Malware Analysis Report

2025-01-23 15:27

Sample ID 240417-q6sphaca8w
Target https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EQUA7GdBSSdEvbBRN2ePG0ABfu9DSICEPyqcKRr5fMuw1w?e=YfJlFy&download=1&xsdata=MDV8MDJ8fGFhM2YyM2VmYWNjZjRlMmI4MjlkMDhkYzVlZGFjNWI0fGZlMWQ5NWE5NGNlMTQxYTU4ZWFiNmRkNDNhYTI2ZDlmfDB8MHw2Mzg0ODk1NDA4OTI1OTA3NDl8VW5rbm93bnxWR1ZoYlhOVFpXTjFjbWwwZVZObGNuWnBZMlY4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazkwYUdWeUlpd2lWMVFpT2pFeGZRPT18MXxMMk5vWVhSekx6RTVPamcyT0RneU5qVmpMVFkzT0RBdE5EVmtZeTA0WkRRMUxUWTFabVptTldSbE1qQXhaVjloWWpKaE1tTmxOUzA0WWpZekxUUXdabVl0WVRneU9DMWlNREJrTlRJNU16QXhNemRBZFc1eExtZGliQzV6Y0dGalpYTXZiV1Z6YzJGblpYTXZNVGN4TXpNMU56STRPREl6Tmc9PXw1Y2E5MGMyNzJlMjc0ZTFhODI5ZDA4ZGM1ZWRhYzViNHw4NjMwNWFiN2UyNGI0OWQ4OGRhM2MxMzBiZmRhMDdmZg%3D%3D&sdata=Y1FJa3Z1dGc0cFZQKzYrM29SQVRwamVkanVDc0VMNUR5MFJiL2U2WGltVT0%3D&ovuser=fe1d95a9-4ce1-41a5-8eab-6dd43aa26d9f%2CSagar.Balraj%40ril.com
Tags
phishing antivm spyware stealer
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EQUA7GdBSSdEvbBRN2ePG0ABfu9DSICEPyqcKRr5fMuw1w?e=YfJlFy&download=1&xsdata=MDV8MDJ8fGFhM2YyM2VmYWNjZjRlMmI4MjlkMDhkYzVlZGFjNWI0fGZlMWQ5NWE5NGNlMTQxYTU4ZWFiNmRkNDNhYTI2ZDlmfDB8MHw2Mzg0ODk1NDA4OTI1OTA3NDl8VW5rbm93bnxWR1ZoYlhOVFpXTjFjbWwwZVZObGNuWnBZMlY4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazkwYUdWeUlpd2lWMVFpT2pFeGZRPT18MXxMMk5vWVhSekx6RTVPamcyT0RneU5qVmpMVFkzT0RBdE5EVmtZeTA0WkRRMUxUWTFabVptTldSbE1qQXhaVjloWWpKaE1tTmxOUzA0WWpZekxUUXdabVl0WVRneU9DMWlNREJrTlRJNU16QXhNemRBZFc1eExtZGliQzV6Y0dGalpYTXZiV1Z6YzJGblpYTXZNVGN4TXpNMU56STRPREl6Tmc9PXw1Y2E5MGMyNzJlMjc0ZTFhODI5ZDA4ZGM1ZWRhYzViNHw4NjMwNWFiN2UyNGI0OWQ4OGRhM2MxMzBiZmRhMDdmZg%3D%3D&sdata=Y1FJa3Z1dGc0cFZQKzYrM29SQVRwamVkanVDc0VMNUR5MFJiL2U2WGltVT0%3D&ovuser=fe1d95a9-4ce1-41a5-8eab-6dd43aa26d9f%2CSagar.Balraj%40ril.com was found to be: Likely malicious.

Malicious Activity Summary

phishing antivm spyware stealer

A potential corporate email address has been identified in the URL: [email protected]

Changes its process name

Reads user data of web browsers

Checks CPU configuration

Reads CPU attributes

Writes file to tmp directory

Enumerates kernel/hardware configuration

Reads runtime system information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-17 13:52

Signatures

A potential corporate email address has been identified in the URL: [email protected]

phishing

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-17 13:52

Reported

2024-04-17 13:55

Platform

ubuntu2004-amd64-20240221-en

Max time kernel

21s

Max time network

82s

Command Line

[xdg-open https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EQUA7GdBSSdEvbBRN2ePG0ABfu9DSICEPyqcKRr5fMuw1w?e=YfJlFy&download=1&xsdata=MDV8MDJ8fGFhM2YyM2VmYWNjZjRlMmI4MjlkMDhkYzVlZGFjNWI0fGZlMWQ5NWE5NGNlMTQxYTU4ZWFiNmRkNDNhYTI2ZDlmfDB8MHw2Mzg0ODk1NDA4OTI1OTA3NDl8VW5rbm93bnxWR1ZoYlhOVFpXTjFjbWwwZVZObGNuWnBZMlY4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazkwYUdWeUlpd2lWMVFpT2pFeGZRPT18MXxMMk5vWVhSekx6RTVPamcyT0RneU5qVmpMVFkzT0RBdE5EVmtZeTA0WkRRMUxUWTFabVptTldSbE1qQXhaVjloWWpKaE1tTmxOUzA0WWpZekxUUXdabVl0WVRneU9DMWlNREJrTlRJNU16QXhNemRBZFc1eExtZGliQzV6Y0dGalpYTXZiV1Z6YzJGblpYTXZNVGN4TXpNMU56STRPREl6Tmc9PXw1Y2E5MGMyNzJlMjc0ZTFhODI5ZDA4ZGM1ZWRhYzViNHw4NjMwNWFiN2UyNGI0OWQ4OGRhM2MxMzBiZmRhMDdmZg%3D%3D&sdata=Y1FJa3Z1dGc0cFZQKzYrM29SQVRwamVkanVDc0VMNUR5MFJiL2U2WGltVT0%3D&ovuser=fe1d95a9-4ce1-41a5-8eab-6dd43aa26d9f%2CSagar.Balraj%40ril.com]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself glxtest:disk$0 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself DOM Worker N/A N/A
Changes the process name, possibly in an attempt to hide itself DOM Worker N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #3 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #3 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself MainThread /usr/lib/firefox/firefox N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Process /usr/lib/firefox/firefox N/A
Changes the process name, possibly in an attempt to hide itself FSBroker1652 N/A N/A
Changes the process name, possibly in an attempt to hide itself FSBroker1652 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself ProfilerChild N/A N/A
Changes the process name, possibly in an attempt to hide itself ProfilerChild N/A N/A

