Malware Analysis Report

2025-01-23 15:26

Sample ID 240418-dsz57she63
Target http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Tags
spyware stealer
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

Threat Level: Shows suspicious behavior

The file http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip was found to be: Shows suspicious behavior.

Malicious Activity Summary

spyware stealer

Reads user data of web browsers

Changes its process name

Reads CPU attributes

Enumerates kernel/hardware configuration

Reads runtime system information

Writes file to tmp directory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-18 03:16

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-18 03:16

Reported

2024-04-18 03:19

Platform

ubuntu2004-amd64-20240221-en

Max time kernel

44s

Max time network

130s

Command Line

[xdg-open http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself glxtest:disk$0 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself DOM Worker N/A N/A
Changes the process name, possibly in an attempt to hide itself DOM Worker N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself MainThread /usr/lib/firefox/firefox N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Child N/A N/A
Changes the process name, possibly in an attempt to hide itself FSBroker2037 N/A N/A
Changes the process name, possibly in an attempt to hide itself FSBroker2037 N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Process /usr/lib/firefox/firefox N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself ProfilerChild N/A N/A
Changes the process name, possibly in an attempt to hide itself ProfilerChild N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A

Reads user data of web browsers

spyware stealer
Description Indicator Process Target
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/logins.json N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/permissions.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/pkcs11.txt /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/sessionstore-backups/recovery.baklz4 N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/content-prefs.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/places.sqlite-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/favicons.sqlite /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/sessionstore-backups/recovery.js N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/places.sqlite-wal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/extension-preferences.json N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/cert9.db-journal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/xulstore.json /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/favicons.sqlite-wal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/sessionstore-backups/previous.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/sessionstore.jsonlz4 N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/handlers.json /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/cert9.db /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/cert9.db-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/times.json N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/key4.db /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/compatibility.ini /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/prefs.js /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/extensions.json N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/shield-preference-experiments.json N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/extensions /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/ls-archive.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/addons.json N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/sessionCheckpoints.json N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/cert9.db N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/cookies.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/sessionstore-backups/previous.js N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/sessionstore-backups/recovery.bak N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/key4.db-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/key4.db N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/addonStartup.json.lz4 /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/permissions.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/places.sqlite /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/favicons.sqlite-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/cert_override.txt /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/content-prefs.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/cookies.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/cookies.sqlite /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/cookies.sqlite-journal /usr/lib/firefox/firefox N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/ls-archive.sqlite-journal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite-wal N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite N/A N/A
File opened for reading /root/.mozilla/firefox/akc8f0h7.default-release/user.js /usr/lib/firefox/firefox N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present N/A N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu N/A N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device /usr/lib/firefox/glxtest N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/filesystems /usr/libexec/xdg-document-portal N/A
File opened for reading /proc/2064/cmdline N/A N/A
File opened for reading /proc/sys/kernel/cap_last_cap N/A N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd/38 /usr/lib/firefox/firefox N/A
File opened for reading /proc/2059/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-permission-store N/A
File opened for reading /proc/cmdline /usr/libexec/dconf-service N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/mountinfo N/A N/A
File opened for reading /proc/self/fd/35 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/libexec/gvfsd-trash N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/48 /usr/lib/firefox/firefox N/A
File opened for reading /proc/2090/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/bin/nautilus N/A
File opened for reading /proc/self/task/2228/stat N/A N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd/46 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/47 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/1588/cmdline N/A N/A
File opened for reading /proc/self/fd/43 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/36 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/2040/stat N/A N/A
File opened for reading /proc/2068/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal-gtk N/A
File opened for reading /proc/2085/cmdline N/A N/A
File opened for reading /proc/self/fd/52 /usr/lib/firefox/firefox N/A
File opened for reading /proc/2111/cmdline N/A N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1489/attr/current N/A N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd-fuse N/A
File opened for reading /proc/self/fd/32 /usr/lib/firefox/firefox N/A
File opened for reading /proc/2077/cmdline N/A N/A
File opened for reading /proc/2108/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/49 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/50 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd N/A
File opened for reading /proc/self/stat N/A N/A
File opened for reading /proc/filesystems /usr/lib/firefox/glxtest N/A
File opened for reading /proc/self/fd/30 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/42 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/75 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/44 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd N/A N/A
File opened for reading /proc/1475/cmdline N/A N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd/51 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/37 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/dconf-service N/A
File opened for reading /proc/2103/cmdline N/A N/A
File opened for reading /proc/1489/status N/A N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/10 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd-trash N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A
File opened for modification /tmp/ZtQYCgbY.zip /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/http]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/lib/firefox/glxtest

