla.org | tcp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | locprod2-elb-us-west-2.prod.mozaws.net | udp |
| US | 52.34.56.182:443 | location.services.mozilla.com | tcp |
| US | 151.101.194.49:443 | tcp | |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| NL | 142.251.36.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 1.1.1.1:53 | www.mozorg.moz.works | udp |
| NL | 18.239.17.158:443 | www.mozilla.org | tcp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| NL | 142.251.36.4:443 | www.google.com | udp |
| US | 151.101.129.91:443 | tcp | |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | tcp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| GB | 195.181.164.18:443 | tcp | |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
Files
/root/.mozilla/firefox/Crash Reports/InstallTime20230522134052
| MD5 | b80330e530ca0b70a637e2ceb81575e2 |
| SHA1 | 1320d13b8ad1480624fbb1465c2a7f911f3c897d |
| SHA256 | 429756c13dfe3b8bd3d081c285e63dd4d069b1b7f2da715a39118055301c880b |
| SHA512 | f6318edce1eee2fc546afdb05ac451574682dbab76aa44b026b8ef1d21d2c0bc6bd6e58a610e18070b68910e90b37ec981cf722bf025d1c7a01052c8089a7063 |
/root/.mozilla/firefox/zio5au8y.default-release/times.json
| MD5 | cb9f64ee412187a9d950b3e44dcd85f5 |
| SHA1 | 41b8712000dd708258370fb5034085e7ffd66dbf |
| SHA256 | dc391c36ba106403f85841f3b2824c12af69e35fe2c699ad9a1b69cba8890405 |
| SHA512 | b9efde134d39f31329b2df41f114f496fedfb7d3b31790ae47fe38227120df2c528c5963b6c36b085d48b26b11ca0bee350bdda980d8f289c0a767c645fce2f3 |
/root/.mozilla/firefox/installs.ini
| MD5 | 7a08574c9169ae40a9fdc4d68b3439b9 |
| SHA1 | c0116a0780441261976f2a885c5cfc191e9a0f02 |
| SHA256 | c613066fb6b6019d5768cc2ed3fdef288bc5e5c56ab4b443b2f9a023dce7d9bf |
| SHA512 | 66854d075ce9d01dd4c5d1a7147a7ab2b9c0f82adc9fa72e5108a07d41e8d083e3393da4ea7028a0c06afbef3a16aca0e9a18656062fd5e227ab728b9afc76c6 |
/root/.mozilla/firefox/profiles.ini
| MD5 | 0a9c96fd4b3dd0a9cfb498b96cb42a96 |
| SHA1 | deabfb72816d1b272ebeed614f7b0d22aa7be6e8 |
| SHA256 | 2fcb61216f01aaf4d13bb47475319b2eb382dbe8e635bded8fe9fd972e8a3286 |
| SHA512 | fdfc685ec3c3a6633afbcdddcfb2673d6c9eea05d9f1eb27d62d9c5daee0c943f84a940efe71bcad0e275834c2df6ef62f67079237e5951cc88d073cc2d9311e |
/root/.dbus/session-bus/11c67417355f45d397f6be11f62e85a6-0
| MD5 | 9c70fa169fdaa85fa9afeb60f296a968 |
| SHA1 | f6d1ced3627c6a2a03a5fc5a342e9aceedf8c5b6 |
| SHA256 | b4df7eaa111219fb8d2fcab0f071a66d48295791aa59fa3bc552b8ebfb5f460f |
| SHA512 | 8a067bea5e42ce8252229c4f0438664da224cd819dedc413a991c2ba24f290bd784bd1d64b1ad5d611b6cc731032e2902f4d4a49efa4db5e87833e09173fa196 |