Reads user data of web browsers

spyware stealer
Description Indicator Process Target
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/key4.db N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/logins.json N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/extension-preferences.json N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/sessionstore-backups/recovery.bak N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/places.sqlite-wal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/addonStartup.json.lz4 /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/handlers.json /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/sessionstore.js N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/prefs.js /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/permissions.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/sessionstore-backups/recovery.baklz4 N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/favicons.sqlite-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/permissions.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/cert9.db /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/search.json.mozlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/content-prefs.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/places.sqlite-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/logins-backup.json N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/compatibility.ini /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/cookies.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/sessionstore.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/cert_override.txt /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/cert9.db-journal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/cookies.sqlite-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/ls-archive.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/shield-preference-experiments.json N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/ExperimentStoreData.json N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/cookies.sqlite /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/sessionCheckpoints.json N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/sessionstore-backups/previous.js N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/places.sqlite /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/key4.db /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/xulstore.json /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/user.js /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/extensions.json N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/sessionstore-backups/previous.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/system-extensions /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/sessionstore-backups/recovery.js N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/content-prefs.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/bookmarkbackups N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/extension-settings.json N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/favicons.sqlite-wal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/extensions /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/ls-archive.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/cert9.db N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/times.json N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/addons.json N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/sessionstore-backups/recovery.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/key4.db-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite N/A N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo N/A N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/present N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/online N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index2/size N/A N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index3/size N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/glxtest N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/fd/75 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/1842/smaps N/A N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1676/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal-gtk N/A
File opened for reading /proc/1695/cmdline N/A N/A
File opened for reading /proc/self/fd/46 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/nautilus N/A
File opened for reading /proc/self/mountinfo /usr/libexec/gvfsd-trash N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd N/A
File opened for reading /proc/1707/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/sys/kernel/cap_last_cap N/A N/A
File opened for reading /proc/1502/cmdline N/A N/A
File opened for reading /proc/1592/cmdline N/A N/A
File opened for reading /proc/self/fd/43 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/self/task/1863/stat N/A N/A
File opened for reading /proc/self/fd/107 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1765/smaps N/A N/A
File opened for reading /proc/self/fd/49 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/13 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-document-portal N/A
File opened for reading /proc/1727/cmdline N/A N/A
File opened for reading /proc/self/fd/38 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat N/A N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/45 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1765/statm N/A N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/1724/cmdline N/A N/A
File opened for reading /proc/self/task/1845/stat N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/40 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/44 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/47 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/dconf-service N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/1842/statm N/A N/A
File opened for reading /proc/1860/smaps N/A N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd/42 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1702/cmdline N/A N/A
File opened for reading /proc/1474/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/mountinfo N/A N/A
File opened for reading /proc/1681/cmdline N/A N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1736/smaps N/A N/A
File opened for reading /proc/1482/attr/current N/A N/A
File opened for reading /proc/self/fd/50 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1655/stat N/A N/A
File opened for reading /proc/self/task/1742/stat N/A N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/51 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd N/A N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EQUA7GdBSSdEvbBRN2ePG0ABfu9DSICEPyqcKRr5fMuw1w?e=YfJlFy&download=1&xsdata=MDV8MDJ8fGFhM2YyM2VmYWNjZjRlMmI4MjlkMDhkYzVlZGFjNWI0fGZlMWQ5NWE5NGNlMTQxYTU4ZWFiNmRkNDNhYTI2ZDlmfDB8MHw2Mzg0ODk1NDA4OTI1OTA3NDl8VW5rbm93bnxWR1ZoYlhOVFpXTjFjbWwwZVZObGNuWnBZMlY4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazkwYUdWeUlpd2lWMVFpT2pFeGZRPT18MXxMMk5vWVhSekx6RTVPamcyT0RneU5qVmpMVFkzT0RBdE5EVmtZeTA0WkRRMUxUWTFabVptTldSbE1qQXhaVjloWWpKaE1tTmxOUzA0WWpZekxUUXdabVl0WVRneU9DMWlNREJrTlRJNU16QXhNemRBZFc1eExtZGliQzV6Y0dGalpYTXZiV1Z6YzJGblpYTXZNVGN4TXpNMU56STRPREl6Tmc9PXw1Y2E5MGMyNzJlMjc0ZTFhODI5ZDA4ZGM1ZWRhYzViNHw4NjMwNWFiN2UyNGI0OWQ4OGRhM2MxMzBiZmRhMDdmZg%3D%3D&sdata=Y1FJa3Z1dGc0cFZQKzYrM29SQVRwamVkanVDc0VMNUR5MFJiL2U2WGltVT0%3D&ovuser=fe1d95a9-4ce1-41a5-8eab-6dd43aa26d9f%2CSagar.Balraj%40ril.com]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EQUA7GdBSSdEvbBRN2ePG0ABfu9DSICEPyqcKRr5fMuw1w?e=YfJlFy&download=1&xsdata=MDV8MDJ8fGFhM2YyM2VmYWNjZjRlMmI4MjlkMDhkYzVlZGFjNWI0fGZlMWQ5NWE5NGNlMTQxYTU4ZWFiNmRkNDNhYTI2ZDlmfDB8MHw2Mzg0ODk1NDA4OTI1OTA3NDl8VW5rbm93bnxWR1ZoYlhOVFpXTjFjbWwwZVZObGNuWnBZMlY4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazkwYUdWeUlpd2lWMVFpT2pFeGZRPT18MXxMMk5vWVhSekx6RTVPamcyT0RneU5qVmpMVFkzT0RBdE5EVmtZeTA0WkRRMUxUWTFabVptTldSbE1qQXhaVjloWWpKaE1tTmxOUzA0WWpZekxUUXdabVl0WVRneU9DMWlNREJrTlRJNU16QXhNemRBZFc1eExtZGliQzV6Y0dGalpYTXZiV1Z6YzJGblpYTXZNVGN4TXpNMU56STRPREl6Tmc9PXw1Y2E5MGMyNzJlMjc0ZTFhODI5ZDA4ZGM1ZWRhYzViNHw4NjMwNWFiN2UyNGI0OWQ4OGRhM2MxMzBiZmRhMDdmZg%3D%3D&sdata=Y1FJa3Z1dGc0cFZQKzYrM29SQVRwamVkanVDc0VMNUR5MFJiL2U2WGltVT0%3D&ovuser=fe1d95a9-4ce1-41a5-8eab-6dd43aa26d9f%2CSagar.Balraj%40ril.com]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EQUA7GdBSSdEvbBRN2ePG0ABfu9DSICEPyqcKRr5fMuw1w?e=YfJlFy&download=1&xsdata=MDV8MDJ8fGFhM2YyM2VmYWNjZjRlMmI4MjlkMDhkYzVlZGFjNWI0fGZlMWQ5NWE5NGNlMTQxYTU4ZWFiNmRkNDNhYTI2ZDlmfDB8MHw2Mzg0ODk1NDA4OTI1OTA3NDl8VW5rbm93bnxWR1ZoYlhOVFpXTjFjbWwwZVZObGNuWnBZMlY4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazkwYUdWeUlpd2lWMVFpT2pFeGZRPT18MXxMMk5vWVhSekx6RTVPamcyT0RneU5qVmpMVFkzT0RBdE5EVmtZeTA0WkRRMUxUWTFabVptTldSbE1qQXhaVjloWWpKaE1tTmxOUzA0WWpZekxUUXdabVl0WVRneU9DMWlNREJrTlRJNU16QXhNemRBZFc1eExtZGliQzV6Y0dGalpYTXZiV1Z6YzJGblpYTXZNVGN4TXpNMU56STRPREl6Tmc9PXw1Y2E5MGMyNzJlMjc0ZTFhODI5ZDA4ZGM1ZWRhYzViNHw4NjMwNWFiN2UyNGI0OWQ4OGRhM2MxMzBiZmRhMDdmZg%3D%3D&sdata=Y1FJa3Z1dGc0cFZQKzYrM29SQVRwamVkanVDc0VMNUR5MFJiL2U2WGltVT0%3D&ovuser=fe1d95a9-4ce1-41a5-8eab-6dd43aa26d9f%2CSagar.Balraj%40ril.com]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/lib/firefox/glxtest

