Malware Analysis Report

2025-01-23 15:26

Sample ID 240417-mfcntade8v
Target http://rollbit.com
Tags
antivm spyware stealer
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

Threat Level: Shows suspicious behavior

The file http://rollbit.com was found to be: Shows suspicious behavior.

Malicious Activity Summary

antivm spyware stealer

Changes its process name

Reads user data of web browsers

Checks CPU configuration

Reads CPU attributes

Enumerates kernel/hardware configuration

Reads runtime system information

Writes file to tmp directory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-17 10:24

Signatures

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-04-17 10:24

Reported

2024-04-17 10:24

Platform

debian9-mipsel-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-17 10:24

Reported

2024-04-17 10:26

Platform

ubuntu1804-amd64-20240226-en

Max time kernel

99s

Max time network

102s

Command Line

[xdg-open http://rollbit.com]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself DOM Worker N/A N/A
Changes the process name, possibly in an attempt to hide itself DOM Worker N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #5 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #5 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #4 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #4 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #3 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #3 N/A N/A
Changes the process name, possibly in an attempt to hide itself MainThread /usr/lib/firefox/firefox N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Process /usr/lib/firefox/firefox N/A
Changes the process name, possibly in an attempt to hide itself FSBroker1651 N/A N/A
Changes the process name, possibly in an attempt to hide itself FSBroker1651 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself ProfilerChild N/A N/A
Changes the process name, possibly in an attempt to hide itself ProfilerChild N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A

Reads user data of web browsers

spyware stealer
Description Indicator Process Target
File opened for reading /root/.mozilla/firefox/json66vy.default-release N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/sessionstore-backups/recovery.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/sessionstore-backups/recovery.baklz4 N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/places.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/key4.db /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/cert9.db-journal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/gmp-gmpopenh264/1.8.1.2/gmpopenh264.info N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/extensions /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/ls-archive.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/permissions.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/permissions.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/handlers.json /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/prefs.js /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/cookies.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/cookies.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/addonStartup.json.lz4 /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/default N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/key4.db N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/webappsstore.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/system-extensions /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/sessionCheckpoints.json N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/times.json N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/cert9.db /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/sessionstore.js N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/protections.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/permanent N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/webappsstore.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/sessionstore-backups/recovery.js N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/favicons.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/thumbnails N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/cookies.sqlite /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/cert_override.txt /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/browser-extension-data/[email protected]/storage.js N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/SiteSecurityServiceState.txt N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/webappsstore.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/sessionstore-backups/recovery.bak N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/addons.json N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/pkcs11.txt /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/ClientAuthRememberList.txt N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/shield-preference-experiments.json N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/cert9.db N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/cookies.sqlite-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/cert9.db-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/temporary N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/favicons.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/user.js /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/extension-preferences.json N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/AlternateServices.txt N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/xulstore.json /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/ls-archive.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/sessionstore.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/json66vy.default-release/sessionstore-backups/previous.js N/A N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo N/A N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/online N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor N/A N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource N/A N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor N/A N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class N/A N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device N/A N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device N/A N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/fd/42 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/49 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/47 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/1529/status N/A N/A
File opened for reading /proc/1529/attr/current N/A N/A
File opened for reading /proc/1678/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal-gtk N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/fd/31 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/44 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/gvfs/gvfsd-fuse N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/33 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/74 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/41 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-permission-store N/A
File opened for reading /proc/sys/kernel/cap_last_cap N/A N/A
File opened for reading /proc/self/task/1616/stat N/A N/A
File opened for reading /proc/self/mountinfo N/A N/A
File opened for reading /proc/self/fd/46 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd N/A N/A
File opened for reading /proc/1518/cmdline N/A N/A
File opened for reading /proc/self/fd/43 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/51 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1545/cmdline N/A N/A
File opened for reading /proc/self/fd/29 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1689/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/1698/cmdline N/A N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/fd/39 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/50 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-document-portal N/A
File opened for reading /proc/1693/cmdline N/A N/A
File opened for reading /proc/self/fd/76 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat N/A N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/38 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/45 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/self/fd/6 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/task/1657/stat N/A N/A
File opened for reading /proc/1669/cmdline N/A N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/1614/cmdline N/A N/A
File opened for reading /proc/self/fd/48 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1674/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/lib/gvfs/gvfsd N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A
File opened for modification /tmp/tmpaddon N/A N/A

Processes

/usr/bin/xdg-open

[xdg-open http://rollbit.com]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/grep

[grep -q ^file://]

/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/http]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/bin/sed

[sed s/:/ /g]

/bin/sed

[sed -e s|-|/|]

/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox http://rollbit.com]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox http://rollbit.com]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20230522134052 -prefsLen 19257 -prefMapSize 230809 -appDir /usr/lib/firefox/browser {b8e85e6d-f28e-4355-bc2d-af5b91a30510} 1614 true socket]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/lib/gvfs/gvfsd

[/usr/lib/gvfs/gvfsd]