/root/.mozilla/firefox/zio5au8y.default-release/compatibility.ini
| MD5 | fe452b7294d5928a9a5863b89ee0a6bd |
| SHA1 | a5d4c245071fa96476ba48b4725bdae7f1b7940f |
| SHA256 | d5bfb07561606a19aa96557ea109b175050dc0eb805cbef9c813503587d77900 |
| SHA512 | dc37d8507f08849e3382d2dbafd4a64555dbd57a288c95131e9aefb366630f1585811a9e1456b861bb9d2b816ed88b18ffb7580cd92b41bb9b0227ce1363843e |
/root/.mozilla/firefox/zio5au8y.default-release/cookies.sqlite
| MD5 | 9535f5fe817accc769c2c1d3354db39f |
| SHA1 | 6af62cf08717cf3bfa84eb1a7b311acf522ce560 |
| SHA256 | c53c15fcfac2bb57fdc88d23f932fc244dbaf4020f0f6eaecf0f77a37c21f8c5 |
| SHA512 | dc9c2c32eb42dda0a7a711e143aea58c603c1e9d885c3677e9fe86f525e1b0b32a46e240756263e56510b07e764ba69f2de13b90ec18210678242e10cfe17837 |
/root/.mozilla/firefox/zio5au8y.default-release/cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
/root/.mozilla/firefox/zio5au8y.default-release/storage/ls-archive.sqlite
| MD5 | e0c613bfd69956a19ce2dc5e925aa223 |
| SHA1 | 14accb230edcd6cb76967cdc6d4e5686db96b5df |
| SHA256 | 0d4cb11f6364c46a75f9eaddfca5c660b90dfd515df3afcd5e0baeca28a0f1ab |
| SHA512 | 01643c0131a392be92b3f281d7f633c1f502bff19090b0d716f1ac66aefecc3fcf92f393bef66b03089c9b9c6d8aaeb711b6a4f29d5a6729dd188c838f2272d1 |
/root/.mozilla/firefox/zio5au8y.default-release/storage/ls-archive.sqlite
| MD5 | 178d71e5529d637ac62f7e75fdd75896 |
| SHA1 | 339f2b949cc4c207b66aea11137448ba28d36dcb |
| SHA256 | 7b0050f1bfaab85c8f9067ae7d7369056ff752c0c852ef1462a96c22169004d4 |
| SHA512 | ec0e0105fcfbbae356dd55efbcf92975f35bbe5cb93fcabf4c08443e871957635d14830b27c4e1ddefbbaff8f9b7ec3590bf417a9442e1d7ee3607d14d56f664 |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/.metadata-v2-tmp
| MD5 | 332bf76609130a6d680918664539f2f3 |
| SHA1 | 007ca59994c228c910d6530990b587ec9cf794b0 |
| SHA256 | 1c721c01d2e1dd8163d2679a229ff14850ea6eb2bf1305410a5ee8ef2e65e8b8 |
| SHA512 | 5487368a8dbbe7ab36f42d97ae45e416b9b14c2206ac8279f76a419793e17ac0f06e259e415371978d3c54eb0e00ec392e671e58571613cb7bb904bcfa44f883 |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 07a412e08825220262ad2890757ff779 |
| SHA1 | f46c127dbc070ded87a6078b3c1c761955f96de8 |
| SHA256 | da640f8b665841b520d2262a21cc3f82aeaa881cf81a1ddae27ef501d66544e4 |
| SHA512 | 0134c783bf3293848e479b478ac57a1e0f4202cddfb8b57bc6275aada7345f398cf8a627e9b1c34fd618192c2f0c9737b1da487daf33f9c557ebc1377105582b |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | f8122b2f8898340a22059158c3f8b815 |
| SHA1 | 415b65dae773c7faefeaceaf66cad309d14a17fb |
| SHA256 | 9c953987fda4d76ef39723ddc8f177cce1d22d4197fa2ee50bbb244be6880822 |