[/usr/lib/firefox/glxtest -f 14]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 20252 -prefMapSize 231436 -appDir /usr/lib/firefox/browser {d7ab79c9-28de-43e2-9786-6acdfbae0fe0} 1592 true socket]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/libexec/gvfsd

[/usr/libexec/gvfsd]

/usr/libexec/gvfsd-fuse

[/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes]

/usr/libexec/dconf-service

[/usr/libexec/dconf-service]

/usr/bin/nautilus

[/usr/bin/nautilus --gapplication-service]

/usr/libexec/gvfsd-trash

[/usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 22702 -prefMapSize 231436 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {e4747aed-d6c9-4c5a-9a9d-8808c88f73a7} 1592 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 22370 -prefMapSize 231436 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {ba4540a1-072f-445f-9049-6029b413b89a} 1592 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 22719 -prefMapSize 231436 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {444142a9-d843-4519-8720-4d503d19ecd8} 1592 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 28719 -prefMapSize 231436 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {f364d98e-8ccd-4552-849a-b8bb66fa2694} 1592 true tab]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 _https._tcp.deb.nodesource.com udp
US 1.1.1.1:53 _http._tcp.security.ubuntu.com udp
US 1.1.1.1:53 _http._tcp.nl.archive.ubuntu.com udp
US 1.1.1.1:53 deb.nodesource.com udp
US 1.1.1.1:53 deb.nodesource.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 cdn.fwupd.org udp
US 1.1.1.1:53 cdn.fwupd.org udp
US 1.1.1.1:53 _https._tcp.motd.ubuntu.com udp
US 1.1.1.1:53 motd.ubuntu.com udp
US 1.1.1.1:53 motd.ubuntu.com udp
IE 34.254.182.186:443 motd.ubuntu.com tcp
US 1.1.1.1:53 _https._tcp.esm.ubuntu.com udp
IE 34.243.160.129:443 motd.ubuntu.com tcp
IE 54.247.62.1:443 motd.ubuntu.com tcp
IE 54.171.230.55:443 motd.ubuntu.com tcp
IE 54.217.10.153:443 motd.ubuntu.com tcp
US 1.1.1.1:53 services.addons.mozilla.org udp
US 1.1.1.1:53 services.addons.mozilla.org udp
GB 18.245.162.43:443 services.addons.mozilla.org tcp
GB 18.245.162.43:443 services.addons.mozilla.org tcp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
GB 18.245.162.43:443 services.addons.mozilla.org tcp
GB 18.245.162.43:443 services.addons.mozilla.org tcp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 151.101.2.49:443 cdn.fwupd.org tcp
US 151.101.2.49:443 cdn.fwupd.org tcp
US 1.1.1.1:53 esm.ubuntu.com udp
US 1.1.1.1:53 esm.ubuntu.com udp
GB 185.125.190.75:443 esm.ubuntu.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 alfanar01-my.sharepoint.com udp
US 1.1.1.1:53 alfanar01-my.sharepoint.com udp
US 1.1.1.1:53 detectportal.firefox.com udp
US 1.1.1.1:53 detectportal.firefox.com udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozorg.moz.works udp
GB 143.204.72.186:443 www.mozilla.org tcp
US 1.1.1.1:53 nl.archive.ubuntu.com udp
US 1.1.1.1:53 nl.archive.ubuntu.com udp
US 52.34.56.182:443 location.services.mozilla.com tcp
US 1.1.1.1:53 example.org udp
US 1.1.1.1:53 example.org udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 13.107.138.10:443 alfanar01-my.sharepoint.com tcp
US 13.107.138.10:443 alfanar01-my.sharepoint.com tcp
US 13.107.138.10:443 alfanar01-my.sharepoint.com tcp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 1.1.1.1:53 ftp.bit.nl udp
NL 213.136.12.213:80 ftp.bit.nl tcp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.117.188.166:443 spocs.getpocket.com tcp
NL 213.136.12.213:80 ftp.bit.nl tcp
NL 213.136.12.213:80 ftp.bit.nl tcp
NL 213.136.12.213:80 ftp.bit.nl tcp
US 1.1.1.1:53 a1887.dscq.akamai.net udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.prod.mozaws.net udp

Files

/root/.dbus/session-bus/4816dd152e8c48ff97e9117d197c13d8-0

MD5 174dc6ba0832743c9bbce9d159351d73
SHA1 f33dafde0c48f3be3d8e4f6f12341bc3390609a6
SHA256 eec1cb484881fc5ca02770276f3ed1e939f1723b83c75e4f530ff5ac221accbb
SHA512 db98588e12035b53228aec8ad9f3aff46041ba0a40e3ef997c84c1e03d305aca57a297b526bdf56338f3939dfc242a5495b57943fd7941d7df5d2db75e5fdd1c