/usr/lib/gvfs/gvfsd-fuse

[/usr/lib/gvfs/gvfsd-fuse /root/.gvfs -f -o big_writes]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 151.101.130.49:443 tcp
US 1.1.1.1:53 cdn.fwupd.org udp
US 1.1.1.1:53 cdn.fwupd.org udp
US 151.101.194.49:443 cdn.fwupd.org tcp
US 151.101.129.91:443 tcp
GB 195.181.164.20:443 tcp
US 1.1.1.1:53 services.addons.mozilla.org udp
US 1.1.1.1:53 services.addons.mozilla.org udp
DE 52.222.236.120:443 services.addons.mozilla.org tcp
DE 52.222.236.120:443 services.addons.mozilla.org tcp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 52.25.6.244:443 location.services.mozilla.com tcp
GB 185.125.188.61:443 tcp
GB 185.125.188.61:443 tcp
US 1.1.1.1:53 ocp-ingress.fastly.gnome.org udp
US 151.101.1.91:443 ocp-ingress.fastly.gnome.org tcp
US 1.1.1.1:53 a1887.dscq.akamai.net udp
GB 92.123.143.193:80 a1887.dscq.akamai.net tcp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
GB 195.181.164.15:443 1527653184.rsc.cdn77.org tcp
US 1.1.1.1:53 rollbit.com udp
US 1.1.1.1:53 rollbit.com udp
US 104.22.64.181:80 rollbit.com tcp
US 1.1.1.1:53 example.org udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 1.1.1.1:53 example.org udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozorg.moz.works udp
GB 143.204.72.186:443 www.mozilla.org tcp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 172.67.24.177:443 rollbit.com tcp
GB 92.123.143.185:80 a1887.dscq.akamai.net tcp
US 172.67.24.177:443 rollbit.com udp
US 34.117.188.166:443 spocs.getpocket.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 52.10.78.57:443 tcp
US 1.1.1.1:53 static.cloudflareinsights.com udp
US 1.1.1.1:53 static.cloudflareinsights.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
GB 92.123.143.185:80 a1887.dscq.akamai.net tcp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 getpocket.com udp
US 34.120.237.76:443 tcp
US 1.1.1.1:53 static.hotjar.com udp
US 1.1.1.1:53 static.hotjar.com udp
US 1.1.1.1:53 static-cdn.hotjar.com udp
DE 18.66.102.51:443 static.hotjar.com tcp
US 34.120.237.76:443 tcp
US 34.120.237.76:443 tcp
US 34.107.221.82:80 tcp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
GB 92.123.143.185:80 a1887.dscq.akamai.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 time.com udp
US 1.1.1.1:53 time.com udp
US 1.1.1.1:53 www.bbc.com udp
US 1.1.1.1:53 www.bbc.com udp
US 1.1.1.1:53 gtm-uk.www.bbc.com.pri.bbc.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 contile-images.services.mozilla.com udp
US 1.1.1.1:53 contile-images.services.mozilla.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.115.102:443 contile-images.services.mozilla.com tcp
US 34.120.115.102:443 contile-images.services.mozilla.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 normandy.cdn.mozilla.net udp
US 1.1.1.1:53 normandy.cdn.mozilla.net udp
US 1.1.1.1:53 normandy-cdn.services.mozilla.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 www.inverse.com udp
US 1.1.1.1:53 www.inverse.com udp
US 1.1.1.1:53 www.amazon.co.uk udp
US 1.1.1.1:53 www.amazon.co.uk udp
US 1.1.1.1:53 uk.hotels.com udp
US 1.1.1.1:53 uk.hotels.com udp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 www.reddit.com udp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.reddit.com udp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.bbc.co.uk udp
US 1.1.1.1:53 reddit.map.fastly.net udp
US 1.1.1.1:53 www.ebay.co.uk udp
US 1.1.1.1:53 www.ebay.co.uk udp
US 1.1.1.1:53 www.bbc.co.uk udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 gtm-uk.www.bbc.co.uk.pri.bbc.co.uk udp
US 1.1.1.1:53 e11847.a.akamaiedge.net udp
US 1.1.1.1:53 www.empireonline.com udp
US 1.1.1.1:53 www.empireonline.com udp
US 1.1.1.1:53 d3a5a5uc9z2x2a.cloudfront.net udp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 autopush.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 normandy-cdn.services.mozilla.com udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 35.201.103.21:443 normandy-cdn.services.mozilla.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 1.1.1.1:53 classify-client.services.mozilla.com udp
US 1.1.1.1:53 classify-client.services.mozilla.com udp
US 1.1.1.1:53 prod-classifyclient.normandy.prod.cloudops.mozgcp.net udp
US 34.98.75.36:443 classify-client.services.mozilla.com tcp
US 1.1.1.1:53 incoming.telemetry.mozilla.org udp
US 1.1.1.1:53 incoming.telemetry.mozilla.org udp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 34.120.208.123:443 incoming.telemetry.mozilla.org tcp
US 34.107.243.93:443 push.services.mozilla.com udp
US 34.120.208.123:443 incoming.telemetry.mozilla.org tcp
US 1.1.1.1:53 fp2e7a.wpc.phicdn.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 lifehacker.com udp
US 1.1.1.1:53 lifehacker.com udp
US 1.1.1.1:53 www.vox.com udp
US 1.1.1.1:53 www.vox.com udp
US 1.1.1.1:53 vox-chorus.map.fastly.net udp
US 1.1.1.1:53 www.newyorker.com udp
US 1.1.1.1:53 www.newyorker.com udp
US 1.1.1.1:53 www.usatoday.com udp
US 1.1.1.1:53 www.usatoday.com udp
US 1.1.1.1:53 condenast.map.fastly.net udp
US 1.1.1.1:53 domains.gannett.map.fastly.net udp
US 1.1.1.1:53 foreignpolicy.com udp
US 1.1.1.1:53 www.bonappetit.com udp
US 1.1.1.1:53 www.bonappetit.com udp
US 1.1.1.1:53 foreignpolicy.com udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 1.1.1.1:53 www.ft.com udp
US 1.1.1.1:53 www.ft.com udp
US 1.1.1.1:53 arstechnica.com udp
US 1.1.1.1:53 arstechnica.com udp
US 1.1.1.1:53 ft2.map.fastly.net udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
NL 2.18.121.79:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 www.menshealth.com udp
US 1.1.1.1:53 www.menshealth.com udp
US 1.1.1.1:53 aeon.co udp
US 1.1.1.1:53 aeon.co udp
US 1.1.1.1:53 hearst-hdm.map.fastly.net udp
US 1.1.1.1:53 archive.mozilla.org udp
US 1.1.1.1:53 archive.mozilla.org udp
US 34.117.35.28:443 archive.mozilla.org tcp
US 34.117.35.28:443 archive.mozilla.org udp
US 1.1.1.1:53 news.sky.com udp
US 1.1.1.1:53 news.sky.com udp
US 1.1.1.1:53 qz.com udp
US 1.1.1.1:53 qz.com udp
US 1.1.1.1:53 e10653.e12.akamaiedge.net udp
US 1.1.1.1:53 detectportal.firefox.com udp
US 1.1.1.1:53 detectportal.firefox.com udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 34.107.221.82:80 detectportal.firefox.com tcp