| SHA512 | 3c5528932db2bbb21fc6dc4d7d9d7a92b4d8e46a7d2efa368f3e09336264d4d5950c42583b17bfce93957f1845540e4c58f0fcea6d9a751f69889e05b43ac7b1 |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | db4e61a986f02e6b30418a15a890ff9d |
| SHA1 | 1976c594382b08be0ecb269152c5e11769912241 |
| SHA256 | d23945577913d3ef76e8e2e9b29ffe503356fb4aa8a8e483261038e862583511 |
| SHA512 | 02e1c4cd7b8485e6ffb6aa7db5e5df0b48f86c4280fc45a9b8d0e2a090e3465bb09c56134f85cf9c9fb2f2bd978953b8172c174d4c828b02a7905cba58f24570 |
/root/.mozilla/firefox/zio5au8y.default-release/prefs.js
| MD5 | b506d742c5adb6b4da1cfba1951272b9 |
| SHA1 | 6b0102e2ee89c8f446660bc8182914b79f7ee57b |
| SHA256 | 584f88d88dd6b48a9b17733d115d964345fbca21366094f91557b9516c1811a1 |
| SHA512 | 596f8343d1fd8d813c91191eda8e66069a7d71b044ed698ae9f8c1ff363641956456ef14b9d7219b1dba876a9247c4a64d4355d91e6c17a02a3eab510910b696 |
/root/.cache/dconf/user
| MD5 | 2a3c836f7030763db528e5aa5ac71f82 |
| SHA1 | dff8acc1481fd233214feb7f715baf24c9c5d6f8 |
| SHA256 | 4cf5af027d9a949a881e505bd7c7b14c5eb61ff47d159b585a331d690501d13d |
| SHA512 | e898976101a6e6d2507e036df5c300f9bc79fb3c0509f73ab0a38f64edfc2387e119d6385ed399862cc3c8b66890cfb100a2a97b75e05dfb76359240cd67c615 |
/root/.mozilla/firefox/zio5au8y.default-release/permissions.sqlite
| MD5 | bc787bc04267e945769f70d71ce78eff |
| SHA1 | 04c3045b74938a1613c0ad2ba52c11f04009438f |
| SHA256 | c68b5439527a650b7eb2d12a3d6031eeb7af8e2dc53e6bca0f02032e4c2b40b7 |
| SHA512 | 9b4bcc9bc8dce7e6a7bce873ac326ea0e02941c3d70e16d74d1e791b4e875dd7c35f543531ddd68ce6d9ec0217fd1f980aeb9cd42ae9fbf2c0f8dbdc5ff22db5 |
/root/.mozilla/firefox/zio5au8y.default-release/prefs-1.js
| MD5 | f7d90caba96767dd29b005c43dbed3aa |
| SHA1 | cd61a5cfeb83b6cabc7c3f644574af595b89d897 |
| SHA256 | 4cb175ed47d1b6fc2b9fa25803100908699258b72c4646002a5955335baf9ebe |
| SHA512 | bc35d8e456bfc2fbdd1c7892426ca674e35456f23f27e63aa7e92359c1a67593ed4381f81a62ea53802345a9aea83408ee5ff8abc2a9fa8f7125ce048f46f64f |
/root/.mozilla/firefox/zio5au8y.default-release/times.json
| MD5 | e5fcfcbc576880b0ec629bb5c401e080 |
| SHA1 | e37c2e2e7f41bb47bd14b6610e92630b79e41341 |
| SHA256 | a73990601971b309d780a257d5a48d61323578463dd5b27dad469018d6b96d60 |
| SHA512 | fab5a0802eff3927b27c7703d0851bfaf33f1b7f001aa9b79d5314078aac2f78d099fb515de77ba9583b96fb4e2bc0fda32b0a1158e0c0af43818329ea9416d7 |
/root/.mozilla/firefox/zio5au8y.default-release/cert9.db
| MD5 | 594f6356cc9b65f0b90cf17759a53181 |
| SHA1 | 65bef28eaa4a4fe2b06faf04285f7ddb6c06b676 |
| SHA256 | 64f1b97476aa10a7b3ce86df62e04555faa680aa465fe0046e1eb1c06d460d02 |
