Malware Analysis Report

2025-01-23 15:26

Sample ID 240417-q9b6xscc3t
Target https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EQUA7GdBSSdEvbBRN2ePG0ABfu9DSICEPyqcKRr5fMuw1w?e=YfJlFy&download=1&xsdata=MDV8MDJ8fGFhM2YyM2VmYWNjZjRlMmI4MjlkMDhkYzVlZGFjNWI0fGZlMWQ5NWE5NGNlMTQxYTU4ZWFiNmRkNDNhYTI2ZDlmfDB8MHw2Mzg0ODk1NDA4OTI1OTA3NDl8VW5rbm93bnxWR1ZoYlhOVFpXTjFjbWwwZVZObGNuWnBZMlY4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazkwYUdWeUlpd2lWMVFpT2pFeGZRPT18MXxMMk5vWVhSekx6RTVPamcyT0RneU5qVmpMVFkzT0RBdE5EVmtZeTA0WkRRMUxUWTFabVptTldSbE1qQXhaVjloWWpKaE1tTmxOUzA0WWpZekxUUXdabVl0WVRneU9DMWlNREJrTlRJNU16QXhNemRBZFc1eExtZGliQzV6Y0dGalpYTXZiV1Z6YzJGblpYTXZNVGN4TXpNMU56STRPREl6Tmc9PXw1Y2E5MGMyNzJlMjc0ZTFhODI5ZDA4ZGM1ZWRhYzViNHw4NjMwNWFiN2UyNGI0OWQ4OGRhM2MxMzBiZmRhMDdmZg%3D%3D&sdata=Y1FJa3Z1dGc0cFZQKzYrM29SQVRwamVkanVDc0VMNUR5MFJiL2U2WGltVT0%3D&ovuser=fe1d95a9-4ce1-41a5-8eab-6dd43aa26d9f%2CSagar.Balraj%40ril.com
Tags
phishing antivm spyware stealer
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EQUA7GdBSSdEvbBRN2ePG0ABfu9DSICEPyqcKRr5fMuw1w?e=YfJlFy&download=1&xsdata=MDV8MDJ8fGFhM2YyM2VmYWNjZjRlMmI4MjlkMDhkYzVlZGFjNWI0fGZlMWQ5NWE5NGNlMTQxYTU4ZWFiNmRkNDNhYTI2ZDlmfDB8MHw2Mzg0ODk1NDA4OTI1OTA3NDl8VW5rbm93bnxWR1ZoYlhOVFpXTjFjbWwwZVZObGNuWnBZMlY4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazkwYUdWeUlpd2lWMVFpT2pFeGZRPT18MXxMMk5vWVhSekx6RTVPamcyT0RneU5qVmpMVFkzT0RBdE5EVmtZeTA0WkRRMUxUWTFabVptTldSbE1qQXhaVjloWWpKaE1tTmxOUzA0WWpZekxUUXdabVl0WVRneU9DMWlNREJrTlRJNU16QXhNemRBZFc1eExtZGliQzV6Y0dGalpYTXZiV1Z6YzJGblpYTXZNVGN4TXpNMU56STRPREl6Tmc9PXw1Y2E5MGMyNzJlMjc0ZTFhODI5ZDA4ZGM1ZWRhYzViNHw4NjMwNWFiN2UyNGI0OWQ4OGRhM2MxMzBiZmRhMDdmZg%3D%3D&sdata=Y1FJa3Z1dGc0cFZQKzYrM29SQVRwamVkanVDc0VMNUR5MFJiL2U2WGltVT0%3D&ovuser=fe1d95a9-4ce1-41a5-8eab-6dd43aa26d9f%2CSagar.Balraj%40ril.com was found to be: Likely malicious.

Malicious Activity Summary

phishing antivm spyware stealer

A potential corporate email address has been identified in the URL: [email protected]

Changes its process name

Reads user data of web browsers

Checks CPU configuration

Reads CPU attributes

Reads runtime system information

Writes file to tmp directory

Enumerates kernel/hardware configuration

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-17 13:57

Signatures

A potential corporate email address has been identified in the URL: [email protected]

phishing

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-17 13:57

Reported

2024-04-17 14:00

Platform

ubuntu2004-amd64-20240221-en

Max time kernel

22s

Max time network

183s

Command Line

[xdg-open https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EQUA7GdBSSdEvbBRN2ePG0ABfu9DSICEPyqcKRr5fMuw1w?e=YfJlFy&download=1&xsdata=MDV8MDJ8fGFhM2YyM2VmYWNjZjRlMmI4MjlkMDhkYzVlZGFjNWI0fGZlMWQ5NWE5NGNlMTQxYTU4ZWFiNmRkNDNhYTI2ZDlmfDB8MHw2Mzg0ODk1NDA4OTI1OTA3NDl8VW5rbm93bnxWR1ZoYlhOVFpXTjFjbWwwZVZObGNuWnBZMlY4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazkwYUdWeUlpd2lWMVFpT2pFeGZRPT18MXxMMk5vWVhSekx6RTVPamcyT0RneU5qVmpMVFkzT0RBdE5EVmtZeTA0WkRRMUxUWTFabVptTldSbE1qQXhaVjloWWpKaE1tTmxOUzA0WWpZekxUUXdabVl0WVRneU9DMWlNREJrTlRJNU16QXhNemRBZFc1eExtZGliQzV6Y0dGalpYTXZiV1Z6YzJGblpYTXZNVGN4TXpNMU56STRPREl6Tmc9PXw1Y2E5MGMyNzJlMjc0ZTFhODI5ZDA4ZGM1ZWRhYzViNHw4NjMwNWFiN2UyNGI0OWQ4OGRhM2MxMzBiZmRhMDdmZg%3D%3D&sdata=Y1FJa3Z1dGc0cFZQKzYrM29SQVRwamVkanVDc0VMNUR5MFJiL2U2WGltVT0%3D&ovuser=fe1d95a9-4ce1-41a5-8eab-6dd43aa26d9f%2CSagar.Balraj%40ril.com]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself glxtest:disk$0 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself DOM Worker N/A N/A
Changes the process name, possibly in an attempt to hide itself DOM Worker N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself MainThread /usr/lib/firefox/firefox N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Process /usr/lib/firefox/firefox N/A
Changes the process name, possibly in an attempt to hide itself FSBroker2044 N/A N/A
Changes the process name, possibly in an attempt to hide itself FSBroker2044 N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself ProfilerChild N/A N/A
Changes the process name, possibly in an attempt to hide itself ProfilerChild N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A