Files

/root/.dbus/session-bus/11c67417355f45d397f6be11f62e85a6-0

MD5 d3d0dc65e83462579b8197ad4520f41a
SHA1 b178d561dabcb4c31966e93ba4c95be1651b74ac
SHA256 44a7d0b23cd1b5aab1eb48b23201ebae1bd57a5e7e56f9fa80df51b4d77263a1
SHA512 7b2baf16a840f58df9f096a9f859f0fd7bbfff3f077d036abcf044f9a045f916dddb33418cc424ea7b37ca3516f1e6ba4b7029c3d2e0fb58edd704a7da4029f5

/root/.mozilla/firefox/Crash Reports/InstallTime20230522134052

MD5 81f179ac4bfcf9ca8ca3e5845a2619a1
SHA1 4a162f1106d0587ca45b804055ffd7023ef4de89
SHA256 43f8cee5797439762e1240c9847a6a4a2eebba600b490127ee1054afde200b30
SHA512 060b8d0f387ea08db4331c267d1a9f84740c9f11442ed87666e9d96055b40a0e0991bc9e29676b6700b5b302a782cc8748bb390a9f2a84e486bd5cff0eaf2222

/root/.mozilla/firefox/json66vy.default-release/times.json

MD5 34dde087a6166fa8493d6171fb564806
SHA1 dc4deafc75a251be33999d04cc6d6688d308efc8
SHA256 e1564c961e356b8b443d65e39988f1714b4a86c50e1cf2dccff4abe13569a7df
SHA512 bef6eae0d19c82bc85cbdddae5c4bdb659088d18a7d699c1e9193087b243f4379aade014dfc8ae0620ec29bec81fd090c0d309134d172316cbaf6925e2465218

/root/.mozilla/firefox/f3v9yva5.default/times.json

MD5 b5f2fee82823fd70eded11f2abdb5872
SHA1 2ac9a3b664bda1783775bad1a349138995e5a867
SHA256 bee68d3d69371f9a7f870d9b4f1a47b19b81a86714541ca270fd638e38a16303
SHA512 c985aa54ab3617c0050cac7828e048f46218f94cba2b3b4a8beabe1b83d8475c4b3ecf5b23364f14bbf3d1377e66049c844666d665f21a0234f10ec9ee8ca1b6

/root/.mozilla/firefox/installs.ini

MD5 2e94bdddd260c5f2d2052e8689551cc2
SHA1 1582d4e7cf44c6c722befa3743992a17f036095c
SHA256 8a16487e8a41fa840d4e677c16c1bc9bacafb6cd788918a4d35f0273e3e6c8fe
SHA512 fcd9585b495a00345829ae97908b15c0c6162692bd855c9e63eb606387a540578c691c10fad3b9d68622204189cad2c0d5637fdaa7053c45c699711152189cac