| SHA512 | 2130b67e20c1d206100f40990d441190396849a1d4b4c654daa8fa786dba3f23bb9443745389c3d0e12beb85f1abf0a0686df5243088a46291d4f2cf4a69a330 |
/root/.mozilla/firefox/zio5au8y.default-release/key4.db
| MD5 | 8a3c67deb68057b6ac6a73aec1ae9887 |
| SHA1 | 6e96e13b0d14075de286ce6dfac4bb57ca6f1f64 |
| SHA256 | 70d2490f169a17f9196fcf65cff05adf40f75aaec6f2de2ad7a9c4b7a95378d3 |
| SHA512 | 32a3c5e82fb63c107fbeb4e3382264b61d00e2fbb226633ad33983584bf7bba7646027e651b29c7b1eae47462805d075140d8710f97dd704c4775c788a3c9bef |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | 759544297aaa61f5fef8ee42d0ae4393 |
| SHA1 | fc2d66f6e60409e3e8d38623ce5f817fc7f571e0 |
| SHA256 | 1bd2000cd972e80cefaec6e982ba261d224a818f367de0fdf8c51fa5a05d7ab5 |
| SHA512 | 8aaa2ce66f10d46f7c9200af841ac7bd9f5b55c30308a14f0deda44ac62581c45daae45154487c0073a0d5847d5926cbb4072ca64a702ac6b834ad0bb482804f |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | abed3b47f5b5a0f69d00ef506cd26c38 |
| SHA1 | 309e495135939ed4ccae5aca7046779ea51cf6e1 |
| SHA256 | d347b9268f5b34f0b992e629473e98b25a3de943c8b87dc482307c0fa2f9c06b |
| SHA512 | fe9ca66633b6fbab73ea6c6ee4da45f594305ab054ff5c02e63f8e16452ac12d4332a83a8fb7c2b15421faaa714787a8204887f0267c1e4c898acf871c3c2b19 |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | dd3f6ba37c670af5953593535e435d04 |
| SHA1 | ecfe4e650a050bce77e8ff7468de04c1b8acc9a4 |
| SHA256 | 5cc6fa137a1f3a7d0b615b178877f12c460b22f95702eb7534d5732ee6599561 |
| SHA512 | 86e0482543faae6fb279ca71e1e6d6461d32317e74baebb3973e0fde9800107faeb9c2347be6cf8a47556ae43c8e6c224a595e952f621e40ad2c5eba920df2b3 |
/root/.mozilla/firefox/zio5au8y.default-release/prefs-1.js
| MD5 | 8f4dd925c31655ee4aa006f593118fe6 |
| SHA1 | 6280be3514fd4795132c85624552c6bbe50b64f4 |
| SHA256 | a6ddef8faa076b089a2ca7b519e7893c616f46c1db4a58f7e69c8dd0b09f0430 |
| SHA512 | 16509b26f501fe931924ea050010f76a2fab9624b4bd4577376dfc249ba22a96129053952ad0897c3bced3823faa04cfc26edebd94ac46c7daa09a7bfc8a8b2d |
/root/.cache/mozilla/firefox/zio5au8y.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F
| MD5 | ccfe19ba64b8c23baf70b68549cfb8e4 |
| SHA1 | dc2bb8d83d59b23a55d3259c62ef6dde9dce836d |
| SHA256 | 33ba15a2c54b53c161e42efa53b9fcaccdc7e7481c1bb95c1bf26131c3adb35e |
| SHA512 | 5c7f5aba64e88a72f9e61edb6c19544521a54fa9ac2a1bcda882d7bc466ee7decdb74c9b1fc23dc814d092054c23c52ee5e06333a7ada541e1ced281e77a93a0 |
/root/.mozilla/firefox/zio5au8y.default-release/prefs-1.js
| MD5 | de174d374824073146bc433b5fadd98a |
| SHA1 | 92509a896116ca6e091c9479c91d5216a85c61ef |
| SHA256 | 7deefd36b782aa6e846093d938fee894df78a49d496af202ca3cbdf15758476e |
