Analysis Overview
Threat Level: Shows suspicious behavior
The file http://rollbit.com was found to be: Shows suspicious behavior.
Malicious Activity Summary
Changes its process name
Reads user data of web browsers
Checks CPU configuration
Reads CPU attributes
Enumerates kernel/hardware configuration
Reads runtime system information
Writes file to tmp directory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-17 10:24
Signatures
Analysis: behavioral4
Detonation Overview
Submitted
2024-04-17 10:24
Reported
2024-04-17 10:24
Platform
debian9-mipsel-20240226-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-17 10:24
Reported
2024-04-17 10:26
Platform
ubuntu1804-amd64-20240226-en
Max time kernel
99s
Max time network
102s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | glean.dispatche | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cache2 I/O | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | QuotaManager IO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IndexedDB #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Breakpad Server | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | DOM Worker | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Sandbox Forked | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Chroot Helper | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | MainThread | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Child | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Process | /usr/lib/firefox/firefox | N/A |
| Changes the process name, possibly in an attempt to hide itself | FSBroker1651 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | FSBroker1651 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | ProfilerChild | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | ProfilerChild | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
Reads user data of web browsers
| Description | Indicator | Process | Target |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/sessionstore-backups/recovery.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/sessionstore-backups/recovery.baklz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/places.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/key4.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/cert9.db-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/gmp-gmpopenh264/1.8.1.2/gmpopenh264.info | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/ls-archive.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/permissions.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/permissions.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/handlers.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/prefs.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/cookies.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/cookies.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/addonStartup.json.lz4 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/default | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/key4.db | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/webappsstore.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/system-extensions | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/sessionCheckpoints.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/times.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/cert9.db | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/sessionstore.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/protections.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/permanent | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/webappsstore.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/sessionstore-backups/recovery.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/favicons.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/thumbnails | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/cookies.sqlite | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/cert_override.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/browser-extension-data/[email protected]/storage.js | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/SiteSecurityServiceState.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/webappsstore.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/sessionstore-backups/recovery.bak | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/addons.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/pkcs11.txt | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/ClientAuthRememberList.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/shield-preference-experiments.