[/usr/lib/firefox/glxtest -f 13]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 20252 -prefMapSize 231436 -appDir /usr/lib/firefox/browser {3736ebbd-6de1-461d-9599-73511c3471ae} 1588 true socket]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/libexec/gvfsd

[/usr/libexec/gvfsd]

/usr/libexec/gvfsd-fuse

[/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes]

/usr/libexec/dconf-service

[/usr/libexec/dconf-service]

/usr/bin/nautilus

[/usr/bin/nautilus --gapplication-service]

/usr/libexec/gvfsd-trash

[/usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 28854 -prefMapSize 231436 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {3dd1e0e9-6c45-49a2-820f-8279f618f344} 1588 true tab]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 _http._tcp.security.ubuntu.com udp
US 1.1.1.1:53 _https._tcp.deb.nodesource.com udp
US 1.1.1.1:53 _http._tcp.nl.archive.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 deb.nodesource.com udp
US 1.1.1.1:53 deb.nodesource.com udp
US 1.1.1.1:53 nl.archive.ubuntu.com udp
US 1.1.1.1:53 nl.archive.ubuntu.com udp
US 91.189.91.81:80 security.ubuntu.com tcp
US 104.22.4.26:443 deb.nodesource.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 _https._tcp.motd.ubuntu.com udp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 motd.ubuntu.com udp
US 1.1.1.1:53 motd.ubuntu.com udp
US 1.1.1.1:53 cdn.fwupd.org udp
US 1.1.1.1:53 cdn.fwupd.org udp
IE 54.247.62.1:443 motd.ubuntu.com tcp
US 1.1.1.1:53 _https._tcp.esm.ubuntu.com udp
US 151.101.194.49:443 cdn.fwupd.org tcp
US 1.1.1.1:53 esm.ubuntu.com udp
US 1.1.1.1:53 esm.ubuntu.com udp
GB 185.125.190.24:443 esm.ubuntu.com tcp
US 151.101.194.49:443 cdn.fwupd.org tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 services.addons.mozilla.org udp
US 1.1.1.1:53 services.addons.mozilla.org udp
GB 18.245.162.43:443 services.addons.mozilla.org tcp
GB 18.245.162.43:443 services.addons.mozilla.org tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 44.240.56.209:443 tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 detectportal.firefox.com udp
US 1.1.1.1:53 detectportal.firefox.com udp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
GB 143.204.72.186:443 tcp
US 34.149.100.209:443 tcp
GB 23.200.147.11:80 tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 example.org udp
US 1.1.1.1:53 example.org udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 firefox-api-proxy.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-api-proxy.cdn.mozilla.net udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net tcp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 1.1.1.1:53 a1887.dscq.akamai.net udp
US 52.10.78.57:443 shavar.services.mozilla.com tcp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 a1887.dscq.akamai.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net udp
US 34.117.188.166:443 spocs.getpocket.com udp
GB 23.200.147.11:80 a1887.dscq.akamai.net tcp
GB 23.200.147.11:80 a1887.dscq.akamai.net tcp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 a1887.dscq.akamai.net udp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 www.mozorg.moz.works udp
US 1.1.1.1:53 www.sciencealert.com udp
US 1.1.1.1:53 www.independent.co.uk udp
US 1.1.1.1:53 www.independent.co.uk udp
US 1.1.1.1:53 www.sciencealert.com udp
GB 23.200.147.11:80 a1887.dscq.akamai.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 www.wsj.com udp
US 1.1.1.1:53 www.wsj.com udp
US 1.1.1.1:53 edition.cnn.com udp
US 1.1.1.1:53 edition.cnn.com udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 www.bbc.com udp
US 1.1.1.1:53 www.harpersbazaar.com udp
US 1.1.1.1:53 www.harpersbazaar.com udp
US 1.1.1.1:53 gtm-uk.www.bbc.com.pri.bbc.com udp
US 1.1.1.1:53 hearst-hdm.map.fastly.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 www.timeout.com udp
US 1.1.1.1:53 www.timeout.com udp
US 1.1.1.1:53 www.forbes.com udp
US 1.1.1.1:53 www.forbes.com udp