/root/.mozilla/firefox/Crash Reports/InstallTime20240108143603

MD5 7d081e747c197f86ca0c0f58c6a0909c
SHA1 bc8b75c5bd1411a781e570b700ba9b749423ed8f
SHA256 879e4b9d090317e6373a88b7ccc6b3007864eda3c4101154a6c602e1a1b39309
SHA512 4efd553d556de5699d2bdbf8ffbbae024e2a4acd89614654497e88b8d0b32edd62e3b566f4257144f3581ef8c71be7f81bfaef11bb65749e93537b35b5b1dba4

/root/.mozilla/firefox/ieoy0jjk.default-release/times.json

MD5 ad04c5e16fc7eac2064871ec06f73d5c
SHA1 b8bb380383872534fa090c52883f47b54015962a
SHA256 25d59cc8d9d7b1a63c29eaa27e62134f911a8e6fec931c2bb2c694cbbe34bbca
SHA512 d6eb1461e392f2202aeaec1e5cfd0e41c1bef934afd4769b2d38bcc97322f2fc08f029a2bf1864a5630ef37674ba4dfb2730dc63d14dac9e5b4754b4ab9c34d0

/root/.mozilla/firefox/7afriz5u.default/times.json

MD5 548955ba4e7ef342de29cbdc442d4287
SHA1 e6007fdbac86133bce4fe46442a4a20109a4cecc
SHA256 833ea7e7d339b7f8f1b5d5cb966fdb0f2ab275cf8bacf6a93b710c0d6f38646b
SHA512 bcdd6f3b3fc78cf9b1fbeacee9f4083f1feb4dcb7e1d2afd42b6d3190997e5274a3a8eb37393e568bd7310723a84429fcfac03fea3dad0c839d6842e8d4cbeae

/root/.mozilla/firefox/installs.ini

MD5 e6015ed8582c917a462af3fe6f90f472
SHA1 5f73d9bbadec1cd9a026b42a191890f63317a7c7
SHA256 c2aef4ee3229c24a7a23534db68e8bc11b30c3a0b3bd3d89ba0418e98fb6ed0f
SHA512 c8b0b9f3c6c6c52699a45a51e8d2a61e4287c24e8e825511a08861a53b10338e42a2bc963af2169576d23555c0ab2e947d39bbe3dfbeafa4c4a2ba06896bb756

/root/.mozilla/firefox/profiles.ini

MD5 a107232f3032c0e21f3d20bb0e5893db
SHA1 3ffcb4f41e07612281c63f56dbd244382de9bc1d
SHA256 d38cf1a207bb469d3617b4aa1134abfdc74e278304f5b322ea744400c318ac62
SHA512 f9bb7b8d900521c86a9a2e26af640d1bed1a3a997fdd2ea347fe7dac27667f047e9955afe6ba7c4f1712adde6ee5aecaf70cbbb8373e186b23dfb1972ad90459

/root/.mozilla/firefox/ieoy0jjk.default-release/compatibility.ini

MD5 2d41a6f5736821b90ef44850dd3873fe
SHA1 a47c4bc1431234a5b58e460ede5b571acd38e562
SHA256 b4bf5c8334f6db20ae94105141ae7a721342ddccd94ec65289dc291e76a31814
SHA512 047a1455211e7aa29ef5f32f07c89d8a0c8d86d871bc664e4d8958a2a014dbe32f0613cd9eb66e7307c0e2439f74ca0b829652a52fa48e8c60d64b41f69914eb

/root/.mozilla/firefox/ieoy0jjk.default-release/cookies.sqlite

MD5 26ff39b359947b71a5fadd950fac34f0
SHA1 66e5830e4dca79225f41adc13a077d8e5dd8084b
SHA256 aecbaf3e1df1332d4f14a11480db712eb4aa91581eb4e942c580bf675f592a45
SHA512 7fae7b9ff4362e12f00acdc898f6f679718bdd28dc959684333086de7bacd162338dc266810f9f3f6dfa3dc228291efd6bb325e2e8573ca0e6a699059a145f11

/root/.mozilla/firefox/ieoy0jjk.default-release/cookies.sqlite

MD5 102a8b6e82208a1b69224bdca8a5b10f
SHA1 8413dc3772127c4159e6d6b51372990a06b805ee
SHA256 5ebf89b32937916a76a8432832040cf0f6b99c2f006cc42f856712d403ec182c
SHA512 49c5c27c6749a7a73b4b944eea64ceb053a272619e6319bfd433ffbe126c8fbccc110961018165a4c7de781a86cf38d2bd9e52ec71b10bc73c9fd05fe841a46c

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/ls-archive.sqlite

MD5 e1121e3dd3c8a9c384f879bdddcff219
SHA1 625f25a1a5ff8527ab3105636fa7aecb9affd234
SHA256 766b9f50254b4e5526b0cde2911512956262596d8937f8630805d3c70802a066
SHA512 03e1cee2e75b2b609b8344a40995de09de837e940d2012f2fea65d9c70eecbcd3345b66b852f32211b38b06a4370f06f02ca7521e29e7113e2e12a6a7752be31

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/ls-archive.sqlite

MD5 0d2b18bbf091633c4fe1ebdd197dfa15
SHA1 c150dc37042d92d30efed6cbc1b536eb66ec1a3e
SHA256 fe63ee867e0f229a0bcc48b771afeec394c362ac6d0c2bd6907c7202097bd228
SHA512 59d202bfaf236bdcfc05a3e148a773d15a3bdff23be26fb2cbfd059fee6c4a516c7a59de0a3bc97df1419c34464e1346354979ddda1062101121522f22d8156d

/root/.mozilla/firefox/ieoy0jjk.default-release/prefs.js

MD5 dca86a12302e6ba2eab6ee9195d5e5cd
SHA1 ee817654b85a7a6fbfe8b7a7210e345b48b7aaf1
SHA256 4ec824abff101989d4a70dcce2b96fb90f898f7df6d3679e328a331f53d429ae
SHA512 8183d6ab233abc1438d2cce648235f6af54d7f0507d49b4d169162b3f25502cfbf26ee9ae71d2c9fbd273c553d8bbb1a97dc4b60e49266262e78d45dfa28ff51

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/.metadata-v2-tmp

MD5 b443c02f094043117b34d040ce6b8a59
SHA1 281fbd10f084a9b08626fd1776b18671e1ae1603
SHA256 1f096afd9b7ee19bead83dda3170d73a07ca33d326b799ed6ded12fea9f069e1
SHA512 ded31772364525f10546a0ab05e569eb1dd72b48acb29a9f1d8ff3bcb1cc5e8460b8e64209d4edd8d33212ceadcd8d713dca41e7d2f46052a2e8488d5f0f2b9d