/root/.mozilla/firefox/profiles.ini

MD5 9038ad15a2d8d3c313e9faced72f1d2b
SHA1 e24738ea34bcb57eb9f6a055d0af1d692184e304
SHA256 57b21cdebebd7ce73d6336b17f953cb9b23c6a98c982bf0b306aa88804514d16
SHA512 a5c38bb30c828b956b71bb2399dab0d2ac323f445233a8b264bf08521bb26f0016b83747419d3ddb3ea5ffd1213850187779714c85a429f15b42de0f62579110

/root/.mozilla/firefox/json66vy.default-release/compatibility.ini

MD5 fe452b7294d5928a9a5863b89ee0a6bd
SHA1 a5d4c245071fa96476ba48b4725bdae7f1b7940f
SHA256 d5bfb07561606a19aa96557ea109b175050dc0eb805cbef9c813503587d77900
SHA512 dc37d8507f08849e3382d2dbafd4a64555dbd57a288c95131e9aefb366630f1585811a9e1456b861bb9d2b816ed88b18ffb7580cd92b41bb9b0227ce1363843e

/root/.mozilla/firefox/json66vy.default-release/cookies.sqlite

MD5 9535f5fe817accc769c2c1d3354db39f
SHA1 6af62cf08717cf3bfa84eb1a7b311acf522ce560
SHA256 c53c15fcfac2bb57fdc88d23f932fc244dbaf4020f0f6eaecf0f77a37c21f8c5
SHA512 dc9c2c32eb42dda0a7a711e143aea58c603c1e9d885c3677e9fe86f525e1b0b32a46e240756263e56510b07e764ba69f2de13b90ec18210678242e10cfe17837

/root/.mozilla/firefox/json66vy.default-release/cookies.sqlite

MD5 5caa766855d5613a999f71b7812d6451
SHA1 ad0d9a52a0d5cc7f11858301dbe47377ed99ee37
SHA256 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27
SHA512 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba

/root/.mozilla/firefox/json66vy.default-release/prefs.js

MD5 f36826d68eac842eeaf8d50c80c58754
SHA1 f8e8a251a8ce041b5f6f178124ca869d857c897e
SHA256 60b84f9a65abcc9ad3670664f461c66e7dc7dc92fc0a0b3bbc3261196a9662d4
SHA512 94cc57ac138d3902131de5000765f0243eb80e3452cbe123a63b61fe5e04c4c9dbcec1c5f192dcd574fbac2f3a93f9a8193671f7a3da51cedc9d0928a2edd8aa

/root/.mozilla/firefox/json66vy.default-release/storage/ls-archive.sqlite

MD5 e0c613bfd69956a19ce2dc5e925aa223
SHA1 14accb230edcd6cb76967cdc6d4e5686db96b5df
SHA256 0d4cb11f6364c46a75f9eaddfca5c660b90dfd515df3afcd5e0baeca28a0f1ab
SHA512 01643c0131a392be92b3f281d7f633c1f502bff19090b0d716f1ac66aefecc3fcf92f393bef66b03089c9b9c6d8aaeb711b6a4f29d5a6729dd188c838f2272d1

/root/.mozilla/firefox/json66vy.default-release/storage/ls-archive.sqlite

MD5 178d71e5529d637ac62f7e75fdd75896
SHA1 339f2b949cc4c207b66aea11137448ba28d36dcb
SHA256 7b0050f1bfaab85c8f9067ae7d7369056ff752c0c852ef1462a96c22169004d4
SHA512 ec0e0105fcfbbae356dd55efbcf92975f35bbe5cb93fcabf4c08443e871957635d14830b27c4e1ddefbbaff8f9b7ec3590bf417a9442e1d7ee3607d14d56f664

/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/.metadata-v2-tmp

MD5 a03cb61cfe941c7f2cc4503b93256bed
SHA1 639ef0365969d0cb289f2258a26b3775385c576e
SHA256 e7e2fea61225fc7411c3f9889f6bf2294c8c43acab6ef829a2e08c4816e9d87e
SHA512 c051706016a1231cf2a125fbd10cc122a4611d23dcd814e99662e9198f6dc43ee505b28a4dde057edd4b631387c183af3c4a224441ccb8470aff94d90546509b

/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 07a412e08825220262ad2890757ff779
SHA1 f46c127dbc070ded87a6078b3c1c761955f96de8
SHA256 da640f8b665841b520d2262a21cc3f82aeaa881cf81a1ddae27ef501d66544e4
SHA512 0134c783bf3293848e479b478ac57a1e0f4202cddfb8b57bc6275aada7345f398cf8a627e9b1c34fd618192c2f0c9737b1da487daf33f9c557ebc1377105582b

/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 29f6f476b184c0b8558ff160dccae9bb
SHA1 0ebbabe261da8d4983263f093742c21e2939b053
SHA256 f33ee8a28a6ff9e9939eb0d830ff265d0e016a9b1808b33ffa9bafd99071c561
SHA512 acd4c5e5734413b17f091d1edd33d1ac43f67fd44d9da91f7d36ef7047a60beead875c3965530a0d6d4609b134599a3a80d73ceb99c65c68b4391aaa06ff42e1