US 1.1.1.1:53 m.sni.global.fastly.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 graziadaily.co.uk udp
US 1.1.1.1:53 graziadaily.co.uk udp
US 1.1.1.1:53 www.newstatesman.com udp
US 1.1.1.1:53 www.newstatesman.com udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.117.188.166:443 spocs.getpocket.com udp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net udp
US 1.1.1.1:53 contile-images.services.mozilla.com udp
US 1.1.1.1:53 contile-images.services.mozilla.com udp
US 34.120.115.102:443 contile-images.services.mozilla.com tcp
US 34.120.115.102:443 contile-images.services.mozilla.com tcp
US 34.149.100.209:443 tcp
US 1.1.1.1:53 normandy.cdn.mozilla.net udp
US 1.1.1.1:53 normandy.cdn.mozilla.net udp
US 1.1.1.1:53 udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 udp
US 1.1.1.1:53 udp
GB 23.200.147.11:80 a1887.dscq.akamai.net tcp
US 1.1.1.1:53 normandy-cdn.services.mozilla.com udp
US 35.201.103.21:443 normandy.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 classify-client.services.mozilla.com udp
US 1.1.1.1:53 classify-client.services.mozilla.com udp
US 1.1.1.1:53 prod-classifyclient.normandy.prod.cloudops.mozgcp.net udp
US 34.98.75.36:443 classify-client.services.mozilla.com tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 www.amazon.co.uk udp
US 1.1.1.1:53 www.vodafone.co.uk udp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.vodafone.co.uk udp
US 1.1.1.1:53 www.amazon.co.uk udp
US 1.1.1.1:53 youtube-ui.l.google.com udp
US 1.1.1.1:53 www-live.waf.digital-prod.vodafoneaws.co.uk udp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 www.reddit.com udp
US 1.1.1.1:53 www.bbc.co.uk udp
US 1.1.1.1:53 www.ebay.co.uk udp
US 1.1.1.1:53 www.bbc.co.uk udp
US 1.1.1.1:53 www.ebay.co.uk udp
US 1.1.1.1:53 reddit.map.fastly.net udp
US 1.1.1.1:53 e11847.a.akamaiedge.net udp
US 1.1.1.1:53 gtm-uk.www.bbc.co.uk.pri.bbc.co.uk udp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 dlp0y1mxy0v3u.cloudfront.net udp
US 1.1.1.1:53 variety.com udp
US 1.1.1.1:53 www.mozorg.moz.works udp
US 1.1.1.1:53 variety.com udp
US 1.1.1.1:53 incoming.telemetry.mozilla.org udp
US 1.1.1.1:53 incoming.telemetry.mozilla.org udp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 34.120.208.123:443 incoming.telemetry.mozilla.org tcp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 fp2e7a.wpc.phicdn.net udp
US 1.1.1.1:53 autopush.prod.mozaws.net udp
US 1.1.1.1:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 1.1.1.1:53 safebrowsing.googleapis.com udp
US 1.1.1.1:53 safebrowsing.googleapis.com udp
GB 172.217.169.10:443 safebrowsing.googleapis.com tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
GB 172.217.169.10:443 safebrowsing.googleapis.com udp
US 34.120.208.123:443 incoming.telemetry.mozilla.org tcp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 hearst-hdm.map.fastly.net udp
US 1.1.1.1:53 www.theguardian.com udp
US 1.1.1.1:53 www.theguardian.com udp
US 1.1.1.1:53 www.wellandgood.com udp
US 1.1.1.1:53 www.wellandgood.com udp
US 1.1.1.1:53 www.standard.co.uk udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 1.1.1.1:53 fp2e7a.wpc.phicdn.net udp
US 1.1.1.1:53 a19.dscg10.akamai.net udp
US 1.1.1.1:53 a19.dscg10.akamai.net udp
GB 88.221.134.209:80 a19.dscg10.akamai.net tcp
GB 88.221.134.209:80 a19.dscg10.akamai.net tcp
US 1.1.1.1:53 gtm-uk.www.bbc.com.pri.bbc.com udp
US 1.1.1.1:53 globalnews.ca udp
US 1.1.1.1:53 globalnews.ca udp
US 1.1.1.1:53 www.esquire.com udp
US 1.1.1.1:53 www.esquire.com udp
US 1.1.1.1:53 www.retailgazette.co.uk udp
US 1.1.1.1:53 www.retailgazette.co.uk udp
US 1.1.1.1:53 hearst-hdm.map.fastly.net udp
US 1.1.1.1:53 m.sni.global.fastly.net udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 graziadaily.co.uk udp
US 1.1.1.1:53 graziadaily.co.uk udp
US 1.1.1.1:53 tech.eu udp
US 1.1.1.1:53 tech.eu udp
US 1.1.1.1:53 detectportal.firefox.com udp
US 1.1.1.1:53 detectportal.firefox.com udp