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/cert9.db | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/cookies.sqlite-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/cert9.db-journal | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/temporary | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/favicons.sqlite-wal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/user.js | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/extension-preferences.json | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/AlternateServices.txt | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/xulstore.json | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/ls-archive.sqlite | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/sessionstore.jsonlz4 | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-journal | N/A | N/A |
| File opened for reading | /root/.mozilla/firefox/json66vy.default-release/sessionstore-backups/previous.js | N/A | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | N/A | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/online | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | N/A | N/A |
| File opened for reading | /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | N/A | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/class | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/uevent | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/class | N/A | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | N/A | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/class | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | N/A | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | N/A | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/mounts | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/self/fd/42 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/49 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/47 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1529/status | N/A | N/A |
| File opened for reading | /proc/1529/attr/current | N/A | N/A |
| File opened for reading | /proc/1678/cmdline | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal-gtk | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/self/fd/31 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/44 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd-fuse | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/33 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/74 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/41 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-permission-store | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | N/A | N/A |
| File opened for reading | /proc/self/task/1616/stat | N/A | N/A |
| File opened for reading | /proc/self/mountinfo | N/A | N/A |
| File opened for reading | /proc/self/fd/46 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd | N/A | N/A |
| File opened for reading | /proc/1518/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/43 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/51 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1545/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/29 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1689/cmdline | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1698/cmdline | N/A | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/self/fd/39 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/50 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-document-portal | N/A |
| File opened for reading | /proc/1693/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/76 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | N/A | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/38 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/45 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal | N/A |
| File opened for reading | /proc/self/fd/6 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/self/task/1657/stat | N/A | N/A |
| File opened for reading | /proc/1669/cmdline | N/A | N/A |
| File opened for reading | /proc/self/cgroup | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1614/cmdline | N/A | N/A |
| File opened for reading | /proc/self/fd/48 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1674/cmdline | N/A | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/gvfs/gvfsd | N/A |
Writes file to tmp directory
| Description | Indicator | Process | Target |
| File opened for modification | /tmp/firefox/.parentlock | /usr/lib/firefox/firefox | N/A |
| File opened for modification | /tmp/tmpaddon | N/A | N/A |
Processes
/usr/bin/xdg-open
[xdg-open http://rollbit.com]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/bin/grep
[grep -q ^Enlightenment]
/bin/uname
[uname]
/bin/grep
[grep -q ^file://]
/bin/egrep
[egrep -q ^[[:alpha:]+\.\-]+:]