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 225fe36c4bb990de9670b27368d655a2
SHA1 1dc382bec9af9b4bd0308dea1908ab6933834828
SHA256 2185235a458ef8924a1370bb956dd1d65d1f7bbffda08289275e072b65d5d1db
SHA512 11eb31a930a336c13869b0d385df555d7fba32ecea26bf513398dca2a35439643b0896a94c4696ffb439eef18b7f85982155dd12beddef784fe4ed1e86d2d1c2

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 5e37aed2ff5cc6563db32ba259de7237
SHA1 7712c429d789d3a749d740ecad2f5453a9e1e608
SHA256 869770a030cb64e7ab2b6c8ed537defbffabf85b0812508b2fb256ad24ef4ccf
SHA512 d323d0312d59eeac3c9ed36469b242cc67171dc93b86f6c77ef2c9415039ea81ee42a21e4cf9db15084fe162c8ac6d6944e71de1f08b4972c4f04c0802d7b94a

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 815f215ddf9bb275bf4ef8854ae24018
SHA1 5597371729a8d555fb82091efa879ed5bf05e2e2
SHA256 1e7bfb5d762e78e9235ba6a41103c7454d78de42af963eba87e22c5019798a0b
SHA512 120cd9219a5e0c4f6dc356951fcb8927c9b6ffc6a8e2079e4831fdfa9ab0c33de150bbd0849b950a2713d98f2ac7813b774687f1dbd6acf83a52b5a005a310fd

/root/.mozilla/firefox/ieoy0jjk.default-release/prefs-1.js

MD5 2654cf76bfd6a7edd00d922bd3c280f1
SHA1 819189d886de561ffc57dda08bd3343b0952942b
SHA256 ecf6508badb1db406dbd8f0e2462328dfb56f9921105c82a9f6d656be5e91bb2
SHA512 9f048f705de95023890bb0522c966e03d5a3134efc57b96ff14f1ace980a64a525ecf040c2054fc8fffedeb5333ba5562dba7a0f8166fc6f32b7e446fc570d52

/root/.mozilla/firefox/ieoy0jjk.default-release/permissions.sqlite

MD5 bedd7550aa74d8787924c71471040828
SHA1 c55a719810c207cddce89ef56a694d69e60f1939
SHA256 b3088a49b3f0d1ecca90b463b66299b76b514c8e063acbcaaeddccede176d280
SHA512 84069fb7ce2b9b1387aef8370759f9112af8cc5e2692955a09b276ce9bf102a6aaac1e6ed46161fb16c61453102c5ddecb447aebe4b54739a3eae8c53781fbcb

/root/.mozilla/firefox/ieoy0jjk.default-release/prefs-1.js

MD5 fec1b20cf8ff9c7d1af49e2f545a4f78
SHA1 645141496b9541098e70f98a6ae1d7467d1c3588
SHA256 d66d062d45b8ef4a6c93c2da3a534cad72afffbf4571148c564c15d279bbdd05
SHA512 d9e0ef4894f9ca31778bf54342ea9a3d0b0bba17ae007fa3e55fb229d02abc400d69a11a05dd2ffcc8c398b845d75329010478ebd650a2f6dbf446fa20c399a1

/root/.mozilla/firefox/ieoy0jjk.default-release/times.json

MD5 f939f03a4385d5171c804104db2173bb
SHA1 a6c9a6c71d7ece961a9a17542ac8ccc2857fb3d1
SHA256 ec4e5cf125bdde114fb6e4a6be7f3db15348abaf3d78686a86372836bddfdf88
SHA512 1559cf8798ce370bda9f2493f4489413eb97da55c1cd14e245b35bcf3b9481d226980a8847238451a17dd0ea989d959164d94ce8cd24916c115c3e465bcfd2c4

/root/.mozilla/firefox/ieoy0jjk.default-release/cert9.db

MD5 eb1c43177c850b87e5d8f375d8776bcc
SHA1 388210ecad415273d0cc0183ada968eefc4f704f
SHA256 13be39ea3b64470bedd02a523513af584f9f725680b495ac8f95d07c310c1362
SHA512 33f6ddae975def7f8f2fa43f376eb25a8cd21b82a5a5f1c0964bcb1bfd5e3a7f921504e326da4bc51c1f565824df10dc92aa6661041d8e08c9e019ddedf47aa3

/root/.mozilla/firefox/ieoy0jjk.default-release/key4.db

MD5 cf3aed09f84b8f8d6eeaa21d07f633e3
SHA1 5ad082cc55533dde3bb1961562abf1115d9e9248
SHA256 ad4e69880a8ae49526c8aa7e7705ce9a754d397340d293853b065568fab82771
SHA512 dc2a0cd453a6b83913ed7dadaf791c8daee6a1bc8c2463cb7bed881fc084c17198b7722031668ad98b5017a4d3579f7ee50307f352874a8660d35c5c45f5a24b

/root/.cache/dconf/user

MD5 c4103f122d27677c9db144cae1394a66
SHA1 1489f923c4dca729178b3e3233458550d8dddf29
SHA256 96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7
SHA512 5ea71dc6d0b4f57bf39aadd07c208c35f06cd2bac5fde210397f70de11d439c62ec1cdf3183758865fd387fcea0bada2f6c37a4a17851dd1d78fefe6f204ee54

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 1ea539584c41fd171d307fb9e740d499
SHA1 de3d1a3d6a0173bcd30c89f148cd732d0ae614eb
SHA256 aaa3461e12a1343eb5803894e1ef6894014b75b26ef264f29ece30b1cea3aa83
SHA512 22b145864127c0f223522016c6ba0a67e06a36aeba135e546f4d77000f436d5060064eb988b7aafdb451e39f70d0afd20313d15507dd531234ac25d60e9d935c

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 67be002c958cf885e1932e34072b28bb
SHA1 0fcbadc5bbb84d67629c254ff9ce648596d1bd2a
SHA256 85bb2127e0c9a4f6b33ac649e67cf34af601e966b2dbf9e605586e8bfec95f77
SHA512 a7804478d73d721bbfa52bc68f999a5394ad104d956f9adc622599a4396b780738a09fcd959369fc07bcc48122dd4903c64383d72709f5d1bd14819c2bf5bb9a

/root/.mozilla/firefox/ieoy0jjk.default-release/prefs-1.js

MD5 fcbe46d6c7c38137747dcf6177518924
SHA1 2f0ff8ff608b48f0a02c1d7676a9f1b2ad254bb8
SHA256 549aede75d9363ef30c15c6ea63b57c76d20bab86f9d1ea8dd58a2587f830b57
SHA512 5437584c2529f9544b7e92ff0e5bfa05ec9cda0e04f125d17609113f81058991f2b3f4f62e8346c81ae16f927282b2b404a265f2532be229673777fe103dd9da