Files

/root/.dbus/session-bus/4816dd152e8c48ff97e9117d197c13d8-0

MD5 566d6bc273f43509d23f92471c751c53
SHA1 daae506c951858cca22b2b8a3e11ba31a2aa495c
SHA256 4bc735898d36d1d9a314602a048d3523398da79e2d259a23e4ad1efdfcff73b4
SHA512 ced92cb1549ddd6d2776dca98f0536600b3c089e22fec55e0cf34480a46e0e3f56f50a407f46598656793b8bfbd56d14520d366fce0f76f9384c0edaa9669e1c

/root/.mozilla/firefox/Crash Reports/InstallTime20240108143603

MD5 e2bb8a265ccf6723a1d830500f0bc62b
SHA1 3f55cabfd2ed96e5335381672c06c4afafbff26d
SHA256 dfce7959305a4d85919c8a39bde0cc15f6f5e01251e10b8dc1fb226d0442a8ac
SHA512 9dba03f4e5d48fde6846d014d1059e03367c354d69471e1378338c06bbe6a34f794375e74df23b4b7107fb48675db142e71be4a33a314f1b7902efab8e182df3

/root/.mozilla/firefox/akc8f0h7.default-release/times.json

MD5 fabf9252ea3be3ff5a20a1efe52b9ac0
SHA1 3e8b17308713493f60a14e847c3d0666fd3e03f4
SHA256 50be15cd76157bd3acfb733dd4ef1cce7b63cac764e57daa76e5d973762c5703
SHA512 a544ea3a922cc76a55f2aa9e86b3f8728c2e498da3f3ab6f7ec07b5256da3a4a285448714aada028fc9bf33ac78d4c981603a9205e5d24e7eecc9a492f144c3c

/root/.mozilla/firefox/y14hea48.default/times.json

MD5 2bf2a718c36192760e33e82ff932e6f2
SHA1 15a3e35c5a7a419c32d17ef24ca6577d7e3531fd
SHA256 7bebd2866fa65cd35f017b4950fa58e92aab5958f86540cd552fbf2f70afd951
SHA512 affca3fa7517ac5612c23902bd3a9a1f00ab04a65094a012d2dd4a2861e53d25cc4fceed5c0beb121dd8dc71e9d8928c5e0e421476decd5e2283fdebae0a59f5

/root/.mozilla/firefox/installs.ini

MD5 81b685f0c558b7a8a33a0b9ed6dd952f
SHA1 714ef90a997adbd17379726fde81c671e4077852
SHA256 034f33f2e5852a0a909978cffba7a6e7eb062d12a002754a1c4a46898e163e4f
SHA512 34d7a14750c4b9820bf861a73fef072473f44255392d7b839277930b83c4a8ac70432aaaac2dfc6bd6712b6c6baf83c226f82ddf047bbbc6187c5fd95090655d