| SHA512 | de0c843b6f41eaaa367767fc7b39e5a1e9763fd75ca5f9cf2d6d18cc86e97cab66c628c1bfe09830ef1c75db9ee3636c67ffa9ae15574cdb679b89923487a7e8 |
/root/.mozilla/firefox/zio5au8y.default-release/cert9.db
| MD5 | c73921272cc11f52013bd736b3f1b8ab |
| SHA1 | 5676f6afba6a1747da95620ff97a928663e663e8 |
| SHA256 | 8a9b92c953b1ccbc232b1612fe5203f946d73d45eb30d8677663a468977977e4 |
| SHA512 | f6cf9f2254b944001a86a58e8c44bd941bdb57598a6c469ce6e3232d8f0d2a92d0b0663dac99cf55f8a01cc7acd2d4af6a18da4774dcca23deabbf0bd093cb4f |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite
| MD5 | a8dd7ebaad5528b23f82ccb1534cea18 |
| SHA1 | 600daceacfb5cf9df0b66ba7dce4516b2ac4df70 |
| SHA256 | e5b0d02c18ae36c4a220f41fd97c66060c17aaafcbb324a57ccdc2707c44c4ec |
| SHA512 | 67f867a8e2b37fb6bececd5ebc570ca594ea329142badd63d1281d5e735f515a5e329abc6eb9a9d3465aab0a08541b4888018d859964f160a52345ab93532bff |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite
| MD5 | 99c57d01a3c38779e1f4bd5dd93dc927 |
| SHA1 | 0cd641e68a30d6ad64f48d98b2b1d8420b695e23 |
| SHA256 | 529c5cd062c03e8199691c61ad527f8950bb52184d1029285c55b2e6c3763c3c |
| SHA512 | 7be092b2266cecaa3565bbdbdbe96a26556d540e83dc743a7099887a635ae8a4315c3e83c69d20b2065d22b4847ce29d06c2ff1042b13dba93cd48968e5233ae |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite
| MD5 | 7352c8848e88edc39b7fb5e663888187 |
| SHA1 | 8c3dffe25cc56c7aec1b782292d6fceed81e6304 |
| SHA256 | 7a462086a26978809c719e57a7ea6a25568767fb7532014e8531fda94b660e0a |
| SHA512 | f2a0dbbab5c2c1702b03bce15a47739481f523e127d1372b40534db9a20b2bc99fb53710ee0e5d44176188817cac704cf4f98cdf087e7e89d244281fcfc3b280 |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite
| MD5 | e456170c21762760e00cd427ccf8407c |
| SHA1 | ea4f9452e0834b85efcefce207200fd2ad804911 |
| SHA256 | 31725e90088cba27665a705c8f00bc7a5f70a1ef594c84f12a0a1180bd424efd |
| SHA512 | 7fad30b32fe8b43f69f07597c4ed76c3d82f24d413d92106f6a3ed4b1572f632242a99fbb10450e1356f5fe500c9134d7588a4e8b3b9034c584a395dfeb2bc78 |
/root/.mozilla/firefox/zio5au8y.default-release/cert9.db
| MD5 | 27c863833372a94c8d58e2a6df13e2fd |
| SHA1 | 2cdb202e919f586e395cd921ffc410506f1df2a1 |
| SHA256 | 5acb0a1126f2697f45595b7ae5e6a227a3e88cdaba41351ef022d8bef8ce64d8 |
| SHA512 | dfe1da4afd01dff3b240842fc613336c2d4bdb7bb92b77aa8bb002a184dc1b444f6cf9eded77f112ee6e69c49b2fa8c25f771d57abfdf9d5f471d3224fe66ace |
/root/.mozilla/firefox/zio5au8y.default-release/prefs-1.js
| MD5 | c9a1a1df048fa87c80b4ecd0c3caf02c |
| SHA1 | 56166379bc4cccdac9a98c33ff8672e4e68010d1 |
| SHA256 | 9bd4b5a7dd204c01f89b176965a9f95e81831751f1f2590ed2f6cfb0009307ba |
| SHA512 | 96523a2c91dc499dbbad70aba505c01157a7703632917c619cf2f393b99090d7eaa84cdd54b59955c314161368bbee08e726d51879eb6d9cc0b3e14d90ea7526 |