/usr/local/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/local/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/bin/sed
[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/http]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/bin/grep
[grep -q ^Enlightenment]
/bin/uname
[uname]
/bin/sed
[sed s/:/ /g]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/bin/grep
[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/bin/sed
[sed s/:/ /g]
/bin/sed
[sed -e s|-|/|]
/bin/sed
[sed -e s|-|/|]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/which
[which firefox]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/firefox
[/usr/bin/firefox http://rollbit.com]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox http://rollbit.com]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/lsb_release
[/usr/bin/lsb_release -idrc]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -parentBuildID 20230522134052 -prefsLen 19257 -prefMapSize 230809 -appDir /usr/lib/firefox/browser {b8e85e6d-f28e-4355-bc2d-af5b91a30510} 1614 true socket]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/usr/libexec/xdg-desktop-portal
[/usr/libexec/xdg-desktop-portal]
/usr/libexec/xdg-document-portal
[/usr/libexec/xdg-document-portal]
/usr/libexec/xdg-permission-store
[/usr/libexec/xdg-permission-store]
/usr/libexec/xdg-desktop-portal-gtk
[/usr/libexec/xdg-desktop-portal-gtk]
/usr/lib/gvfs/gvfsd
[/usr/lib/gvfs/gvfsd]
/usr/lib/gvfs/gvfsd-fuse
[/usr/lib/gvfs/gvfsd-fuse /root/.gvfs -f -o big_writes]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 151.101.130.49:443 | tcp | |
| US | 1.1.1.1:53 | cdn.fwupd.org | udp |
| US | 1.1.1.1:53 | cdn.fwupd.org | udp |
| US | 151.101.194.49:443 | cdn.fwupd.org | tcp |
| US | 151.101.129.91:443 | tcp | |
| GB | 195.181.164.20:443 | tcp | |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| DE | 52.222.236.120:443 | services.addons.mozilla.org | tcp |
| DE | 52.222.236.120:443 | services.addons.mozilla.org | tcp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | locprod2-elb-us-west-2.prod.mozaws.net | udp |
| US | 52.25.6.244:443 | location.services.mozilla.com | tcp |
| GB | 185.125.188.61:443 | tcp | |
| GB | 185.125.188.61:443 | tcp | |
| US | 1.1.1.1:53 | ocp-ingress.fastly.gnome.org | udp |
| US | 151.101.1.91:443 | ocp-ingress.fastly.gnome.org | tcp |
| US | 1.1.1.1:53 | a1887.dscq.akamai.net | udp |
| GB | 92.123.143.193:80 | a1887.dscq.akamai.net | tcp |
| US | 1.1.1.1:53 | 1527653184.rsc.cdn77.org | udp |
| US | 1.1.1.1:53 | 1527653184.rsc.cdn77.org | udp |
| GB | 195.181.164.15:443 | 1527653184.rsc.cdn77.org | tcp |
| US | 1.1.1.1:53 | rollbit.com | udp |
| US | 1.1.1.1:53 | rollbit.com | udp |
| US | 104.22.64.181:80 | rollbit.com | tcp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozorg.moz.works | udp |
| GB | 143.204.72.186:443 | www.mozilla.org | tcp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 34.117.188.166:443 | spocs.getpocket.com | tcp |
| US | 172.67.24.177:443 | rollbit.com | tcp |
| GB | 92.123.143.185:80 | a1887.dscq.akamai.net | tcp |
| US | 172.67.24.177:443 | rollbit.com | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 52.10.78.57:443 | tcp | |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| GB | 92.123.143.185:80 | a1887.dscq.akamai.net | tcp |
| US | 1.1.1.1:53 | getpocket.com | udp |
| US | 1.1.1.1:53 | getpocket.com | udp |
| US | 34.120.237.76:443 | tcp | |
| US | 1.1.1.1:53 | static.hotjar.com | udp |
| US | 1.1.1.1:53 | static.hotjar.com | udp |
| US | 1.1.1.1:53 | static-cdn.hotjar.com | udp |
| DE | 18.66.102.51:443 | static.hotjar.com | tcp |
| US | 34.120.237.76:443 | tcp | |
| US | 34.120.237.76:443 | tcp | |
| US | 34.107.221.82:80 | tcp | |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| GB | 92.123.143.185:80 | a1887.dscq.akamai.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | time.com | udp |
| US | 1.1.1.1:53 | time.com | udp |
| US | 1.1.1.1:53 | www.bbc.com | udp |
| US | 1.1.1.1:53 | www.bbc.com | udp |
| US | 1.1.1.1:53 | gtm-uk.www.bbc.com.pri.bbc.com | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | contile-images.services.mozilla.com | udp |
| US | 1.1.1.1:53 | contile-images.services.mozilla.com | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.115.102:443 | contile-images.services.mozilla.com | tcp |
| US | 34.120.115.102:443 | contile-images.services.mozilla.com | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | normandy.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | normandy.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | normandy-cdn.services.mozilla.com | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | www.inverse.com | udp |
| US | 1.1.1.1:53 | www.inverse.com | udp |