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 bbe9e4471c97fb1b270eb793922a00e8
SHA1 a1da47669a2b512be64ba97e8bbd587887d2c24f
SHA256 dedbbbca17668696789b6525ec93fadbb5731e96df326c7d84ce355fe0ca1bac
SHA512 1df28b24c05bd0931c3fab72bf6283d4a4df4253bd28060bf9abaf8fa0b9fd91e7790c28d7972287ac82a1bf04eecd3fab8acdaa26dfd394b3493280c7474f1d

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F

MD5 358cf9f69aa935817e8e36d5d4b82e8f
SHA1 19f509406435c3ec385cd02ce1888f83c0400532
SHA256 ba519796130d5f534b6aad9af08f160cfb4f5f15025106035ee452109f441a08
SHA512 9dabe9d86a4a31c3f7f16de86c7309fa695bd88d882503151156c2389d955dd7ae2f85e8bd21929155bf4a2550316a3091fe50920d7ac586f8f2edd5ad256341

/root/.mozilla/firefox/ieoy0jjk.default-release/prefs-1.js

MD5 b834ba2758984b465b22493f15543f6c
SHA1 092a9495b4261b50b39a56cf8ac1c54201ae184a
SHA256 82fd839a6f3d7140b8ad484bf8422250c8d6387930d5c6a98f4fbbae30793871
SHA512 bd5f3d7b75036ba2b97727bfbb4cd34424fa2fd403e9ef73c5fb4be87566002cf9c6104e800940092e98b9b11a4ebb6985a2b870fffb5ebe6c65fd231ddf83b0

/root/.mozilla/firefox/ieoy0jjk.default-release/prefs-1.js

MD5 c3d56cb7a51c382ef2f37b59ab1b1571
SHA1 cfae6ee09cda1030393e227291c66add3a34ead4
SHA256 b572c3123c62d88e5a2957aff0e6387a58a3ed1b2de3a2470c78569694dfb58a
SHA512 c41349e6db5d757e655fb70e3ba8b08e62bd05f9ebc471ec5bc29e929b4a3988a58db347014d8940f4dc0f116054eb021d1d7c4e96ca5e7fe8f2ded0d970c48d

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 36cfa1c9128b38f1f24d7ac05ef77937
SHA1 993822c6af542776689505c12595a3e32bc68cec
SHA256 7b8ddedc89dc1e899f8e080d8c597c041d624337daa30df97684b678205a31c9
SHA512 215e32fac608afa488ed26961e5e9484b54d35bbfde44d2fc5a742a1edfbfc6510b6c8f3452ac580965bae7df6b00537ebbba24db1ff5a0b95704d088008ede4

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/D0F48A0632B6C451791F4257697E861961F06A6F

MD5 75cd9fdd8b91bfb962b21b7d65fa5eae
SHA1 732823f78e82cd63e2cae294137c8a74dabfbe5d
SHA256 ac531e906d2d9cd4f09e4eea4a62c936fb173004db81a22d8e576b70b57dba0c
SHA512 1b38c9aaec57684b1f1ff7096ffa756672ddc4724d5f9f9c07ce56073cb4c4b07e8d47e5ce7acf1b9ea972608a1c9eb6bd03bcfa5f09512c83f0aea274c4e168

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/90E321EE94230DCDBDCD2EC0B77C695A4FC21F78

MD5 fbb093dd5b7fd2145409f8ea0fe9f4af
SHA1 dcbcc4b0afa66cdd16904646824e113a6d7a330f
SHA256 b67d020c59bff2382e7253785396ebbcb4b421cb81b829a727bed9bdbcc9a2e0
SHA512 db509f47c72128e37948cb930d5885a3c38e968aae3383d7ad3c976f3d0ce138f9b47336dcad50598bbfd1101e62af8231a0dbe6d25041de3aaf6c6ac0a8296d

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/1611007487CDFCDB9FE43793C68D8984CF7DD7AA

MD5 4c64d00529c52f0a1a751a81a49e0c63
SHA1 ea4d6361ff120a77ff0ff1274f3c8f9d9e2713bc
SHA256 c9257e2f0a7fc030df3d2aa43ae77434ba4af3b44b7183c07726f0d5e405a900
SHA512 3bcca1238761b1f819d75d4b48ff7d9168e6d423bc60d27afe24fd61112bfb05d9397409923b603903b1d61bb73584a7f8c19b109e4442cabb77a6b4e051ee15

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F

MD5 3bf419351ebc8aa443128722693554f5
SHA1 84c7bb4df1c0502721adaeea6cf307e89578568f
SHA256 a1267b64b2f4dc893fd6cb996c2a97285b60fdfed3c6b7594c93706f0636ccd9
SHA512 7815fb8bd7aa129bc5b8e976f7b069295bfe5f71c7a44dfd18f497d295b7b35bdd6294abede1d61a43163978aa92982b8698aa68258e635c6cd84f0ab7188a0c

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/EE1AAB872F378C4FA66FBCD193AF217BF20A4E27

MD5 768a452baba5819664cab7a523adc3b1
SHA1 69d6a322ab6caa225d6103aa7f974a4f5d386a19
SHA256 a76b02026cf918eeba8cf1ccf4c4936cdba2c5d10b1014217539b3a1348d9d46
SHA512 3ccd9a56564121c370d6b09591b310ec0f9001d857d0a27f5f64238f577995ce02990af4df4e02dc8811c6cfa7a20f52862b5d5bc6ac3b047bb76712c88a201e

/root/.mozilla/firefox/ieoy0jjk.default-release/prefs-1.js

MD5 76cd22a8fa930669547a2fe2815d7e87
SHA1 2e838792ba56d7ed7f74a8b401cb7a59eea6740b
SHA256 1c6be42d3e1ab9edb6717ff001d4910e3cba07e5ec21d3bf62defed5c8730fe5
SHA512 2ef5e68aa5d42e86beb8d835b9a4e53ec259e2a40578bd4a81cbaf87869223cdb48daab73e086f582abac6ed732c1bf6e3d2a8b771763236ad8cbd5d8a6a8e03

/root/.mozilla/firefox/ieoy0jjk.default-release/cert9.db

MD5 6ef3a2e25e8d8e403b805d7d286274ac
SHA1 bfb5a2b30276617e8b1475e49ecdc1efc3d8738c
SHA256 19aa08091821e0df6fe63b43d1dd8dd373e5db3eb93d9447b4ef37007cf1aab4
SHA512 2209ef883de4705a6b3917b32e872b9da1b503ac4e29019df58e9b1fe5020923c37e364b5b0832fb1775872898898faa5e15f6c805a8f654d0c9fc53a25324e8