/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 686ac9f56ff4437e0a8d9aff25341d5b
SHA1 5604b78c8336c381bcd9d325f8889c62d733918b
SHA256 fed99de70b6fed53e0cd5c8219176dc5067f771ee876523428570f448ac77446
SHA512 54b8b0d5b2fef61b1e1b3b7ba621e57034df935a2853a978b05e3a9244cb9208f979900be8ae27c3222c90fcbbc374f8bb8fe2cc65884e9001b2026c72318f82

/root/.mozilla/firefox/json66vy.default-release/prefs-1.js

MD5 8e377c151fc491ffe8341d3b2e5f9740
SHA1 274e9d7f9c87032a332c0ab67ec518d3548be5ae
SHA256 42f02c9288923df2c566b689a222fc9b0370d1d67a2e73fd0509a58938907052
SHA512 97e54bf3ef1e7e756c2f5229360354afb3174478baa01c66404878bba2e714def9077939898419ea1d49a35ba984aba77a88c322c65f0bce5e80910f6fc19630

/root/.cache/dconf/user

MD5 97e5469b504c8e8fdff3870a9c170505
SHA1 f1e39479b3f84f40a6dca061ace8c910036cb867
SHA256 d96bdf2090bd7dafe1ab0d9f7ffc4720d002c07abbf48df3969af497b1edbfb9
SHA512 0f50466ebbdcf0b5eac69916ebcf8e0b8b300f83c77fb1dd4022f3dada81ca97fea3d3c12bc5c281d281d59a19a839142f2e068af3aa3d79dd5d1e50971b8348

/root/.mozilla/firefox/json66vy.default-release/permissions.sqlite

MD5 1c7b7e23ca4b49e50a962c0949f69428
SHA1 a094b8f61c07d0ede3e27b166d6cba7a61c8d500
SHA256 0e5a164fc93b902b198b5da632d11c69985fe7308d4ceb61bcc55c686723b1e1
SHA512 e472bad7218b2d023008eeb64de571e4a955e03d97fbaf7bc262ef94c6a829499541e1d0ebcd7231e2783f253e8351b0dc2a845d14c07048816397975acfd74b

/root/.mozilla/firefox/json66vy.default-release/prefs-1.js

MD5 f85edef58357187c45767f0614732423
SHA1 48817986868adba3ccb6df08e087d8a7d0ea8a60
SHA256 19d194b8591a6e13a798bf367e181af564e80d6019d868d5e5b08786fbcbae46
SHA512 cbc87008680fd43f811d98f1449f19b7182e96c880a44df6d324ca97326e6908b7780f5fa20d5dcee21e941ea3579d147ecae3261f0a775996fcc2f872eacfdb

/root/.mozilla/firefox/json66vy.default-release/times.json

MD5 44de79c689c71fc475c9ace9ee72a5d7
SHA1 423b7fdf42a947d806c8a96fd9544e979112930c
SHA256 04fec15760045ba07cd5363d8c9624ae75beab4bcb8e8b460a156de8c1fa3e43
SHA512 2110a1cb519772dfcfdc2703f42c516a7006b8871cb0bf67dcae05a672cfec23d5538818a162cae7d31707fdee382a5a09d8705269a049a00a013798702b4009

/root/.mozilla/firefox/json66vy.default-release/cert9.db

MD5 ec2fa5f501ea1299e4ac6662a4c53ac3
SHA1 c504be90a6d1b9c39bf0be773f8c11c0e0f30362
SHA256 10d1a70ffa8db8fa8156bcee4029e64d672e8693677da5671ea0c4dc5f127d08
SHA512 a13530c7cd925601ad77406ffd57eafcbeb68b9f10328a17359685d41c1861f33243c69bf6a15b057fa20ff62b9d2bca94a9729b48d56c07bfa4427ef9baa8c4

/root/.mozilla/firefox/json66vy.default-release/key4.db

MD5 0bee822778a8bcb6215e2ed8211cd3eb
SHA1 c04bb1d33825ed1ece29a586d96fb87139a47c99
SHA256 eefced6ce737b26a8ff61bdccd34c0882c58da20525b4a230a1a9ce65ea692c0
SHA512 63b8dd122e03e20886a3594f701d2f9f26c7fce1f842bdbb1e93765bc9c44dc753531227923d1b86b4560130d8ca1e7d2fdb5389f73e1e5313fabd408ff25214

/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 759544297aaa61f5fef8ee42d0ae4393
SHA1 fc2d66f6e60409e3e8d38623ce5f817fc7f571e0
SHA256 1bd2000cd972e80cefaec6e982ba261d224a818f367de0fdf8c51fa5a05d7ab5
SHA512 8aaa2ce66f10d46f7c9200af841ac7bd9f5b55c30308a14f0deda44ac62581c45daae45154487c0073a0d5847d5926cbb4072ca64a702ac6b834ad0bb482804f

/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 627ef183eddb27dc22bc07929c2faa08
SHA1 e5f337eb01d8d263e3eb15c109d3f7a590eb5646
SHA256 b2d5c90e47dd5ad73f486238176e08d58f9be556a678344ff980eb19379b3647
SHA512 954dc569cf86056f9ad8e7320431ce9f14ad7a52473cf3c918db8d9a78fafb042026e49d97b135b835ac61be66694d051e9527f6717403d716ff5266b65ad27a