| US | 1.1.1.1:53 | www.amazon.co.uk | udp |
| US | 1.1.1.1:53 | www.amazon.co.uk | udp |
| US | 1.1.1.1:53 | uk.hotels.com | udp |
| US | 1.1.1.1:53 | uk.hotels.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | www.reddit.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | www.reddit.com | udp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | www.bbc.co.uk | udp |
| US | 1.1.1.1:53 | reddit.map.fastly.net | udp |
| US | 1.1.1.1:53 | www.ebay.co.uk | udp |
| US | 1.1.1.1:53 | www.ebay.co.uk | udp |
| US | 1.1.1.1:53 | www.bbc.co.uk | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | gtm-uk.www.bbc.co.uk.pri.bbc.co.uk | udp |
| US | 1.1.1.1:53 | e11847.a.akamaiedge.net | udp |
| US | 1.1.1.1:53 | www.empireonline.com | udp |
| US | 1.1.1.1:53 | www.empireonline.com | udp |
| US | 1.1.1.1:53 | d3a5a5uc9z2x2a.cloudfront.net | udp |
| US | 1.1.1.1:53 | push.services.mozilla.com | udp |
| US | 1.1.1.1:53 | push.services.mozilla.com | udp |
| US | 1.1.1.1:53 | autopush.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | normandy-cdn.services.mozilla.com | udp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 35.201.103.21:443 | normandy-cdn.services.mozilla.com | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | classify-client.services.mozilla.com | udp |
| US | 1.1.1.1:53 | classify-client.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod-classifyclient.normandy.prod.cloudops.mozgcp.net | udp |
| US | 34.98.75.36:443 | classify-client.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | incoming.telemetry.mozilla.org | udp |
| US | 1.1.1.1:53 | incoming.telemetry.mozilla.org | udp |
| US | 1.1.1.1:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 34.120.208.123:443 | incoming.telemetry.mozilla.org | tcp |
| US | 34.107.243.93:443 | push.services.mozilla.com | udp |
| US | 34.120.208.123:443 | incoming.telemetry.mozilla.org | tcp |
| US | 1.1.1.1:53 | fp2e7a.wpc.phicdn.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | lifehacker.com | udp |
| US | 1.1.1.1:53 | lifehacker.com | udp |
| US | 1.1.1.1:53 | www.vox.com | udp |
| US | 1.1.1.1:53 | www.vox.com | udp |
| US | 1.1.1.1:53 | vox-chorus.map.fastly.net | udp |
| US | 1.1.1.1:53 | www.newyorker.com | udp |
| US | 1.1.1.1:53 | www.newyorker.com | udp |
| US | 1.1.1.1:53 | www.usatoday.com | udp |
| US | 1.1.1.1:53 | www.usatoday.com | udp |
| US | 1.1.1.1:53 | condenast.map.fastly.net | udp |
| US | 1.1.1.1:53 | domains.gannett.map.fastly.net | udp |
| US | 1.1.1.1:53 | foreignpolicy.com | udp |
| US | 1.1.1.1:53 | www.bonappetit.com | udp |
| US | 1.1.1.1:53 | www.bonappetit.com | udp |
| US | 1.1.1.1:53 | foreignpolicy.com | udp |
| US | 1.1.1.1:53 | aus5.mozilla.org | udp |
| US | 1.1.1.1:53 | aus5.mozilla.org | udp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 1.1.1.1:53 | www.ft.com | udp |
| US | 1.1.1.1:53 | www.ft.com | udp |
| US | 1.1.1.1:53 | arstechnica.com | udp |
| US | 1.1.1.1:53 | arstechnica.com | udp |
| US | 1.1.1.1:53 | ft2.map.fastly.net | udp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| NL | 2.18.121.79:80 | ciscobinary.openh264.org | tcp |
| US | 1.1.1.1:53 | www.menshealth.com | udp |
| US | 1.1.1.1:53 | www.menshealth.com | udp |
| US | 1.1.1.1:53 | aeon.co | udp |
| US | 1.1.1.1:53 | aeon.co | udp |
| US | 1.1.1.1:53 | hearst-hdm.map.fastly.net | udp |
| US | 1.1.1.1:53 | archive.mozilla.org | udp |
| US | 1.1.1.1:53 | archive.mozilla.org | udp |
| US | 34.117.35.28:443 | archive.mozilla.org | tcp |
| US | 34.117.35.28:443 | archive.mozilla.org | udp |
| US | 1.1.1.1:53 | news.sky.com | udp |
| US | 1.1.1.1:53 | news.sky.com | udp |
| US | 1.1.1.1:53 | qz.com | udp |
| US | 1.1.1.1:53 | qz.com | udp |
| US | 1.1.1.1:53 | e10653.e12.akamaiedge.net | udp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
Files
/root/.dbus/session-bus/11c67417355f45d397f6be11f62e85a6-0
| MD5 | d3d0dc65e83462579b8197ad4520f41a |
| SHA1 | b178d561dabcb4c31966e93ba4c95be1651b74ac |
| SHA256 | 44a7d0b23cd1b5aab1eb48b23201ebae1bd57a5e7e56f9fa80df51b4d77263a1 |
| SHA512 | 7b2baf16a840f58df9f096a9f859f0fd7bbfff3f077d036abcf044f9a045f916dddb33418cc424ea7b37ca3516f1e6ba4b7029c3d2e0fb58edd704a7da4029f5 |
/root/.mozilla/firefox/Crash Reports/InstallTime20230522134052
| MD5 | 81f179ac4bfcf9ca8ca3e5845a2619a1 |
| SHA1 | 4a162f1106d0587ca45b804055ffd7023ef4de89 |
| SHA256 | 43f8cee5797439762e1240c9847a6a4a2eebba600b490127ee1054afde200b30 |
| SHA512 | 060b8d0f387ea08db4331c267d1a9f84740c9f11442ed87666e9d96055b40a0e0991bc9e29676b6700b5b302a782cc8748bb390a9f2a84e486bd5cff0eaf2222 |
/root/.mozilla/firefox/json66vy.default-release/times.json
| MD5 | 34dde087a6166fa8493d6171fb564806 |
| SHA1 | dc4deafc75a251be33999d04cc6d6688d308efc8 |