Reads user data of web browsers

spyware stealer
Description Indicator Process Target
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/sessionCheckpoints.json N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/cookies.sqlite-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/xulstore.json /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage/ls-archive.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/permissions.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/cert_override.txt /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/shield-preference-experiments.json N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/sessionstore-backups/previous.js N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/sessionstore.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/key4.db /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/key4.db-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/user.js /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/cookies.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/handlers.json /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/cookies.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/prefs.js /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/cert9.db /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/compatibility.ini /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/pkcs11.txt /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/permissions.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/cert9.db-journal N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/addons.json N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/extension-preferences.json N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/cookies.sqlite /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/cert9.db-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/cert9.db N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/sessionstore-backups/previous.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/system-extensions /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/sessionstore-backups/recovery.js N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/extensions /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/sessionstore-backups/recovery.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/sessionstore.js N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/storage/ls-archive.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/sessionstore-backups/recovery.baklz4 N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/sessionstore-backups/recovery.bak N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/search.json.mozlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/times.json N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/extensions.json N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/key4.db N/A N/A
File opened for reading /root/.mozilla/firefox/i079295s.default-release/addonStartup.json.lz4 /usr/lib/firefox/firefox N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo N/A N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/cpu0/cache/index2/size N/A N/A
File opened for reading /sys/devices/system/cpu/present N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/online N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index3/size N/A N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/glxtest N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/1512/cmdline N/A N/A
File opened for reading /proc/self/fd/43 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/dconf-service N/A
File opened for reading /proc/self/fd N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/10 /usr/lib/firefox/firefox N/A
File opened for reading /proc/2076/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd-fuse N/A
File opened for reading /proc/self/fd/49 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1480/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/41 /usr/lib/firefox/firefox N/A
File opened for reading /proc/2093/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd-trash N/A
File opened for reading /proc/self/mountinfo /usr/libexec/gvfsd-trash N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1491/status N/A N/A
File opened for reading /proc/2155/smaps N/A N/A
File opened for reading /proc/self/task/2162/stat N/A N/A
File opened for reading /proc/sys/kernel/cap_last_cap N/A N/A