/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 dd3f6ba37c670af5953593535e435d04
SHA1 ecfe4e650a050bce77e8ff7468de04c1b8acc9a4
SHA256 5cc6fa137a1f3a7d0b615b178877f12c460b22f95702eb7534d5732ee6599561
SHA512 86e0482543faae6fb279ca71e1e6d6461d32317e74baebb3973e0fde9800107faeb9c2347be6cf8a47556ae43c8e6c224a595e952f621e40ad2c5eba920df2b3

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/099EB2BF8827A4F91EAB3E38B14650D0205226F2

MD5 b565f70b511ed688471b8b868ef82c8c
SHA1 41617bf548c5ce8900b5fb1a5a88252bfd2f5e7b
SHA256 817b42838819e08609c281d7891067c56f1660e4cf64fa7c01b008955bdba657
SHA512 8dea9ad794352c2e8c67701ed37c0b1bcfe5ae4af867a4b6afb142bb181b71867ed1c3ba18b43ff542f6c1fdeb7000e57741d56788ed086f0e6abaa188db203c

/root/.mozilla/firefox/json66vy.default-release/places.sqlite

MD5 7a6a3b674826d1fee5d1c3979af45e1f
SHA1 96f9bc87f177d0c3f8dc53fd8631f755139d2b41
SHA256 f6eb6bebf729f15757cc2b20719ec393b7b4fb3f118d4ad1b2176dc0b85cdac9
SHA512 579cefc874ef2c5d1e08704afcd0a6715648cdd03c60d23aad9d2ced5998d32e00bee871d5d0e4698d8edf6b7808bf88b46a639d4b841acafeff63b81b02fa0f

/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite

MD5 bc0d15099e3044a570d54c4ebaf84c34
SHA1 23e1eaaf6f1f3d3e0db627cc0b6e0a46426d3dee
SHA256 5f3e106271b691dbcfbe5b11d99bc3cda2dd468af633c06d1e78485b82ca7107
SHA512 3a913121007bce4a6f51bfda4ca3bb6984293f00e991e618675461e72cc04d53c06a8076abfa7aa6cad2903ca80051b74b4c97b0e727b7360f4aba1933a2c755

/root/.mozilla/firefox/json66vy.default-release/content-prefs.sqlite

MD5 1fc2e7b7fe2c5be305dfa9a2bbb60771
SHA1 4967389dea050001cb1af3ec799edb7805c3abb8
SHA256 1953edcac737d1ad3de6fbf69671163882fdc0be5bd21d00378d8d8c753c757a
SHA512 fba536378ab9b5f04d92f1029b92d255c7da445a29e2527647bc16e57d02c179de1e78a2de11db1b00cc54c24d3715980c84c0cde103f47c6150f2e7bb8f93d5

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/F742E6F6C150267395731D48D97A5CFBA146AD74

MD5 5e85e4bad6d0e0dc20541822e276ebca
SHA1 89407848a6e1a46bb209297a969e12958d0e60f6
SHA256 cdc1602dd050e815c484ca0cbc18fcf2c4051ec17d34c67e87a4ee1aed5381fa
SHA512 b915956a618dd41ed405522e4a94e5a951380fc691b3e59e77b9620f4d8ea451bfe7479537c099b4828fac52b90ae008071a3ed29a65d5bfd63c37f4c51d39ae

/root/.mozilla/firefox/json66vy.default-release/prefs-1.js

MD5 7ebf23dfc1db031a95aa41323604c248
SHA1 7f6326a311e9a1579b15365f5c402f56cb64a304
SHA256 8ab5f7f81859893990a4da0793e9b949362400da616e92c68a1380fc281cf3f5
SHA512 9c510f8fe0770b0532206468c9c0ba552d262dadc173028bbf89f6c39e6601d77d3240aec19ad18b536daeba118911530e46b05a04a48653e25fb750a2261c8e

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/44230749A38B6989F56217B435A03E84CCADE62D

MD5 02f849b4d0ba60c940e03d085b1fdeeb
SHA1 57d787f5cfa1674fd3d280287bb97c2dbf0675ad
SHA256 4459a250b04e18fa1b071607afe7b40f64385a1852e9a681654cb12e3a88558b
SHA512 464e79fa8d340bfc7bcb677a1a4b85475d467416c87efbab9e4f805ee22bf82fd3117e8b94f34b0afb289abb0ddf8239c9e9792e80ecae4ec8d6dedb5ec2bb60

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/CD654C7ADB739B7B6774D983700DDDBAC70C3BE0

MD5 d449206aa0b75946cf14e4f6d9671003
SHA1 a65e06609941c87e042bb7f51bb262ffece30726
SHA256 22ecaded4bfc9d4bc1c99b1b132fb394f6c8a539e426f4e15d5afd940900310c
SHA512 9f14f148e62dc28f863681a9e9b9ca9c9d9200a64376294997ae6ead0df992ea50880c27e00de7411d0917854769e8aafe3f3d0bcd0bb1b636fa5ecaa3a17f0f