/root/.mozilla/firefox/zio5au8y.default-release/cert9.db
| MD5 | 620406fed072aa36ef338c56b42a5a52 |
| SHA1 | 542e381a326ac47558e3f45280c00078c012b0be |
| SHA256 | f60eb8fa206fb73114a87e478527aed013d1649d40121b89de78e1aea07b3eb3 |
| SHA512 | 7c93ecfd41e4f48838b3e86f094928b7fe8c0a1448a3b355166ae6bee0e7ec93469ccbf18ac382e3bc13ab778be9afc129ac5448ff6f0b25f68e041bcea7e94f |
/root/.mozilla/firefox/zio5au8y.default-release/places.sqlite
| MD5 | da3f4461ed481c1f76df8abb2790a427 |
| SHA1 | 44c28184c26f2bec3c6b8e8413034782121bbf03 |
| SHA256 | 82ff9a719ec4874ed9ee278e544028a54bd6795f528f5cd28c3e0dd631c64b34 |
| SHA512 | cdfdd958018867b037c4a60acea5d5bdc3fd616783418d5c0b4a121244fc4f1edc8221c423891a591e7a6a55ca3f9af9cd45230ebd53c529565198c5b3962fef |
/root/.mozilla/firefox/zio5au8y.default-release/favicons.sqlite
| MD5 | 3c0a1ec298284608bfa51081ea539be3 |
| SHA1 | e51b58f6fe89d45fd8a1d935b51da172d5f6f32e |
| SHA256 | 34c4fe7ab2d3e44f193b489ebe84c17d67b336546af9ef231897ec09d7ff16f2 |
| SHA512 | 8550f530377f7a98c46a6989bec2c43ed644274509a5b987e8e0d034bf867b3315dcc75a2c851a5ac43a45b40bf51c789d828a9a69c02157b3e900467341a28f |
/root/.cache/mozilla/firefox/zio5au8y.default-release/cache2/entries/82F4CDEDC8A08E6BCE520A4114F15825F2E886F6
| MD5 | e130cbcbe7d0f8ec6426dabcaa0e0193 |
| SHA1 | d016605ab6753950efadf7adcda8fe0daa20fd72 |
| SHA256 | 9ec3bb5dd76a42a578a0e723474fa9e0db843f3a2b17f50641fe3b0fe8e5d6e2 |
| SHA512 | 630c503bdae5feb4d50699b77965fd4d7f5f9bb904e4371f9247b6125b453fe537a237511f65c92d2fc9dc5798583a4c752ef06d97d920aa3552f7f52045ef68 |
/root/.mozilla/firefox/zio5au8y.default-release/prefs-1.js
| MD5 | c8bfc105e61d2ba3cf9c551da9601325 |
| SHA1 | 8251a242a5767a79f5cdd8351ed02ecbeef12eea |
| SHA256 | 9a3f4ac8b5fd31a8ed3363355bba2ca72f45ac981debdf88435a233b3d7754bb |
| SHA512 | eb67c84e25b4aee4116651d8cc7ff6e09f806f031419f3c8ce1212bc66efbb9b19f358a31f639bdbe0a540827676f626fb75b96aff07e07fecc9d53d3b54cc07 |
/root/.mozilla/firefox/zio5au8y.default-release/content-prefs.sqlite
| MD5 | 1fc2e7b7fe2c5be305dfa9a2bbb60771 |
| SHA1 | 4967389dea050001cb1af3ec799edb7805c3abb8 |
| SHA256 | 1953edcac737d1ad3de6fbf69671163882fdc0be5bd21d00378d8d8c753c757a |
| SHA512 | fba536378ab9b5f04d92f1029b92d255c7da445a29e2527647bc16e57d02c179de1e78a2de11db1b00cc54c24d3715980c84c0cde103f47c6150f2e7bb8f93d5 |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 9066b3ef59bd776b4951d091de3302e4 |
| SHA1 | c4eb16f9f7b80674bb79e8fb0c3913694473b47a |
| SHA256 | 8894bfb90b5440d0b7d77d47bf5f2d6ec4d94dcfc24471cf9348567cb37d30dd |