File opened for reading /proc/self/fd/34 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/47 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/46 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/45 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/mountinfo N/A N/A
File opened for reading /proc/self/fd/42 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/self/fd/74 /usr/lib/firefox/firefox N/A
File opened for reading /proc/2118/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/1597/cmdline N/A N/A
File opened for reading /proc/self/fd/40 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/50 /usr/lib/firefox/firefox N/A
File opened for reading /proc/2100/cmdline N/A N/A
File opened for reading /proc/cmdline /usr/libexec/dconf-service N/A
File opened for reading /proc/2128/statm N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1601/stat N/A N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/1491/attr/current N/A N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd/37 /usr/lib/firefox/firefox N/A
File opened for reading /proc/2072/cmdline N/A N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-permission-store N/A
File opened for reading /proc/self/fd/73 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/94 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/lib/firefox/glxtest N/A
File opened for reading /proc/self/fd/38 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/44 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/nautilus N/A
File opened for reading /proc/self/fd/39 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/87 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat N/A N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/30 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal-gtk N/A
File opened for reading /proc/2086/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EQUA7GdBSSdEvbBRN2ePG0ABfu9DSICEPyqcKRr5fMuw1w?e=YfJlFy&download=1&xsdata=MDV8MDJ8fGFhM2YyM2VmYWNjZjRlMmI4MjlkMDhkYzVlZGFjNWI0fGZlMWQ5NWE5NGNlMTQxYTU4ZWFiNmRkNDNhYTI2ZDlmfDB8MHw2Mzg0ODk1NDA4OTI1OTA3NDl8VW5rbm93bnxWR1ZoYlhOVFpXTjFjbWwwZVZObGNuWnBZMlY4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazkwYUdWeUlpd2lWMVFpT2pFeGZRPT18MXxMMk5vWVhSekx6RTVPamcyT0RneU5qVmpMVFkzT0RBdE5EVmtZeTA0WkRRMUxUWTFabVptTldSbE1qQXhaVjloWWpKaE1tTmxOUzA0WWpZekxUUXdabVl0WVRneU9DMWlNREJrTlRJNU16QXhNemRBZFc1eExtZGliQzV6Y0dGalpYTXZiV1Z6YzJGblpYTXZNVGN4TXpNMU56STRPREl6Tmc9PXw1Y2E5MGMyNzJlMjc0ZTFhODI5ZDA4ZGM1ZWRhYzViNHw4NjMwNWFiN2UyNGI0OWQ4OGRhM2MxMzBiZmRhMDdmZg%3D%3D&sdata=Y1FJa3Z1dGc0cFZQKzYrM29SQVRwamVkanVDc0VMNUR5MFJiL2U2WGltVT0%3D&ovuser=fe1d95a9-4ce1-41a5-8eab-6dd43aa26d9f%2CSagar.Balraj%40ril.com]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EQUA7GdBSSdEvbBRN2ePG0ABfu9DSICEPyqcKRr5fMuw1w?e=YfJlFy&download=1&xsdata=MDV8MDJ8fGFhM2YyM2VmYWNjZjRlMmI4MjlkMDhkYzVlZGFjNWI0fGZlMWQ5NWE5NGNlMTQxYTU4ZWFiNmRkNDNhYTI2ZDlmfDB8MHw2Mzg0ODk1NDA4OTI1OTA3NDl8VW5rbm93bnxWR1ZoYlhOVFpXTjFjbWwwZVZObGNuWnBZMlY4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazkwYUdWeUlpd2lWMVFpT2pFeGZRPT18MXxMMk5vWVhSekx6RTVPamcyT0RneU5qVmpMVFkzT0RBdE5EVmtZeTA0WkRRMUxUWTFabVptTldSbE1qQXhaVjloWWpKaE1tTmxOUzA0WWpZekxUUXdabVl0WVRneU9DMWlNREJrTlRJNU16QXhNemRBZFc1eExtZGliQzV6Y0dGalpYTXZiV1Z6YzJGblpYTXZNVGN4TXpNMU56STRPREl6Tmc9PXw1Y2E5MGMyNzJlMjc0ZTFhODI5ZDA4ZGM1ZWRhYzViNHw4NjMwNWFiN2UyNGI0OWQ4OGRhM2MxMzBiZmRhMDdmZg%3D%3D&sdata=Y1FJa3Z1dGc0cFZQKzYrM29SQVRwamVkanVDc0VMNUR5MFJiL2U2WGltVT0%3D&ovuser=fe1d95a9-4ce1-41a5-8eab-6dd43aa26d9f%2CSagar.Balraj%40ril.com]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EQUA7GdBSSdEvbBRN2ePG0ABfu9DSICEPyqcKRr5fMuw1w?e=YfJlFy&download=1&xsdata=MDV8MDJ8fGFhM2YyM2VmYWNjZjRlMmI4MjlkMDhkYzVlZGFjNWI0fGZlMWQ5NWE5NGNlMTQxYTU4ZWFiNmRkNDNhYTI2ZDlmfDB8MHw2Mzg0ODk1NDA4OTI1OTA3NDl8VW5rbm93bnxWR1ZoYlhOVFpXTjFjbWwwZVZObGNuWnBZMlY4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazkwYUdWeUlpd2lWMVFpT2pFeGZRPT18MXxMMk5vWVhSekx6RTVPamcyT0RneU5qVmpMVFkzT0RBdE5EVmtZeTA0WkRRMUxUWTFabVptTldSbE1qQXhaVjloWWpKaE1tTmxOUzA0WWpZekxUUXdabVl0WVRneU9DMWlNREJrTlRJNU16QXhNemRBZFc1eExtZGliQzV6Y0dGalpYTXZiV1Z6YzJGblpYTXZNVGN4TXpNMU56STRPREl6Tmc9PXw1Y2E5MGMyNzJlMjc0ZTFhODI5ZDA4ZGM1ZWRhYzViNHw4NjMwNWFiN2UyNGI0OWQ4OGRhM2MxMzBiZmRhMDdmZg%3D%3D&sdata=Y1FJa3Z1dGc0cFZQKzYrM29SQVRwamVkanVDc0VMNUR5MFJiL2U2WGltVT0%3D&ovuser=fe1d95a9-4ce1-41a5-8eab-6dd43aa26d9f%2CSagar.Balraj%40ril.com]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/lib/firefox/glxtest