/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 79e805ba7ae8b8c943945720c43701fb
SHA1 9ef184efc81fd55c0a7dd0fe592a7c11cf59421a
SHA256 e0b626fa2690283b6ee531551f46167c8ae301dac58effab3d5f4540dcb99180
SHA512 07397ba4d1c29245b86747425a8dee1fcbde47e2efc545e315b3b8cec910976f72e3c663c6a0881de0fcd9814361a9697fabfcebed2981b45c0108bb4cd2fa75

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/1094C727662E3AA0096519B50DB2D08E5B3D2371

MD5 557c7bdef922edfa7a51cb69924a863a
SHA1 2a9bfd65c033660083e83023133be928a74ab632
SHA256 8cbb245b116c3c9de5ba3aafb40e118f00bbf202d6456936ff6114d4bae62191
SHA512 fb705179926572b439bb52d974a2bb981d73871b87935b419bba6f1c60db38208809383b2d5ff66384dc3216a91214184c941079446ad7a3baa503e0544d7c03

/root/.mozilla/firefox/json66vy.default-release/prefs-1.js

MD5 f7e8eee91b402a3f389db732d7dedfba
SHA1 cb02a9f4ad90d11e5835f35c28e3cccb17a99499
SHA256 39f0d85c29a29cb5e292354d6eb9a94e318abb23f305968cd083ea3e3beae2dc
SHA512 f4abacd5f0f7b7c6262ad0e700c1eef203d602f4d5d7a21490fff837d943ae651e121f1421a5f76f1e9f5b0e9a73854f5a91ffb143c1e8b42f0cab98f76e6720

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/537F4E37E43266B3D908CE3DA434141C2D8B5739

MD5 32065130a9855e7410c8183f3a5bc3f9
SHA1 5a00e59d4b4387bff3a185b1688854e600d86b4b
SHA256 c33c737e3ee0ffcc10c466fd36ec9fe9e438d9f0545f04d10c27d826da08c6fd
SHA512 3a6282a9fe9af6c76a0a9b03bb4e97a77f55b860e987449a894c19d3cf4e95a1274883dc14a1d8951bf3975140cc57914ad78819c626fc243ee8bf713b225882

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

MD5 acd8c51fa9ecbb52f39530c4ec8d5378
SHA1 1b5c4e4cd6e73ea4a2c73717693f69bc984c29ed
SHA256 6a089093ec7898adfa2f46917a5b923f9f5d22b05b846a98510cd296545954b2
SHA512 d8faa77ad25559530659d7b3bc903ed820d2feab717412c9ace97b64522c3037b9ccfe7c58b194ff86d152fdba7b8b8a12219991040ade6a5a6726de2e4c3f54

/root/.mozilla/firefox/json66vy.default-release/prefs-1.js

MD5 02481d76dc443885173433ea1f8d0bf7
SHA1 a17a75784efccf88034599e7261d8bd0938ccd0d
SHA256 b73fe71443c208c0e91caa2b96c7a841c2b656957c471e615dc3329f3f5f5185
SHA512 6374e15c08154fc2ed596efcfca87300f684480fe677ee64a832997b8b0529798ecef9df5d8673e1270f770b989b1b38cd3e7d94fa220c30d7fbb20ff37dde21

/root/.mozilla/firefox/json66vy.default-release/webappsstore.sqlite

MD5 41c22c9f81a84b1b0e5ee7ec2ff7c545
SHA1 d12424cba9e4e9124bf3f15e556c562b95c9b6a3
SHA256 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f
SHA512 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/35F0A2FF4B4555DF80956150B324D0FA66FD56B3

MD5 c858d569bae16eadd95d70f0c0fd8f1e
SHA1 dbabeed36a51e67240a7294f941e1d588d862839
SHA256 785306de3ff2d44ce3cbfc4c6db44ee318f2641c681f234e70f6b6beea834bbe
SHA512 3398679020e0002cee3cffbb29db322403918cb1b3cfd36563d1cac22260f23bb43ecafb97d09001fd5805d666f31d1b2cba15bed6d294a5838d097850681bf4

/tmp/tmpaddon

MD5 152eda253e242e18443ef3282495bc7c
SHA1 ff0fa85565f21ec4931baad4573b4c0bd08c4019
SHA256 8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48
SHA512 94531e267314de661b2205c606283fb066d781e5c11027578f2a3c3aa353437c2289544074a28101b6b6f0179f0fe6bd890a0ae2bb6e1cf9053650472576366c

/root/.mozilla/firefox/json66vy.default-release/prefs-1.js

MD5 acfd72e8394d2ced415d88c9d7734e24
SHA1 caf101c224fff222d5c38f4bb89012393bfb2263
SHA256 5c6b18083a2080268783831629613bab3e087f768c72112413d8b1c99ea84e4d
SHA512 37f40dd065eb116f9374c34d0e6be08041a440ddbb6bf09a19f319b0b69fc828a95f9f1da07bdf9a9a43971b861a926f8d701bc73beb0b1babc55eaf88bf9c9f

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/F8CBD54DDA10F4286A41EC6A537240712D6C2308