| SHA256 | e1564c961e356b8b443d65e39988f1714b4a86c50e1cf2dccff4abe13569a7df |
| SHA512 | bef6eae0d19c82bc85cbdddae5c4bdb659088d18a7d699c1e9193087b243f4379aade014dfc8ae0620ec29bec81fd090c0d309134d172316cbaf6925e2465218 |
/root/.mozilla/firefox/f3v9yva5.default/times.json
| MD5 | b5f2fee82823fd70eded11f2abdb5872 |
| SHA1 | 2ac9a3b664bda1783775bad1a349138995e5a867 |
| SHA256 | bee68d3d69371f9a7f870d9b4f1a47b19b81a86714541ca270fd638e38a16303 |
| SHA512 | c985aa54ab3617c0050cac7828e048f46218f94cba2b3b4a8beabe1b83d8475c4b3ecf5b23364f14bbf3d1377e66049c844666d665f21a0234f10ec9ee8ca1b6 |
/root/.mozilla/firefox/installs.ini
| MD5 | 2e94bdddd260c5f2d2052e8689551cc2 |
| SHA1 | 1582d4e7cf44c6c722befa3743992a17f036095c |
| SHA256 | 8a16487e8a41fa840d4e677c16c1bc9bacafb6cd788918a4d35f0273e3e6c8fe |
| SHA512 | fcd9585b495a00345829ae97908b15c0c6162692bd855c9e63eb606387a540578c691c10fad3b9d68622204189cad2c0d5637fdaa7053c45c699711152189cac |
/root/.mozilla/firefox/profiles.ini
| MD5 | 9038ad15a2d8d3c313e9faced72f1d2b |
| SHA1 | e24738ea34bcb57eb9f6a055d0af1d692184e304 |
| SHA256 | 57b21cdebebd7ce73d6336b17f953cb9b23c6a98c982bf0b306aa88804514d16 |
| SHA512 | a5c38bb30c828b956b71bb2399dab0d2ac323f445233a8b264bf08521bb26f0016b83747419d3ddb3ea5ffd1213850187779714c85a429f15b42de0f62579110 |
/root/.mozilla/firefox/json66vy.default-release/compatibility.ini
| MD5 | fe452b7294d5928a9a5863b89ee0a6bd |
| SHA1 | a5d4c245071fa96476ba48b4725bdae7f1b7940f |
| SHA256 | d5bfb07561606a19aa96557ea109b175050dc0eb805cbef9c813503587d77900 |
| SHA512 | dc37d8507f08849e3382d2dbafd4a64555dbd57a288c95131e9aefb366630f1585811a9e1456b861bb9d2b816ed88b18ffb7580cd92b41bb9b0227ce1363843e |
/root/.mozilla/firefox/json66vy.default-release/cookies.sqlite
| MD5 | 9535f5fe817accc769c2c1d3354db39f |
| SHA1 | 6af62cf08717cf3bfa84eb1a7b311acf522ce560 |
| SHA256 | c53c15fcfac2bb57fdc88d23f932fc244dbaf4020f0f6eaecf0f77a37c21f8c5 |
| SHA512 | dc9c2c32eb42dda0a7a711e143aea58c603c1e9d885c3677e9fe86f525e1b0b32a46e240756263e56510b07e764ba69f2de13b90ec18210678242e10cfe17837 |
/root/.mozilla/firefox/json66vy.default-release/cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
/root/.mozilla/firefox/json66vy.default-release/prefs.js
| MD5 | f36826d68eac842eeaf8d50c80c58754 |
| SHA1 | f8e8a251a8ce041b5f6f178124ca869d857c897e |
| SHA256 | 60b84f9a65abcc9ad3670664f461c66e7dc7dc92fc0a0b3bbc3261196a9662d4 |
| SHA512 | 94cc57ac138d3902131de5000765f0243eb80e3452cbe123a63b61fe5e04c4c9dbcec1c5f192dcd574fbac2f3a93f9a8193671f7a3da51cedc9d0928a2edd8aa |
/root/.mozilla/firefox/json66vy.default-release/storage/ls-archive.sqlite
| MD5 | e0c613bfd69956a19ce2dc5e925aa223 |
| SHA1 | 14accb230edcd6cb76967cdc6d4e5686db96b5df |
| SHA256 | 0d4cb11f6364c46a75f9eaddfca5c660b90dfd515df3afcd5e0baeca28a0f1ab |
| SHA512 | 01643c0131a392be92b3f281d7f633c1f502bff19090b0d716f1ac66aefecc3fcf92f393bef66b03089c9b9c6d8aaeb711b6a4f29d5a6729dd188c838f2272d1 |
/root/.mozilla/firefox/json66vy.default-release/storage/ls-archive.sqlite
| MD5 | 178d71e5529d637ac62f7e75fdd75896 |
| SHA1 | 339f2b949cc4c207b66aea11137448ba28d36dcb |
| SHA256 | 7b0050f1bfaab85c8f9067ae7d7369056ff752c0c852ef1462a96c22169004d4 |
| SHA512 | ec0e0105fcfbbae356dd55efbcf92975f35bbe5cb93fcabf4c08443e871957635d14830b27c4e1ddefbbaff8f9b7ec3590bf417a9442e1d7ee3607d14d56f664 |
/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/.metadata-v2-tmp
| MD5 | a03cb61cfe941c7f2cc4503b93256bed |
| SHA1 | 639ef0365969d0cb289f2258a26b3775385c576e |
| SHA256 | e7e2fea61225fc7411c3f9889f6bf2294c8c43acab6ef829a2e08c4816e9d87e |
| SHA512 | c051706016a1231cf2a125fbd10cc122a4611d23dcd814e99662e9198f6dc43ee505b28a4dde057edd4b631387c183af3c4a224441ccb8470aff94d90546509b |
/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 07a412e08825220262ad2890757ff779 |
| SHA1 | f46c127dbc070ded87a6078b3c1c761955f96de8 |
| SHA256 | da640f8b665841b520d2262a21cc3f82aeaa881cf81a1ddae27ef501d66544e4 |
| SHA512 | 0134c783bf3293848e479b478ac57a1e0f4202cddfb8b57bc6275aada7345f398cf8a627e9b1c34fd618192c2f0c9737b1da487daf33f9c557ebc1377105582b |
/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 29f6f476b184c0b8558ff160dccae9bb |
| SHA1 | 0ebbabe261da8d4983263f093742c21e2939b053 |
| SHA256 | f33ee8a28a6ff9e9939eb0d830ff265d0e016a9b1808b33ffa9bafd99071c561 |
| SHA512 | acd4c5e5734413b17f091d1edd33d1ac43f67fd44d9da91f7d36ef7047a60beead875c3965530a0d6d4609b134599a3a80d73ceb99c65c68b4391aaa06ff42e1 |
/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 686ac9f56ff4437e0a8d9aff25341d5b |
| SHA1 | 5604b78c8336c381bcd9d325f8889c62d733918b |
| SHA256 | fed99de70b6fed53e0cd5c8219176dc5067f771ee876523428570f448ac77446 |
| SHA512 | 54b8b0d5b2fef61b1e1b3b7ba621e57034df935a2853a978b05e3a9244cb9208f979900be8ae27c3222c90fcbbc374f8bb8fe2cc65884e9001b2026c72318f82 |