[/usr/lib/firefox/glxtest -f 13]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 20252 -prefMapSize 231436 -appDir /usr/lib/firefox/browser {1111e84e-67fa-4495-bdd2-76d7bdd1cc81} 1597 true socket]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/libexec/gvfsd

[/usr/libexec/gvfsd]

/usr/libexec/gvfsd-fuse

[/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes]

/usr/libexec/dconf-service

[/usr/libexec/dconf-service]

/usr/bin/nautilus

[/usr/bin/nautilus --gapplication-service]

/usr/libexec/gvfsd-trash

[/usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 22702 -prefMapSize 231436 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {dffc4ca8-f9aa-49e7-a442-c11a8112c384} 1597 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 22454 -prefMapSize 231436 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {4fa7b3a5-20d2-4e51-8485-1ca224827970} 1597 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 22836 -prefMapSize 231436 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {8da1350d-0fad-4318-862a-e18273e037ef} 1597 true tab]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 _http._tcp.security.ubuntu.com udp
US 1.1.1.1:53 _https._tcp.deb.nodesource.com udp
US 1.1.1.1:53 _http._tcp.nl.archive.ubuntu.com udp
US 1.1.1.1:53 cdn.fwupd.org udp
US 1.1.1.1:53 cdn.fwupd.org udp
US 151.101.2.49:443 cdn.fwupd.org tcp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 deb.nodesource.com udp
US 1.1.1.1:53 deb.nodesource.com udp
US 1.1.1.1:53 nl.archive.ubuntu.com udp
US 1.1.1.1:53 nl.archive.ubuntu.com udp
US 91.189.91.81:80 security.ubuntu.com tcp
US 104.22.5.26:443 deb.nodesource.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 151.101.2.49:443 cdn.fwupd.org tcp
US 1.1.1.1:53 _https._tcp.motd.ubuntu.com udp
US 1.1.1.1:53 motd.ubuntu.com udp
US 1.1.1.1:53 motd.ubuntu.com udp
IE 54.247.62.1:443 motd.ubuntu.com tcp
US 1.1.1.1:53 _https._tcp.esm.ubuntu.com udp
US 1.1.1.1:53 esm.ubuntu.com udp
US 1.1.1.1:53 esm.ubuntu.com udp
US 91.189.91.46:443 esm.ubuntu.com tcp
IE 34.254.182.186:443 motd.ubuntu.com tcp
IE 54.171.230.55:443 motd.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
IE 34.243.160.129:443 motd.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 services.addons.mozilla.org udp
US 1.1.1.1:53 services.addons.mozilla.org udp
GB 18.245.162.100:443 services.addons.mozilla.org tcp
GB 18.245.162.100:443 services.addons.mozilla.org tcp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 52.25.6.244:443 location.services.mozilla.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 alfanar01-my.sharepoint.com udp
US 1.1.1.1:53 alfanar01-my.sharepoint.com udp
US 13.107.138.10:443 alfanar01-my.sharepoint.com tcp
US 1.1.1.1:53 detectportal.firefox.com udp
US 1.1.1.1:53 detectportal.firefox.com udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 example.org udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 example.org udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 firefox-api-proxy.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-api-proxy.cdn.mozilla.net udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net tcp
US 34.117.188.166:443 spocs.getpocket.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 www.mozorg.moz.works udp
DE 13.32.119.185:443 www.mozilla.org tcp
DE 13.32.119.185:443 www.mozilla.org tcp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 52.10.78.57:443 shavar.services.mozilla.com tcp
US 34.117.188.166:443 spocs.getpocket.com udp
US 52.10.78.57:443 shavar.services.mozilla.com tcp
US 1.1.1.1:53 a1887.dscq.akamai.net udp
GB 92.123.143.185:80 a1887.dscq.akamai.net tcp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 getpocket.com udp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 www.mozorg.moz.works udp
US 1.1.1.1:53 www.npr.org udp
US 1.1.1.1:53 www.npr.org udp
US 1.1.1.1:53 www.usatoday.com udp
US 1.1.1.1:53 www.newyorker.com udp
US 1.1.1.1:53 www.newyorker.com udp
US 1.1.1.1:53 domains.gannett.map.fastly.net udp
US 1.1.1.1:53 condenast.map.fastly.net udp
GB 92.123.143.210:80 a1887.dscq.akamai.net tcp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 arstechnica.com udp
US 1.1.1.1:53 www.empireonline.com udp
US 1.1.1.1:53 www.empireonline.com udp
US 1.1.1.1:53 d3a5a5uc9z2x2a.cloudfront.net udp
US 1.1.1.1:53 arstechnica.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.117.188.166:443 spocs.getpocket.com udp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.120.115.102:443 tcp
US 34.120.115.102:443 tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.107.243.93:443 tcp
US 1.1.1.1:53 udp
SE 192.229.221.95:80 tcp
US 1.1.1.1:53 udp
US 34.120.208.123:443 tcp
US 34.120.208.123:443 tcp
US 1.1.1.1:53 fp2e7a.wpc.phicdn.net udp
SE 192.229.221.95:80 tcp
US 34.120.208.123:443 tcp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 34.117.121.53:443 tcp
GB 142.250.200.46:443 tcp
GB 88.221.134.209:80 tcp
US 34.98.75.36:443 tcp
US 1.1.1.1:53 inews.co.uk udp
US 1.1.1.1:53 www.scotsman.com udp
US 1.1.1.1:53 www.scotsman.com udp
US 1.1.1.1:53 inews.co.uk udp
US 1.1.1.1:53 ft2.map.fastly.net udp
US 1.1.1.1:53 discover-prod-1777428142.us-east-1.elb.amazonaws.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 35.201.103.21:443 tcp
US 35.244.181.201:443 tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.18:80 connectivity-check.ubuntu.com tcp

Files

/root/.dbus/session-bus/4816dd152e8c48ff97e9117d197c13d8-0

MD5 b7e94fec8e2d7c6ca568fd5d3c6a18c5
SHA1 144651571f0bcbca5482f8d9dfa3a266ce891388
SHA256 c3803ddf8d0f4a90ac79c3ae28ce3ebf22969aadde57bde180805e43d963b60f
SHA512 484a0e9642fad51d0c9063907f5c53a17cda53ee9a7b40f3b392b3e718c467896cb71fb34734bdb3e28bf46b2f9254a6ed38c243e8e5e5ae08036f3cea0b8401

/root/.mozilla/firefox/Crash Reports/InstallTime20240108143603

MD5 7900ea2a34beecc056c1950ac2021f7b
SHA1 5791242322af16740cc9a1a8f2506e629db256e0
SHA256 4b82f2155452d24468ac678ffa0a192140dc8c4e04a4d9a194cfed10f7360d74
SHA512 9f40fd4c59a7a3f01cb8fe7670f208b6570f063425f98261d05981063e7ca83d081cba5037028ad5cb78473e5f869ee8cc073cf91b3418a2844387f1dadacf4c

/root/.mozilla/firefox/i079295s.default-release/times.json

MD5 9a41a6ff0cf39c5726fcbf217deb73e3
SHA1 65ea623befec9a2ca124c7987c22a17035073375
SHA256 4a0f1a3d3aae3e8903594b3addf68d0a891275c60ec66f067462881aefc6e134
SHA512 f69da37416768d6f202868653d5041ded40a5f12c6bcc9a76f8b0a78378ef6a2a2007bf8c2f093faa6d2d9372ecb2c5f2d2fd78882d4465b6eeb325d8ef1773b

/root/.mozilla/firefox/xtvyzz2s.default/times.json

MD5 423b3ca2b393492ca4cd54a3ca797856
SHA1 64499aaa3df60ef76808ed25a0927c93f7ef4f17
SHA256 87f01aa57dcb703b73464f0960fdabc02943111f6b5a29967169a478579d1657
SHA512 a273784fd3c6647678a29350467fbc5bcae9b90853c41b102a2f29021536fc2c7e1bb0a9e6ed1eb4e1e449170ca69bafbd12a800eef41a893971bc1aba0b8457