| SHA512 | 71ee1a3f0b6a86613409047b9ff2e0c8c4ebc301fcfebb4b4f671bb4dca6ae8b4d91b55762ca19c0de9c49697d5616f9374d6e991e8b4f47ae29d1795d328e1f |
/root/.cache/mozilla/firefox/zio5au8y.default-release/cache2/doomed/1687300281
| MD5 | 75563e9fdbd69a48b46669de954838ca |
| SHA1 | 8f79a7e937db8397d79d6f81becaa3d3a8c2c933 |
| SHA256 | e56db6162d898fa2ea584574deb7d684baeeb2990f0f24d204c952a97bb2959a |
| SHA512 | 5c57ca841fb7f5732361917dde9ebbceceddb58d0f49561f9300a5ece34cb14b6fe80fd7858991919ee4c7d297cb422ed0f92a158b23f83e05e82637e2023bc2 |
/root/.cache/mozilla/firefox/zio5au8y.default-release/cache2/entries/6D89348819C8881868053197CA0754F36784BF5F
| MD5 | 06bc5c22d9eb7cbc2f29a4669588578e |
| SHA1 | ff783037f042c0f0181786eb2c65580c5c1a746d |
| SHA256 | f83f7e53adae3d0037ceb37d566de96ae558a6530c8e58027fa87c6c5fe5a2f1 |
| SHA512 | 440087e79656b72e3168d6e0f12284b93b53e1514bc398a95b4720402f04ce9aed3426c7979bafbe4180380e425b11b7563327c5b7473e3f657aeb2a6814da8d |
/root/.cache/mozilla/firefox/zio5au8y.default-release/cache2/entries/099EB2BF8827A4F91EAB3E38B14650D0205226F2
| MD5 | 4d44542652b7af0cb65b317029baf759 |
| SHA1 | 6494f620037fb9b71f79244c2175a1c9184c62a7 |
| SHA256 | 860ebf4652adea6d5d3065717c581f3c4e3814a821d03004f463f9371fd2777f |
| SHA512 | 894f45c11eed4d504b38494802565f234577095821eaf051a35731268bf41c08949a3a73432e1f7b66f84d6510c30c190d608726a505fd0cd4021bdc61c78112 |
/root/.cache/mozilla/firefox/zio5au8y.default-release/cache2/entries/44230749A38B6989F56217B435A03E84CCADE62D
| MD5 | 684a58bf8bd250833f4741a22158bcf4 |
| SHA1 | aa01c643e3ec6fe474a9960ad21324afd7279eee |
| SHA256 | 6db935af0a3dce25cdcd973e6152a6403a3277364739bd6007b2aa7db9361619 |
| SHA512 | a06f53d03918d969936c31caa3c43529cc05e150e9eb166ac41ed5e152e809081fcd79ebd3f1a05d643c0087793df6b44020055948e3aa7a6857fb54865a6912 |
/root/.mozilla/firefox/zio5au8y.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 5b7b627e833d3499e0ed0309a3692043 |
| SHA1 | e8fb00374e766d43c4e440771ecc41e91eb9ca4e |
| SHA256 | a5b4811219a54db7d85cd26f4d1764448e66015470d4c8d5cc74205b967bf82e |
| SHA512 | babbecfa166903d705abfe51c8efa6497bff0d32f6d735b8568fafdd2e427d657a46f348abac0b97fc8274ec56094e35d53dedf372642f9250cc08a99a43c85b |
/root/.cache/mozilla/firefox/zio5au8y.default-release/cache2/entries/3E2001B369B8D3A5943D3B7112C89FA55150B4F7
| MD5 | 60549be3abc753792c9b67c348566ea9 |
| SHA1 | 426a2d5d29d6bed8b51683e4d73651e99c14eae6 |
| SHA256 | 7744a5d84e70266fcff97fbfe50e192d9b97031b8dc2de3ea4c688877b8427df |
| SHA512 | 47186da78a341a07d51a6c7584cce6079198976fa6df3dcd19529ad3d72566910189ab0073709258c4a864abc2a6a6b5976c64fe70052897e62b0199ba363244 |