/root/.mozilla/firefox/json66vy.default-release/prefs-1.js
| MD5 | 8e377c151fc491ffe8341d3b2e5f9740 |
| SHA1 | 274e9d7f9c87032a332c0ab67ec518d3548be5ae |
| SHA256 | 42f02c9288923df2c566b689a222fc9b0370d1d67a2e73fd0509a58938907052 |
| SHA512 | 97e54bf3ef1e7e756c2f5229360354afb3174478baa01c66404878bba2e714def9077939898419ea1d49a35ba984aba77a88c322c65f0bce5e80910f6fc19630 |
/root/.cache/dconf/user
| MD5 | 97e5469b504c8e8fdff3870a9c170505 |
| SHA1 | f1e39479b3f84f40a6dca061ace8c910036cb867 |
| SHA256 | d96bdf2090bd7dafe1ab0d9f7ffc4720d002c07abbf48df3969af497b1edbfb9 |
| SHA512 | 0f50466ebbdcf0b5eac69916ebcf8e0b8b300f83c77fb1dd4022f3dada81ca97fea3d3c12bc5c281d281d59a19a839142f2e068af3aa3d79dd5d1e50971b8348 |
/root/.mozilla/firefox/json66vy.default-release/permissions.sqlite
| MD5 | 1c7b7e23ca4b49e50a962c0949f69428 |
| SHA1 | a094b8f61c07d0ede3e27b166d6cba7a61c8d500 |
| SHA256 | 0e5a164fc93b902b198b5da632d11c69985fe7308d4ceb61bcc55c686723b1e1 |
| SHA512 | e472bad7218b2d023008eeb64de571e4a955e03d97fbaf7bc262ef94c6a829499541e1d0ebcd7231e2783f253e8351b0dc2a845d14c07048816397975acfd74b |
/root/.mozilla/firefox/json66vy.default-release/prefs-1.js
| MD5 | f85edef58357187c45767f0614732423 |
| SHA1 | 48817986868adba3ccb6df08e087d8a7d0ea8a60 |
| SHA256 | 19d194b8591a6e13a798bf367e181af564e80d6019d868d5e5b08786fbcbae46 |
| SHA512 | cbc87008680fd43f811d98f1449f19b7182e96c880a44df6d324ca97326e6908b7780f5fa20d5dcee21e941ea3579d147ecae3261f0a775996fcc2f872eacfdb |
/root/.mozilla/firefox/json66vy.default-release/times.json
| MD5 | 44de79c689c71fc475c9ace9ee72a5d7 |
| SHA1 | 423b7fdf42a947d806c8a96fd9544e979112930c |
| SHA256 | 04fec15760045ba07cd5363d8c9624ae75beab4bcb8e8b460a156de8c1fa3e43 |
| SHA512 | 2110a1cb519772dfcfdc2703f42c516a7006b8871cb0bf67dcae05a672cfec23d5538818a162cae7d31707fdee382a5a09d8705269a049a00a013798702b4009 |
/root/.mozilla/firefox/json66vy.default-release/cert9.db
| MD5 | ec2fa5f501ea1299e4ac6662a4c53ac3 |
| SHA1 | c504be90a6d1b9c39bf0be773f8c11c0e0f30362 |
| SHA256 | 10d1a70ffa8db8fa8156bcee4029e64d672e8693677da5671ea0c4dc5f127d08 |
| SHA512 | a13530c7cd925601ad77406ffd57eafcbeb68b9f10328a17359685d41c1861f33243c69bf6a15b057fa20ff62b9d2bca94a9729b48d56c07bfa4427ef9baa8c4 |
/root/.mozilla/firefox/json66vy.default-release/key4.db
| MD5 | 0bee822778a8bcb6215e2ed8211cd3eb |
| SHA1 | c04bb1d33825ed1ece29a586d96fb87139a47c99 |
| SHA256 | eefced6ce737b26a8ff61bdccd34c0882c58da20525b4a230a1a9ce65ea692c0 |
| SHA512 | 63b8dd122e03e20886a3594f701d2f9f26c7fce1f842bdbb1e93765bc9c44dc753531227923d1b86b4560130d8ca1e7d2fdb5389f73e1e5313fabd408ff25214 |
/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | 759544297aaa61f5fef8ee42d0ae4393 |
| SHA1 | fc2d66f6e60409e3e8d38623ce5f817fc7f571e0 |
| SHA256 | 1bd2000cd972e80cefaec6e982ba261d224a818f367de0fdf8c51fa5a05d7ab5 |
| SHA512 | 8aaa2ce66f10d46f7c9200af841ac7bd9f5b55c30308a14f0deda44ac62581c45daae45154487c0073a0d5847d5926cbb4072ca64a702ac6b834ad0bb482804f |
/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite
| MD5 | 627ef183eddb27dc22bc07929c2faa08 |
| SHA1 | e5f337eb01d8d263e3eb15c109d3f7a590eb5646 |
| SHA256 | b2d5c90e47dd5ad73f486238176e08d58f9be556a678344ff980eb19379b3647 |
| SHA512 | 954dc569cf86056f9ad8e7320431ce9f14ad7a52473cf3c918db8d9a78fafb042026e49d97b135b835ac61be66694d051e9527f6717403d716ff5266b65ad27a |
/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | dd3f6ba37c670af5953593535e435d04 |
| SHA1 | ecfe4e650a050bce77e8ff7468de04c1b8acc9a4 |
| SHA256 | 5cc6fa137a1f3a7d0b615b178877f12c460b22f95702eb7534d5732ee6599561 |
| SHA512 | 86e0482543faae6fb279ca71e1e6d6461d32317e74baebb3973e0fde9800107faeb9c2347be6cf8a47556ae43c8e6c224a595e952f621e40ad2c5eba920df2b3 |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/099EB2BF8827A4F91EAB3E38B14650D0205226F2
| MD5 | b565f70b511ed688471b8b868ef82c8c |
| SHA1 | 41617bf548c5ce8900b5fb1a5a88252bfd2f5e7b |
| SHA256 | 817b42838819e08609c281d7891067c56f1660e4cf64fa7c01b008955bdba657 |
| SHA512 | 8dea9ad794352c2e8c67701ed37c0b1bcfe5ae4af867a4b6afb142bb181b71867ed1c3ba18b43ff542f6c1fdeb7000e57741d56788ed086f0e6abaa188db203c |
/root/.mozilla/firefox/json66vy.default-release/places.sqlite
| MD5 | 7a6a3b674826d1fee5d1c3979af45e1f |
| SHA1 | 96f9bc87f177d0c3f8dc53fd8631f755139d2b41 |
| SHA256 | f6eb6bebf729f15757cc2b20719ec393b7b4fb3f118d4ad1b2176dc0b85cdac9 |
| SHA512 | 579cefc874ef2c5d1e08704afcd0a6715648cdd03c60d23aad9d2ced5998d32e00bee871d5d0e4698d8edf6b7808bf88b46a639d4b841acafeff63b81b02fa0f |
/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite
| MD5 | bc0d15099e3044a570d54c4ebaf84c34 |
| SHA1 | 23e1eaaf6f1f3d3e0db627cc0b6e0a46426d3dee |
| SHA256 | 5f3e106271b691dbcfbe5b11d99bc3cda2dd468af633c06d1e78485b82ca7107 |