/root/.mozilla/firefox/installs.ini

MD5 2eb280bd5146398fc643c443e68a7e64
SHA1 17e9cce787a4f4f242cc77b5cc23c244036fccd5
SHA256 21a66bb8b5d49b2c208846f04c415ece4065e110f1f56126b186668c1a364bc2
SHA512 282efa687ef3b0c0e418e4c0d0de0d0dfc0b87cdec2353cea48c6ca69c78778c40cecd0a6a2046804dc448a3343777d2b06c3134197eb20985da21c18151d3fb

/root/.mozilla/firefox/profiles.ini

MD5 f1ff6d34b9c55b9dda58de2f2727977d
SHA1 d8ef55283d601c5da65114ed0117ced334670d43
SHA256 761e58db5c9e65bfbba1866ecb175ef8c0498116292db1474ff679f0ff21c755
SHA512 bc18b6733949d779c2833ac23846d856c8e65798ce95bfc094cee6d70ad5a5d203707ac82391e91f74fa4d2ca1f653a8be3a1c442c888a4d7947dce1a29e17d6

/root/.mozilla/firefox/i079295s.default-release/compatibility.ini

MD5 2d41a6f5736821b90ef44850dd3873fe
SHA1 a47c4bc1431234a5b58e460ede5b571acd38e562
SHA256 b4bf5c8334f6db20ae94105141ae7a721342ddccd94ec65289dc291e76a31814
SHA512 047a1455211e7aa29ef5f32f07c89d8a0c8d86d871bc664e4d8958a2a014dbe32f0613cd9eb66e7307c0e2439f74ca0b829652a52fa48e8c60d64b41f69914eb

/root/.mozilla/firefox/i079295s.default-release/cookies.sqlite

MD5 26ff39b359947b71a5fadd950fac34f0
SHA1 66e5830e4dca79225f41adc13a077d8e5dd8084b
SHA256 aecbaf3e1df1332d4f14a11480db712eb4aa91581eb4e942c580bf675f592a45
SHA512 7fae7b9ff4362e12f00acdc898f6f679718bdd28dc959684333086de7bacd162338dc266810f9f3f6dfa3dc228291efd6bb325e2e8573ca0e6a699059a145f11

/root/.mozilla/firefox/i079295s.default-release/cookies.sqlite

MD5 102a8b6e82208a1b69224bdca8a5b10f
SHA1 8413dc3772127c4159e6d6b51372990a06b805ee
SHA256 5ebf89b32937916a76a8432832040cf0f6b99c2f006cc42f856712d403ec182c
SHA512 49c5c27c6749a7a73b4b944eea64ceb053a272619e6319bfd433ffbe126c8fbccc110961018165a4c7de781a86cf38d2bd9e52ec71b10bc73c9fd05fe841a46c

/root/.mozilla/firefox/i079295s.default-release/prefs.js

MD5 984acb47cf6b87b4a87332492dc8fc15
SHA1 80e1091c9e23f300df5ab41f671e449cbe980840
SHA256 8e0a071ea0ca7b8e0502e0ce95aa3151e66c8d7d5adc8aab9b0ac307968f3fd9
SHA512 a7dece18dbea8612fd41f7dd6506084035f3aae8c8919094c7d18edddb549bfd5349f33ceee80264da3a218332e77fa3350962f4b353f30c507e697264be64f2

/root/.mozilla/firefox/i079295s.default-release/storage/ls-archive.sqlite

MD5 e1121e3dd3c8a9c384f879bdddcff219
SHA1 625f25a1a5ff8527ab3105636fa7aecb9affd234
SHA256 766b9f50254b4e5526b0cde2911512956262596d8937f8630805d3c70802a066
SHA512 03e1cee2e75b2b609b8344a40995de09de837e940d2012f2fea65d9c70eecbcd3345b66b852f32211b38b06a4370f06f02ca7521e29e7113e2e12a6a7752be31

/root/.mozilla/firefox/i079295s.default-release/storage/ls-archive.sqlite

MD5 0d2b18bbf091633c4fe1ebdd197dfa15
SHA1 c150dc37042d92d30efed6cbc1b536eb66ec1a3e
SHA256 fe63ee867e0f229a0bcc48b771afeec394c362ac6d0c2bd6907c7202097bd228
SHA512 59d202bfaf236bdcfc05a3e148a773d15a3bdff23be26fb2cbfd059fee6c4a516c7a59de0a3bc97df1419c34464e1346354979ddda1062101121522f22d8156d

/root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/.metadata-v2-tmp

MD5 85682a1c82c47453108b91ac15634c62
SHA1 772d14826fe27a20b10df7c5fc6a01e125c202c2
SHA256 a0c486bffc32d301822abb87e5f38a374c226049e9b2eef4540fc2fdc6a1965f
SHA512 45be271fcf4a7365843d2e61893677ac62accbb1317f7c78df4738169221e5599952735ef13b7c0ee8b1ccbe3c06f2dce367bd62a7cadbcc782170dec9545a68

/root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 225fe36c4bb990de9670b27368d655a2
SHA1 1dc382bec9af9b4bd0308dea1908ab6933834828
SHA256 2185235a458ef8924a1370bb956dd1d65d1f7bbffda08289275e072b65d5d1db
SHA512 11eb31a930a336c13869b0d385df555d7fba32ecea26bf513398dca2a35439643b0896a94c4696ffb439eef18b7f85982155dd12beddef784fe4ed1e86d2d1c2