MD5 b29c2b0657410b8d3bbe308c347cc65a
SHA1 babc1ca7d60dba10ab5c911f05399b397946d9cc
SHA256 be69b0316c3f0ed4467d9af0d4f502baeb26f8c900cb11e15189099ff6f8604f
SHA512 a6a14cbdf4c10a91def8f43a63cd778ff8688fc8e9dec69c93130bee44a0c4e5ea26d31536b954eed667d84956befc704455e54e4c6bcb58ac9cae554c755add

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/63F48F4F7F1BC3195F5AB831F9794F3DBA2D30E1

MD5 b06dc7bb8611795442508395c240acdb
SHA1 938f7accd59307f4511b0b8da1450214798e1ed5
SHA256 1fbf95a9ee9022fbe289fef824b55728244660dda0b3217336549115950a3f80
SHA512 b348874c383a6e7acf4e15b6682f774f50d463526d9539ee0b4d65d5b786f92e54afd10dd818ea4182feff804211e59adaad591b615449fbb5cf6305aa4a9946

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/7943793AD6EF12CA229A1DF7A721B44C210BBC82

MD5 153ea9d79aede81aedb1fd8f7cf6b830
SHA1 de848ad038c6581abc496613ac290192b435cf17
SHA256 7b23348294175d40b2d7d27b19a93b603fb9c0eb6fadd5d5ae64418a1c209c44
SHA512 6c55acc8f572be6124bbfe005095681b460f1328bc50ee93b2640c23ca88d360964de27697c25c7ad40ec3b9cdc8e8bc5ff3b8a3bcc3e155f290d1940c372301

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/A100D13B31B3B47B8A440E86B5443E2156994819

MD5 4dfc21f82e49b2b41af07cbc6b4ac105
SHA1 fa8568625c8debd4f93f6ff8292ba3b6a6c75f11
SHA256 352772661292e4dfd2059cd6f4bf2d075f477f8c581515240731dcc6c0081a8f
SHA512 1af8a05c92b7bc11d8026465bb70f91d118bc6a17b4a8ef150a2c6711c93e3f93b719bf3cf45bcc3022ce5438a51c69b2077e3324bccb8ab5d9db17f63fd2156

/root/.mozilla/firefox/json66vy.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.files/1

MD5 0c40063de91b8b8297f5398d04d72b22
SHA1 8355767bb03a3d894f5fd142f767518603adb3c7
SHA256 3cd2ee400a959dc53fd60776cbbe220aa752903b658b262788d2be974f341fc8
SHA512 34eef7708b456e637706e6e79a5911efbf1b747fe524dceace14f586ee09907ca2b893afdd0855495014789ecb7805b252b22201be91205e33227ea24aadc2ce

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/2F5C1F4DBEC4488EFFC2E09AC3EA2C0323BAD984

MD5 bcfbb1c1256ecdb3afe7ab657b327781
SHA1 4b06a20918a82db324f7c9275c615c40662600bc
SHA256 0b2940de13dc5495f51a35328341e6b0cb3fc683ea8560b2531afebb188943b9
SHA512 137a0933403fdd4b3c19a7f4ff4abc67850e0001bf8ecd2d5b64ac8764780b273fa11fa914760918e67bad0592e7a3d885f838f7497be8e681d1426c4708d0f2

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/B788D3450EE9BCD7CAE9822543E153A810532243

MD5 c5df1f60f8cbc41912094e625b79968a
SHA1 ddb4a8d23ecee6e51ae00488d7b67f2d3dbcb96e
SHA256 732bf90f8758b957e2766db70c6477df12f09011724e2572d87d2683b2c04550
SHA512 ecdc7311041c783daac08866195bdeb64b395c0ec1910309d3b56dbd43d9a61295d90fe4020a47551f6646d8659d57369c846613975a1089635c9039ba943e92

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/066FDF01653F3FD7A81FC6A9F57B2D11D3C85237

MD5 a8d9e0bba90b4adffb51b7a6a2638724
SHA1 09e3183c6da1d379cec93e44425af5aa5eb83b0c
SHA256 5701ae7464c578174bb4512b87553e0999733d0004540a76f4f8430be3821911
SHA512 b25e86c5cee470f9758d009395594ae6bf7b710e8c8c6866dd4f8fb3354885ca738ca4797fe79bfff02eadcac08910e8ac18ce5588240f64992931bfc630fd8e

/root/.cache/mozilla/firefox/json66vy.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

MD5 0431438930116b4aed584ae01745e44a
SHA1 afda9f34003f913ac9edb56eaad8504039c932d1
SHA256 f6a5dc191f96f4f0a073fcd8e78f2d2f3d906f6e400fe51c5f361b113c544abc
SHA512 4d095364071a19927fd2b5606bcf6307f0ffc53452ce4fd13c34a2de434600c8f0bc7ef4d0e1b4f73a8d111500da75c70d047250fbed3cda8e7e950ad630e8c2

Analysis: behavioral2

Detonation Overview

Submitted

2024-04-17 10:24

Reported

2024-04-17 10:24

Platform

debian9-armhf-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-04-17 10:24

Reported

2024-04-17 10:24

Platform

debian9-mipsbe-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A