| SHA512 | 3a913121007bce4a6f51bfda4ca3bb6984293f00e991e618675461e72cc04d53c06a8076abfa7aa6cad2903ca80051b74b4c97b0e727b7360f4aba1933a2c755 |
/root/.mozilla/firefox/json66vy.default-release/content-prefs.sqlite
| MD5 | 1fc2e7b7fe2c5be305dfa9a2bbb60771 |
| SHA1 | 4967389dea050001cb1af3ec799edb7805c3abb8 |
| SHA256 | 1953edcac737d1ad3de6fbf69671163882fdc0be5bd21d00378d8d8c753c757a |
| SHA512 | fba536378ab9b5f04d92f1029b92d255c7da445a29e2527647bc16e57d02c179de1e78a2de11db1b00cc54c24d3715980c84c0cde103f47c6150f2e7bb8f93d5 |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/F742E6F6C150267395731D48D97A5CFBA146AD74
| MD5 | 5e85e4bad6d0e0dc20541822e276ebca |
| SHA1 | 89407848a6e1a46bb209297a969e12958d0e60f6 |
| SHA256 | cdc1602dd050e815c484ca0cbc18fcf2c4051ec17d34c67e87a4ee1aed5381fa |
| SHA512 | b915956a618dd41ed405522e4a94e5a951380fc691b3e59e77b9620f4d8ea451bfe7479537c099b4828fac52b90ae008071a3ed29a65d5bfd63c37f4c51d39ae |
/root/.mozilla/firefox/json66vy.default-release/prefs-1.js
| MD5 | 7ebf23dfc1db031a95aa41323604c248 |
| SHA1 | 7f6326a311e9a1579b15365f5c402f56cb64a304 |
| SHA256 | 8ab5f7f81859893990a4da0793e9b949362400da616e92c68a1380fc281cf3f5 |
| SHA512 | 9c510f8fe0770b0532206468c9c0ba552d262dadc173028bbf89f6c39e6601d77d3240aec19ad18b536daeba118911530e46b05a04a48653e25fb750a2261c8e |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/44230749A38B6989F56217B435A03E84CCADE62D
| MD5 | 02f849b4d0ba60c940e03d085b1fdeeb |
| SHA1 | 57d787f5cfa1674fd3d280287bb97c2dbf0675ad |
| SHA256 | 4459a250b04e18fa1b071607afe7b40f64385a1852e9a681654cb12e3a88558b |
| SHA512 | 464e79fa8d340bfc7bcb677a1a4b85475d467416c87efbab9e4f805ee22bf82fd3117e8b94f34b0afb289abb0ddf8239c9e9792e80ecae4ec8d6dedb5ec2bb60 |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/CD654C7ADB739B7B6774D983700DDDBAC70C3BE0
| MD5 | d449206aa0b75946cf14e4f6d9671003 |
| SHA1 | a65e06609941c87e042bb7f51bb262ffece30726 |
| SHA256 | 22ecaded4bfc9d4bc1c99b1b132fb394f6c8a539e426f4e15d5afd940900310c |
| SHA512 | 9f14f148e62dc28f863681a9e9b9ca9c9d9200a64376294997ae6ead0df992ea50880c27e00de7411d0917854769e8aafe3f3d0bcd0bb1b636fa5ecaa3a17f0f |
/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite
| MD5 | 79e805ba7ae8b8c943945720c43701fb |
| SHA1 | 9ef184efc81fd55c0a7dd0fe592a7c11cf59421a |
| SHA256 | e0b626fa2690283b6ee531551f46167c8ae301dac58effab3d5f4540dcb99180 |
| SHA512 | 07397ba4d1c29245b86747425a8dee1fcbde47e2efc545e315b3b8cec910976f72e3c663c6a0881de0fcd9814361a9697fabfcebed2981b45c0108bb4cd2fa75 |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/1094C727662E3AA0096519B50DB2D08E5B3D2371
| MD5 | 557c7bdef922edfa7a51cb69924a863a |
| SHA1 | 2a9bfd65c033660083e83023133be928a74ab632 |
| SHA256 | 8cbb245b116c3c9de5ba3aafb40e118f00bbf202d6456936ff6114d4bae62191 |
| SHA512 | fb705179926572b439bb52d974a2bb981d73871b87935b419bba6f1c60db38208809383b2d5ff66384dc3216a91214184c941079446ad7a3baa503e0544d7c03 |
/root/.mozilla/firefox/json66vy.default-release/prefs-1.js
| MD5 | f7e8eee91b402a3f389db732d7dedfba |
| SHA1 | cb02a9f4ad90d11e5835f35c28e3cccb17a99499 |
| SHA256 | 39f0d85c29a29cb5e292354d6eb9a94e318abb23f305968cd083ea3e3beae2dc |
| SHA512 | f4abacd5f0f7b7c6262ad0e700c1eef203d602f4d5d7a21490fff837d943ae651e121f1421a5f76f1e9f5b0e9a73854f5a91ffb143c1e8b42f0cab98f76e6720 |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/537F4E37E43266B3D908CE3DA434141C2D8B5739
| MD5 | 32065130a9855e7410c8183f3a5bc3f9 |
| SHA1 | 5a00e59d4b4387bff3a185b1688854e600d86b4b |
| SHA256 | c33c737e3ee0ffcc10c466fd36ec9fe9e438d9f0545f04d10c27d826da08c6fd |
| SHA512 | 3a6282a9fe9af6c76a0a9b03bb4e97a77f55b860e987449a894c19d3cf4e95a1274883dc14a1d8951bf3975140cc57914ad78819c626fc243ee8bf713b225882 |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C
| MD5 | acd8c51fa9ecbb52f39530c4ec8d5378 |
| SHA1 | 1b5c4e4cd6e73ea4a2c73717693f69bc984c29ed |
| SHA256 | 6a089093ec7898adfa2f46917a5b923f9f5d22b05b846a98510cd296545954b2 |
| SHA512 | d8faa77ad25559530659d7b3bc903ed820d2feab717412c9ace97b64522c3037b9ccfe7c58b194ff86d152fdba7b8b8a12219991040ade6a5a6726de2e4c3f54 |
/root/.mozilla/firefox/json66vy.default-release/prefs-1.js
| MD5 | 02481d76dc443885173433ea1f8d0bf7 |
| SHA1 | a17a75784efccf88034599e7261d8bd0938ccd0d |
| SHA256 | b73fe71443c208c0e91caa2b96c7a841c2b656957c471e615dc3329f3f5f5185 |
| SHA512 | 6374e15c08154fc2ed596efcfca87300f684480fe677ee64a832997b8b0529798ecef9df5d8673e1270f770b989b1b38cd3e7d94fa220c30d7fbb20ff37dde21 |
/root/.mozilla/firefox/json66vy.default-release/webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/35F0A2FF4B4555DF80956150B324D0FA66FD56B3
| MD5 | c858d569bae16eadd95d70f0c0fd8f1e |
| SHA1 | dbabeed36a51e67240a7294f941e1d588d862839 |