/root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 fc939acfacb9e28c404d1409be86a2ca
SHA1 871a3e780cf5cd54fa7ae3a16ada7a3a8ff1f0a5
SHA256 af405f4b426f49da5c6c432820508a5d209264411c30318811c841f9c365156b
SHA512 d977384e9d6bf5dd6b00422c214387ced0c27a4f6ef2f05d45cb266469011ef696d9fe18912a07b009b73de63a8ccb29b5f5443e95b2c9ce979fffdfd59c7092

/root/.mozilla/firefox/i079295s.default-release/prefs-1.js

MD5 f25ec1d6e102fbaf85c7fe7a4050b075
SHA1 3d62bb3c2a242a8276949cff89def21a5d98148f
SHA256 d9b7319e5877700f71dd29d1cc285ec456821762a038fd90fae75609c4bb3c47
SHA512 e316f5c2cd9eb9f3079f4983dae614c90b29e6342118ebe4dfca36fde55c66897fff9b5faa568541999ec70ba08c1526bce17f09bbe85fa3338e0b2469a6d81b

/root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 fc026eec4aa06c64334947871427d964
SHA1 ffa02de56cd26fa46890d07bc4bc414edb8c7c32
SHA256 36f00cb7778bd22baea4b1674fe8583c8bb41888ceda2e32200ff226c770c604
SHA512 a4f397556580133a1b149102b67e612cabd053d479ea3009a08bb31264e081395a2673799dbb247c29bd23d891b4acaa3519d47243bde7397e85bfe945c83fe4

/root/.mozilla/firefox/i079295s.default-release/prefs-1.js

MD5 4b1c249729420899f5f5922a65b16ae9
SHA1 db984389640944af15ae0bb747d90a2c6dcf644d
SHA256 a20e40ec0e5e449da5470a07038d7aee2b330d45af6c7d1817e88987d641ac21
SHA512 3c539209cf450f1884e958faf87d7c40890d6548098b12cac5f8bb128add3b2e696f65e26d8ed754a0077124ead4401a7e0147d72f18db9f48b7adb2f37d7d7c

/root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 4d8d479a813d71dd277a4f70c69abbbe
SHA1 ef9c661bcea2bde5cb8ab2214569a9747ef23727
SHA256 3edddef72879f4feb1a71b58572834a75fda486369a90125e59f422eb4a1db68
SHA512 7c12377f61f60201f7a538a116998b3dbabf990abe786c7845c55678f7615657fec536ee91d18e7dd1d283e55d2e7731c16fedb11f4b9175dddc8ccdc1d421c4

/root/.mozilla/firefox/i079295s.default-release/permissions.sqlite

MD5 fda1c1bac25d5ed6f87af516212f9a53
SHA1 b6ffb24769e706d5304920bf095821439ff83983
SHA256 f7f7cd9f6a53d264166020e9be45bb7e6ff04a99ccfea538ab1ea0c08dcbc35f
SHA512 1dff89d45bb28c3c8fb59fc507ebe0f69c890c1889a338000031a8195a1bb48474fa6ec8a8574abd5e95c497aa96875ae673cf6ab19aea8847bbab391d12fec7

/root/.mozilla/firefox/i079295s.default-release/prefs-1.js

MD5 6c4f169637578a2c8531759110bcd1e7
SHA1 fd873d3bcc550d4c5eeae4e39b6b4da2fa17e770
SHA256 f635d942cbfce14de7691648e7b025dec6e0487b135ac003a4b858bc0d1ff7db
SHA512 593ffd9f95f681124172512ef6fb08f1a8a11c63adffdfd578d560a16b71489ff150b1bd65637f8554149b0e0b3982cbf65b9c9a27d60f555a34310a807af164

/root/.mozilla/firefox/i079295s.default-release/times.json

MD5 e0acef75615111a899049446f1dcc894
SHA1 19e62c0b07229c645a615487a1c64b8364d44cb1
SHA256 d79f7d22abcbd574019651ce54df95a39ac8f9d7bb8fc237d13b89a01b99ba59
SHA512 83c2110bfce475e1ab33212e9834fe6879b1c8879194aa87435435ddecc49433b9f5ade1bdba7e55b8cd495635ebf55752daf38908b2caa99d36fd28d2819c4b

/root/.mozilla/firefox/i079295s.default-release/cert9.db

MD5 b4c9c2eb7387311a99acb618b110ee43
SHA1 8b1d709af1fa16a48c02861efe8bc7653a6d8799
SHA256 398bfce02ed48b0277be86cab9b01f39c1157de139a5c1f2549a3e7fd4686e91
SHA512 9d4baa7f943ba787596548ce873ddba8e1d8f9c1717c251dd28230c491d00c4c9b91224670de858bf26074af61e7cea15ea47b9a0f618a1d31edfffb7cda7ac4

/root/.mozilla/firefox/i079295s.default-release/key4.db

MD5 6dd436ab9a1901f4c86d19af89a678d2
SHA1 cf2a4c81ed1a4ddbf4f30e021f50402807aca560
SHA256 043f14fe0cc7058d4a44c2f59afda1c5f226206e66d1937433127450c922b373
SHA512 91140b8d2b2c4eba90e25192667018bac9e2f01980ae6f7fa74859e1168764387db9e653fd0272af2ed98e9e16f31497e506d121b4a121b8f0eccb72135ca8ed

/root/.cache/dconf/user

MD5 c4103f122d27677c9db144cae1394a66
SHA1 1489f923c4dca729178b3e3233458550d8dddf29
SHA256 96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7
SHA512 5ea71dc6d0b4f57bf39aadd07c208c35f06cd2bac5fde210397f70de11d439c62ec1cdf3183758865fd387fcea0bada2f6c37a4a17851dd1d78fefe6f204ee54