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite

MD5 488403dd59d861961dbf2e5317cc6e55
SHA1 bcb13cf819bdc370762237a075f14a9be0728a50
SHA256 8645149962df6c816291521b6cb45e9acf79da6bdc3a727ba00c71eb720de4ef
SHA512 4e60bc58fdc1ffe3662b83fc9af3e0ec5af90eeb25da8e60a70717e3588676e135f6cc5a8d57a37c2cd2ce3a3661e665e2688d00799dd834945d5f0964750805

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite

MD5 9b812257bf6f054e349bee8848f15fe9
SHA1 53f7a4cefb0000dfffda9ca38fbad74217e6330a
SHA256 b5dcacb40d89a95ae97431ce0499f2c1aab5db0c7faac668672964cc8bcf5fd1
SHA512 611f20300a917c8eaf0fa5e52f366fd29b50c88d07b00156c2f3e23fd9b6e38a2ba52b2a752f5501d8de945a2216dbe99dd6b144a79eb242a7a2fb33b84bdfbb

/root/.mozilla/firefox/ieoy0jjk.default-release/cert9.db

MD5 750227afb8e975cd61d2049e7080d11a
SHA1 469c77586c2ff0202e6be84a289ba63be5416dca
SHA256 1cb3207590168374a7ba4e57ee1f34a83df1870acbb3dab023418b9358add12f
SHA512 7e59ace059c2c681e78b80e4a7a2942b3bd2a07bead08acfa17afd52400dc30a8cf881eb2e63c15280cd4376ad9a73ccedea7125c6fababf900bfe3b115abae8

/root/.mozilla/firefox/ieoy0jjk.default-release/prefs-1.js

MD5 6b0862c38c702f98103ff0df6be444be
SHA1 d9a90b5120353e6ec0681422c528adf02a6c2f66
SHA256 88972ccb9354b8ff57968998f0fd45d6a0e9053c481c7f4e0ec9599ddb88b583
SHA512 ff1435cd6ab1372dc0d0ed3413b45b88708afbf7de2d2b34a98429017c71fbfcf105cf8b15fc2fe3d17bb194159f96e5b63c281dc86115d9a9821df2b6776491

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite

MD5 f1cd629017b1fe58fc80953ebd4754b6
SHA1 01e02178484458797c2b682325b26b2633fe8466
SHA256 81bf3da297b9ee8270bea383d9479cd7951e35f552361230358e3a35e1f44567
SHA512 afb775074af046014236a312865a1811de3bfb97f8df057541401867140fcc236259ab237712a7d3bc012ff84cf90330e4e122374cd09c194c4c145f575fb95a

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite

MD5 14960d8348c21a09a2661c54547aac48
SHA1 361b4f9d1b6c5e36be6891715c58c00dbcc639bd
SHA256 e930821cabf729aa2c296b8c2838c64e431574e5fa351de8caede6550815c930
SHA512 631ddf6337067e1bad1637787a4f4e776d673c0e3ce781992bbc121e1bc04168cd31b4b81975eb0985e210ef18f7e99908d9e638ac8984f4337d8ceae571804b

/root/.mozilla/firefox/ieoy0jjk.default-release/content-prefs.sqlite

MD5 1c7386dfc5a5d7f2aa06cdf1e2b280a9
SHA1 71fd6c476cca7d5aaaa79f1c535346b6de20a448
SHA256 f2793a25bb1c364f2589a7b541a5873f8e5e192ff39c1fcefd786e1c23f1c5c8
SHA512 378d36bf3054ffb7b664bcb4d0e38b546b684ce4436c247674ccf621ec2f9951cca73f55e4c1f496a37061ade6065fd315878aa65d2d38c09f8f6a0cb768d978

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/90E321EE94230DCDBDCD2EC0B77C695A4FC21F78

MD5 39b7c3cb84a54670242b889352b5ee37
SHA1 f6b4ef5c5a1f65e8c8b4ebdf6422818720f57bad
SHA256 b8570a11f260d0eb633b2c7c4e481c25ec7cd9638540bfb1e446d32e980439fc
SHA512 403b579022db69676b2b0ed896ed5800f1613a0e8803f80f89ced7fcbd74e41d30722522b8e339fa259aa7dc837c0d88626d831743626b4d2dc1e4a8d525ebe6

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/037778A55E1B7E9BED3390289866D09402D6C913

MD5 751f926f66b342443c3a376bc04fb740
SHA1 679f69b5aef90376bdb9e38933ee2fc59b9084b7
SHA256 61e03ef5ec17028edbb5cfd1e8e9c97920ea08bb43cecc0a1702f1ab62ab344f
SHA512 5a1f3e09ef687fb9b426d3f67ca259512454e4fa1774ef7d61df2ec2fa5d3ced74918f63d0c3728d3bb79357880e61bfb0e61296b3c8a5bd4764b50029697b38

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/1611007487CDFCDB9FE43793C68D8984CF7DD7AA

MD5 a12c3ed3d95756cecb6001f99e77158b
SHA1 0767a9011b3ce78f695c4aea5eb33d067a67ba72
SHA256 42a4adbc1e7c7f00fe0b36626e0ff7754f6c73a16bd488cff4e3419b3417ab1a
SHA512 bbbad6f7f093edd35d1c9aac870f053a3a2222ec734f9be14f0e998759a13fbe36a2c9ec59500c4ac203324f44f3482a43f31de7f9c33835ce17b1fcddbe00b3

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/7992EBCB092AB8BBC5E69BFEB790B0B180989BFE

MD5 8f6427545690c909f3353663bd60742c
SHA1 8792dd50ef81b2b2a5e4ef78fadd9da3bfd81f98
SHA256 6b1f1b3de78e35828a97d681b2c911a07756c05a33cb37ee07fc99df525d0351
SHA512 5695f0bd2c0e8f89e093ae544d9ec4d2c954b038dd49c01affc06f5c2e82199205217b3ea5a3d60972601c901dd26ccf2f305871a33de8192eba738c14fafdbd

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/039090029E64BC91E87E77199A6A6BE11FC39B6F

MD5 01c29605939da4c3ea3525e5019c3804
SHA1 fbf4617ffe0b2b456710e231a994b1bbe2dfc78d
SHA256 cdf53bac16f6ccc86c390f446799d92699c4f4b60b1051b7c1df03b24c0f6a7a
SHA512 2d3516014e37bbc057b09326730fa0b2aba78ca0c3d873244caac2a5fe2407f318106eeb40eeb371fcb9c3afb0295de8042860d466700767166a462f6f023c2d