| SHA256 | 785306de3ff2d44ce3cbfc4c6db44ee318f2641c681f234e70f6b6beea834bbe |
| SHA512 | 3398679020e0002cee3cffbb29db322403918cb1b3cfd36563d1cac22260f23bb43ecafb97d09001fd5805d666f31d1b2cba15bed6d294a5838d097850681bf4 |
/tmp/tmpaddon
| MD5 | 152eda253e242e18443ef3282495bc7c |
| SHA1 | ff0fa85565f21ec4931baad4573b4c0bd08c4019 |
| SHA256 | 8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48 |
| SHA512 | 94531e267314de661b2205c606283fb066d781e5c11027578f2a3c3aa353437c2289544074a28101b6b6f0179f0fe6bd890a0ae2bb6e1cf9053650472576366c |
/root/.mozilla/firefox/json66vy.default-release/prefs-1.js
| MD5 | acfd72e8394d2ced415d88c9d7734e24 |
| SHA1 | caf101c224fff222d5c38f4bb89012393bfb2263 |
| SHA256 | 5c6b18083a2080268783831629613bab3e087f768c72112413d8b1c99ea84e4d |
| SHA512 | 37f40dd065eb116f9374c34d0e6be08041a440ddbb6bf09a19f319b0b69fc828a95f9f1da07bdf9a9a43971b861a926f8d701bc73beb0b1babc55eaf88bf9c9f |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/F8CBD54DDA10F4286A41EC6A537240712D6C2308
| MD5 | b29c2b0657410b8d3bbe308c347cc65a |
| SHA1 | babc1ca7d60dba10ab5c911f05399b397946d9cc |
| SHA256 | be69b0316c3f0ed4467d9af0d4f502baeb26f8c900cb11e15189099ff6f8604f |
| SHA512 | a6a14cbdf4c10a91def8f43a63cd778ff8688fc8e9dec69c93130bee44a0c4e5ea26d31536b954eed667d84956befc704455e54e4c6bcb58ac9cae554c755add |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/63F48F4F7F1BC3195F5AB831F9794F3DBA2D30E1
| MD5 | b06dc7bb8611795442508395c240acdb |
| SHA1 | 938f7accd59307f4511b0b8da1450214798e1ed5 |
| SHA256 | 1fbf95a9ee9022fbe289fef824b55728244660dda0b3217336549115950a3f80 |
| SHA512 | b348874c383a6e7acf4e15b6682f774f50d463526d9539ee0b4d65d5b786f92e54afd10dd818ea4182feff804211e59adaad591b615449fbb5cf6305aa4a9946 |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/7943793AD6EF12CA229A1DF7A721B44C210BBC82
| MD5 | 153ea9d79aede81aedb1fd8f7cf6b830 |
| SHA1 | de848ad038c6581abc496613ac290192b435cf17 |
| SHA256 | 7b23348294175d40b2d7d27b19a93b603fb9c0eb6fadd5d5ae64418a1c209c44 |
| SHA512 | 6c55acc8f572be6124bbfe005095681b460f1328bc50ee93b2640c23ca88d360964de27697c25c7ad40ec3b9cdc8e8bc5ff3b8a3bcc3e155f290d1940c372301 |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/A100D13B31B3B47B8A440E86B5443E2156994819
| MD5 | 4dfc21f82e49b2b41af07cbc6b4ac105 |
| SHA1 | fa8568625c8debd4f93f6ff8292ba3b6a6c75f11 |
| SHA256 | 352772661292e4dfd2059cd6f4bf2d075f477f8c581515240731dcc6c0081a8f |
| SHA512 | 1af8a05c92b7bc11d8026465bb70f91d118bc6a17b4a8ef150a2c6711c93e3f93b719bf3cf45bcc3022ce5438a51c69b2077e3324bccb8ab5d9db17f63fd2156 |
/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.files/1
| MD5 | 0c40063de91b8b8297f5398d04d72b22 |
| SHA1 | 8355767bb03a3d894f5fd142f767518603adb3c7 |
| SHA256 | 3cd2ee400a959dc53fd60776cbbe220aa752903b658b262788d2be974f341fc8 |
| SHA512 | 34eef7708b456e637706e6e79a5911efbf1b747fe524dceace14f586ee09907ca2b893afdd0855495014789ecb7805b252b22201be91205e33227ea24aadc2ce |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/2F5C1F4DBEC4488EFFC2E09AC3EA2C0323BAD984
| MD5 | bcfbb1c1256ecdb3afe7ab657b327781 |
| SHA1 | 4b06a20918a82db324f7c9275c615c40662600bc |
| SHA256 | 0b2940de13dc5495f51a35328341e6b0cb3fc683ea8560b2531afebb188943b9 |
| SHA512 | 137a0933403fdd4b3c19a7f4ff4abc67850e0001bf8ecd2d5b64ac8764780b273fa11fa914760918e67bad0592e7a3d885f838f7497be8e681d1426c4708d0f2 |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/B788D3450EE9BCD7CAE9822543E153A810532243
| MD5 | c5df1f60f8cbc41912094e625b79968a |
| SHA1 | ddb4a8d23ecee6e51ae00488d7b67f2d3dbcb96e |
| SHA256 | 732bf90f8758b957e2766db70c6477df12f09011724e2572d87d2683b2c04550 |
| SHA512 | ecdc7311041c783daac08866195bdeb64b395c0ec1910309d3b56dbd43d9a61295d90fe4020a47551f6646d8659d57369c846613975a1089635c9039ba943e92 |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237
| MD5 | a8d9e0bba90b4adffb51b7a6a2638724 |
| SHA1 | 09e3183c6da1d379cec93e44425af5aa5eb83b0c |
| SHA256 | 5701ae7464c578174bb4512b87553e0999733d0004540a76f4f8430be3821911 |
| SHA512 | b25e86c5cee470f9758d009395594ae6bf7b710e8c8c6866dd4f8fb3354885ca738ca4797fe79bfff02eadcac08910e8ac18ce5588240f64992931bfc630fd8e |
/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C
| MD5 | 0431438930116b4aed584ae01745e44a |
| SHA1 | afda9f34003f913ac9edb56eaad8504039c932d1 |
| SHA256 | f6a5dc191f96f4f0a073fcd8e78f2d2f3d906f6e400fe51c5f361b113c544abc |
| SHA512 | 4d095364071a19927fd2b5606bcf6307f0ffc53452ce4fd13c34a2de434600c8f0bc7ef4d0e1b4f73a8d111500da75c70d047250fbed3cda8e7e950ad630e8c2 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-04-17 10:24
Reported
2024-04-17 10:24
Platform
debian9-armhf-20240226-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-04-17 10:24
Reported
2024-04-17 10:24
Platform
debian9-mipsbe-20240226-en