/root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 1ea539584c41fd171d307fb9e740d499
SHA1 de3d1a3d6a0173bcd30c89f148cd732d0ae614eb
SHA256 aaa3461e12a1343eb5803894e1ef6894014b75b26ef264f29ece30b1cea3aa83
SHA512 22b145864127c0f223522016c6ba0a67e06a36aeba135e546f4d77000f436d5060064eb988b7aafdb451e39f70d0afd20313d15507dd531234ac25d60e9d935c

/root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 82843e2a0b1e6e6391ed803df2ff3175
SHA1 41aa7e3de37cdcae20da2b700a0a3580328db217
SHA256 7ea80c55312daf60e6d52152e1d8022126c90a62b3696350c2e10db9cd446c83
SHA512 6d6850460ec8815f81b31a9ed4f277a243398139f9f8e6a989ea28e83ab5812386befc61a1b0a545567d7c9cc6678e9b05f9c90d1609e44ae8180ec4b5d8c035

/root/.mozilla/firefox/i079295s.default-release/prefs-1.js

MD5 e893bc88261ab2436082b5eaf5819035
SHA1 e617d9599f7e554129f169861145b2cc993501dd
SHA256 19d3f16d578b833b9c15ec2d4c27c308ff2190716bbc952b72a6bcf392b05cab
SHA512 876a836fc0c479181941449e56eee6ca03c68ec5863454d6425e05d251d627ce119e3c2e6c8a255db1aa81313069cd36e7ca82c5ac3170ffd505a8f97bc3cc13

/root/.cache/mozilla/firefox/i079295s.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F

MD5 bad3b49b9187659bb2b8509cdd7f51e7
SHA1 35307931be9a07ff584d61ab224ed5749278713b
SHA256 b901491e4da0ac173d4040cc8c8f60d61463df4e3466140b58d14337e4bbedec
SHA512 a3db4fefe494507be33ca55a4c2fae5f9c970f306060294311f7ff8b432fb036b59ce0f8ec63814c3cb53490c20d1657dbc1139e723172281ea61d72f7ccaee7

/root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 bbe9e4471c97fb1b270eb793922a00e8
SHA1 a1da47669a2b512be64ba97e8bbd587887d2c24f
SHA256 dedbbbca17668696789b6525ec93fadbb5731e96df326c7d84ce355fe0ca1bac
SHA512 1df28b24c05bd0931c3fab72bf6283d4a4df4253bd28060bf9abaf8fa0b9fd91e7790c28d7972287ac82a1bf04eecd3fab8acdaa26dfd394b3493280c7474f1d

/root/.mozilla/firefox/i079295s.default-release/prefs-1.js

MD5 87a436d80392f5e87aba0eee784268cd
SHA1 08b9c24e5d330764f41b3bbdda21cf9cfd2707f3
SHA256 c93ee2cfd7768c8bcc5dbedd7e7cf2933cbbfdc8dcc85a9002669bd857245a2e
SHA512 9f27ea651a6194fb7c76baa6061450bf2ccb7ce80d8bf9cd8433fa8b19ac642c829b4bd74b8b3d378a15df2e6ee30c845eee246bc98cb7a0235a3d52b8f9b703

/root/.mozilla/firefox/i079295s.default-release/cert9.db

MD5 63511be0a46be1cff5564454e189a65d
SHA1 54a67a434c3ac6286e49704c270996f3b2bb2512
SHA256 cb9b45899f0958bd6e3e5499b15d51379c1febf46a603aead5d2c98c8178b975
SHA512 8ed3118b2b7004ca491e25131792b362cf4046c4c3bf796211d0e36e4a5600ecb55271ff7ff4e40acad17f0010700d8034ad773c0f744497b29c9db5b701d9b8

/root/.cache/mozilla/firefox/i079295s.default-release/cache2/entries/90E321EE94230DCDBDCD2EC0B77C695A4FC21F78

MD5 79f55391b6c2f7ee9bd6e48c78b78171
SHA1 ca4f2dda642c66f5beadeadd62524580a71aac32
SHA256 81680ff9ee3152ec644a7d84eb5c5fde5c45edaf3c12882cbf15c7564e47dc51
SHA512 949735d00b360dd568229b1f5153e67bc6dbf908bce25269bef31379aea46d3701413e25c4fbf8a441c08573b2e80790826951e4f4a225f4b1be34da1c20997a

/root/.mozilla/firefox/i079295s.default-release/prefs-1.js

MD5 8cacea35c249490fce27f30cf66fd0c5
SHA1 931dc57c0aa92e18c6929f78d9167c82aeb8131f
SHA256 7238f9b2e62cdc00ea602397c9f94924763c3007c3b73ba5904f523cc2e792a1
SHA512 0408cce4f9f6c5c3fd606428d90b1ee2896ec34f724b9a375b406b52e8d6eb55d567906bab888e2968c97342b8ab98bfe1e293bfd9ce3184aa9f1e72400ca561

/root/.cache/mozilla/firefox/i079295s.default-release/cache2/entries/1611007487CDFCDB9FE43793C68D8984CF7DD7AA

MD5 af3095714af075cb397f3933f3584425
SHA1 87f95189c12240cf9bc54acc4640f05f810570da
SHA256 e41342db11faa555ac5b2a10a9bd2cd6d235d1a08b8ca0edd04da522ae5bf805
SHA512 e1c7869f9725d0fb3c7743417eb23aa4a1d3d769c99710948abb4e1bf9f6f2003a4d1fdaa0e83cf1e15cf9a971f6e57df4e24a4cdaca52ae76e1d010f63b9100

/root/.mozilla/firefox/i079295s.default-release/prefs-1.js

MD5 780c030c7738e4731f8a4abf0406a9e7
SHA1 0f979a123e37dad8e32c7955cf0c83c10962efe8
SHA256 c6e9111fa9c7792fbf06ed0da2c0583bb52b4211af312aa8ef58c8b382c78743
SHA512 5c0a62e645fc2eea5315f8dc3ddaf8890defee83c8f622571ae032c5da834f6f60744b3f8f96d50a124fcff0140266a91b72c5939aed4f992d94ae47ec94304a