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/3CE189BB05CB7612E5BACB4C7D758659C64A5389

MD5 79fb2fec80c6418b66223dfbb3ea800c
SHA1 a4c19dc0749b742ec9bc84c604dd897001dbeb52
SHA256 aa9ef36e2cbad63daa002c36f2fca7df33a4f9b23184dd56324127da51d12119
SHA512 da5648d3445776204c3fbc3c7908034e93f97210f26f6666e06db63537c46ea6bb16d7c304cd20b804040c12739760728e091bb1c2380c6187f2aadb40486282

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/0EDDF8C091E2FED62E44BEDDDC1723F5BF38FE4F

MD5 d13316f4c5f4aacdf06487eb0e6529f9
SHA1 42add0512bab80a7f9e09b1965437c9be86bf170
SHA256 b39cfca21950e1a283e4981b75363664b4b52df779081f1f316088b075f40549
SHA512 adbe66854328507a71951862285a6ce988ce494c2bf64f6cda6e159a4b35e881e80122a7f7a397f4951b727bb00a1118fdd63c455c41edb22fd4178356fcf368

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/90E321EE94230DCDBDCD2EC0B77C695A4FC21F78

MD5 fd6970913508ebf28db1b85add7ef1fe
SHA1 25ccb6e16377e8a0b02f40400aaa38fdcacb64b3
SHA256 dc54cb8b34738528f7fec87f199c76637ba7d760ae6812e5c726e2479d6440cd
SHA512 10b1c04ca5f671b4847bc56c7a5269c9922892f1119c5069b6929a7d2a98954bbf23ac32fd61f86a92736da052d45f3969f531cb13a4d3e5b23c45b15fd9b4b0

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/037778A55E1B7E9BED3390289866D09402D6C913

MD5 c91b711e263d1a36d6afa46138e68b44
SHA1 2dc720a3c86f61f2fbfc93047f9f2169d9867cb3
SHA256 c155a756a7e5f8a7eb3b53cf5233224c6f37653521e4af7d98cd14507e27585e
SHA512 6311a2dc064b2ed64640f4242a504a0bd11a12763c2b7e9004b7555af0e6eb73f04087f29d522a8edbb10f0a13f3af60fe3eacd44e1812da4d1f93b88236a1de

/root/.cache/mozilla/firefox/ieoy0jjk.default-release/cache2/entries/1611007487CDFCDB9FE43793C68D8984CF7DD7AA

MD5 1f12995d8c4ef08fe46e1a9b9acb1f22
SHA1 ab8f83a113d1391da06b3cff9a2c310f54ed920f
SHA256 afd1b7f02cd8d6cd636434417234e430ba55d1f4be32f0f099b0802ea77dd16d
SHA512 caf6cf4cfb3e42919386fc66fbd5a1215165c5393fe1fb2011d54798b4a28606e4c71d11a1b3cbc7cf65ab7989473148436aaa2bb523cfa818f0495a76e9debb

/root/.mozilla/firefox/ieoy0jjk.default-release/places.sqlite

MD5 8efaca1999c73d3e45321972e0ae72ee
SHA1 0299afdf22653189f41c9753362d88616097c404
SHA256 25cbb7e02ad7538972cfe6bb484358d0e92998a8819834182483592f397ffa0b
SHA512 2e4587e9b42ffdcaf2d12b37aabc2e65a3cc65a7a16f820e5816b3ac436d5a55af4ab14b1fe16db50afa2a9e22e720c69a4c704ef56d95f64f4bcc95f9806a4a

/root/.mozilla/firefox/ieoy0jjk.default-release/favicons.sqlite

MD5 aff3f84fda6516b87050f171d68531ea
SHA1 6b82d182412601c057bfc591cc6b9a8932c84c73
SHA256 5203714a71df85f81969a193cac50befa4b1e70841b9b2d3ea348d3b99657172
SHA512 aacbaa66d86f8b3f299cead818a0883bb900588da822148b4ac7543a0fa4ee399c14a69534ae55bfd0e7b18630b93f04e0e0174b7d586e0d536c20760b5d65d8

/root/.mozilla/firefox/ieoy0jjk.default-release/prefs-1.js

MD5 16cb1cd0e44b1fc90eed72797b8788bf
SHA1 0dc8aff1586514a5e872900134da86c0288c204f
SHA256 6eea67fe99bd5864b596ab5549a29b70e4f7a5079c71234f1a54437a12b6a1e7
SHA512 af77a4d3e6ede3fd8ff07cd9831cfcbca1542282383164dc7a4f927aac5fe859efebca4d0ccf32ec1e0479399e769c1c5d22e4dc8ba95bb75a14a92ca0ca615a

/root/.mozilla/firefox/ieoy0jjk.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite

MD5 340de034ac829122715cf12d8ac2294a
SHA1 1f0add2ae531a9b6e1d9e505f4f0eeed04ec8309
SHA256 6e05625c4a7161498ca4427e1cb5606aa4ef0a324db28c80e6722245a30becdf
SHA512 947f87157aa3cdfb2f0c8d3ea4646743294244499ac8cfbecaa1ae52e965bc703de9ca53ccf5f8fdaae9e3a7ff31069aac87684bde75d5d33370ceb6f6a314d7

/root/.mozilla/firefox/ieoy0jjk.default-release/cert9.db

MD5 252f9e1e72a06f8c21366e7b10fb3336
SHA1 d476b4a321266b447cf263b3f8d9cccb7808d0e3
SHA256 25a82995311c1d298ad600c2a4ae2099c4940b15782e21b96feb6fb66d455cc9
SHA512 e70246c4cbb17db25f4b408f8c174a3f235de850433a253cc86adbbcf343ccfb5a0e95b18d329f91add4e679cf0ac4cfb2c9b6c28cce5044331cdc534a31c63b

/root/.mozilla/firefox/ieoy0jjk.default-release/prefs-1.js

MD5 aedb703a0471614564adc842239437ca
SHA1 e1b8e3665c8b5ff2f37050842b696674f26f7581
SHA256 7cd2787a16518862ac49f0932ddd26c28619f50d673f0ab89ae4ce9e119b9125
SHA512 8f1d42974ff413dc6eddd371d96ff9f6d4717b6ba1d3040fbc8f766840f2916d4c3fbaffdfb89a14f496f788bad633a4d69ccb37f8b6f5cd8922ae9875442cc6