/root/.mozilla/firefox/i079295s.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 a4c77587dd80a64904ae845a485fe6f1
SHA1 474bf0559a81885e51a7a17cae8d69da7e327599
SHA256 121cf93fa5e35ff5c3e48eaac8b823ae24bb6ab48cd77a36dd21b8f166264f37
SHA512 47d5d29088564582b8fd28c28f1744057da0d6380d157f8ef8badc97998f5666ddfa178a968e9158f6973fa7f9bbb3be738bbbf3e4fe21f13b2fbe8c59188e94

/root/.cache/mozilla/firefox/i079295s.default-release/cache2/entries/D0F48A0632B6C451791F4257697E861961F06A6F

MD5 ad505aec6b152bdb00917a4a12bbc625
SHA1 e636e62ced85e6d2ecd611b6630f1c637fb3d6b7
SHA256 c74738e7c9271a6c0e3769545f5384cfffc0dce66093d7f4330ef088efa5e782
SHA512 662c4fd722012c4de3e17e73d33e8133bba24c83adf6fd128e7b78a1cadc3467d12d415664698e87f9c1ee22236e8ea151bc7bbfdcf92692df25bb5665840c36

/root/.cache/mozilla/firefox/i079295s.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F

MD5 1a869e2b26289036f8350596e3de88ee
SHA1 b0ff44bafe8dce4df9c469d37392ad2af959ac77
SHA256 6ac295860d5ad0ca0d332f52dd0bb3bb52f4bd4b79f3dcb4982c114ed9cc12ff
SHA512 b12f49c7cee2719553304d430e556d1cf249d4413fd851708e515300815c3f43889e4a77f2becab25437ffd5428891ca9d794d120275a0024817cd61c82573f8

/root/.cache/mozilla/firefox/i079295s.default-release/cache2/entries/90E321EE94230DCDBDCD2EC0B77C695A4FC21F78

MD5 6fc6c2cbccbc9a1a57c672229153f3d6
SHA1 2875a82974543fa448db6ea932febe2977b93304
SHA256 9db8300140cbc54c03c98b5df2edc90a5eb01013c5102836f865566bd225f419
SHA512 bd26216ccb7345f92f0d7ca4d07a829bac99312adfbfbd8616cb32061acfe6e8855e1187c8647eceb248961b8549402e14dab9ce3a03635a11bc8eb9f248f92b

/root/.cache/mozilla/firefox/i079295s.default-release/cache2/entries/1611007487CDFCDB9FE43793C68D8984CF7DD7AA

MD5 0613f7c3a73f0a22f259fe9b2aecaedb
SHA1 07894eb95514ceb439b9910bc382d79ac202a145
SHA256 f77da59f21f794d7ae96afd320f42bc6994814b789aa58a5cc2899c6670f25f1
SHA512 0cf49ef5a4ad6636fe2aa1e95776ba4a40ea3b997eb4b98b4e867c85f9e0e93c5e9cc5c87b3429ebd3759cb21528f65cc98dcd62059137e16ce8778e47408cf0

/root/.cache/mozilla/firefox/i079295s.default-release/cache2/entries/8AF5D98EA49BFC5F75DBBB8CBE9CADF11B63E0F4

MD5 dc0a365f55571d4d3bb6e13356ddd8c8
SHA1 187e214f3d14347dd430745bf11673dae6889810
SHA256 de8887325c91ff415935b2e60255654a4e4cb7570458535f88da89fb835fa7d8
SHA512 af71555a2fb29168a13316e3e14ff7ba42bba1861387f9e8189b1e5b647566228524e01d9c3a110cc0eb42fccdf15e1fcfb6ffea40440ede0d98ec282c8ccf5f

/root/.cache/mozilla/firefox/i079295s.default-release/cache2/entries/8AF5D98EA49BFC5F75DBBB8CBE9CADF11B63E0F4

MD5 d20b0d53ef525b745f41200867634e71
SHA1 bf4cb1b3edd26a40999a8ba918ce562b24f8d5d8
SHA256 59688f6059a07d1db5b7418dcb87e615c845b986265482dc8c20f56eede4a751
SHA512 0ae698f2bd4ed60f25f971f06e9020d6e04deb0a48a2bbb9e6b8a8e8e61d129c0ebc2083ee7ee7d6eb49bebdf184836aac7830f4992662961d0d0bc679dbfdcf

/root/.mozilla/firefox/i079295s.default-release/prefs-1.js

MD5 9b2bf739b17ae7244288047dc522d3c4
SHA1 ff720b37abc75583e6ddf047933e0af1b019c36a
SHA256 91595b6a8304b9145e99a66e66c2ec6f3787ff48094341f7345060a1c0e77b38
SHA512 4e680a1b9f39539b12b9cc1de33f144046b7b5828b16cddeb12c8d84402dd7b327410cf2b8db9ea6976619a756b1cf5e8866cf53bca0586bb39d222965dd9003

/root/.mozilla/firefox/i079295s.default-release/cert9.db

MD5 483fe266ed02f15362a929ebc7b39da3
SHA1 ec1cf0a69ba8475e81169b45f1e7e3e0be6d64bd
SHA256 5a27e04c5dd60140e4dea93e1a36b247c86ce966509fa239ed37919068a0b6e6
SHA512 2a49a1d8827bd3047ec2e5adb2263a46cb3ffb837d8155c7c79b068f81b30f9aeea3b6fa408b71ad36f6d8d26262f546e2f001e14b17d8c2532d0df87abaf606