/root/.mozilla/firefox/profiles.ini

MD5 e87252f18220afcabc9200fb78a14f95
SHA1 6093ba117e222cd9a4db38c552511def11f7f969
SHA256 517f779c5448b93a9b36a9e4656d4630129104b52bbd49e6f66d929cecc5285a
SHA512 ce985a343591cfcb4ffa45fd47065906fad532f5ca2f117347244cc397137b2176293e1707eea0870efb96c8d46e0ea86bb52f708ff5acba3c7ad8c288d59618

/root/.mozilla/firefox/akc8f0h7.default-release/compatibility.ini

MD5 2d41a6f5736821b90ef44850dd3873fe
SHA1 a47c4bc1431234a5b58e460ede5b571acd38e562
SHA256 b4bf5c8334f6db20ae94105141ae7a721342ddccd94ec65289dc291e76a31814
SHA512 047a1455211e7aa29ef5f32f07c89d8a0c8d86d871bc664e4d8958a2a014dbe32f0613cd9eb66e7307c0e2439f74ca0b829652a52fa48e8c60d64b41f69914eb

/root/.mozilla/firefox/akc8f0h7.default-release/cookies.sqlite

MD5 26ff39b359947b71a5fadd950fac34f0
SHA1 66e5830e4dca79225f41adc13a077d8e5dd8084b
SHA256 aecbaf3e1df1332d4f14a11480db712eb4aa91581eb4e942c580bf675f592a45
SHA512 7fae7b9ff4362e12f00acdc898f6f679718bdd28dc959684333086de7bacd162338dc266810f9f3f6dfa3dc228291efd6bb325e2e8573ca0e6a699059a145f11

/root/.mozilla/firefox/akc8f0h7.default-release/cookies.sqlite

MD5 102a8b6e82208a1b69224bdca8a5b10f
SHA1 8413dc3772127c4159e6d6b51372990a06b805ee
SHA256 5ebf89b32937916a76a8432832040cf0f6b99c2f006cc42f856712d403ec182c
SHA512 49c5c27c6749a7a73b4b944eea64ceb053a272619e6319bfd433ffbe126c8fbccc110961018165a4c7de781a86cf38d2bd9e52ec71b10bc73c9fd05fe841a46c

/root/.mozilla/firefox/akc8f0h7.default-release/prefs.js

MD5 da70740695c5be1ab59c6d29cf7ba99f
SHA1 8fe686827404a3b8a665545d643b092f86d762a8
SHA256 938c19d79c175a667617684934fa6aafe212cdd1195e4fbc1c6de36c5f312e8d
SHA512 73236e071c2723bba84320a42e6d934450b09715eb0cceb1bdb1135934ed5578b1cdc8a175bf9a18fb81d834631c2a974cd4d6e29f15eab2886affc0b7e21054

/root/.mozilla/firefox/akc8f0h7.default-release/storage/ls-archive.sqlite

MD5 e1121e3dd3c8a9c384f879bdddcff219
SHA1 625f25a1a5ff8527ab3105636fa7aecb9affd234
SHA256 766b9f50254b4e5526b0cde2911512956262596d8937f8630805d3c70802a066
SHA512 03e1cee2e75b2b609b8344a40995de09de837e940d2012f2fea65d9c70eecbcd3345b66b852f32211b38b06a4370f06f02ca7521e29e7113e2e12a6a7752be31

/root/.mozilla/firefox/akc8f0h7.default-release/storage/ls-archive.sqlite

MD5 0d2b18bbf091633c4fe1ebdd197dfa15
SHA1 c150dc37042d92d30efed6cbc1b536eb66ec1a3e
SHA256 fe63ee867e0f229a0bcc48b771afeec394c362ac6d0c2bd6907c7202097bd228
SHA512 59d202bfaf236bdcfc05a3e148a773d15a3bdff23be26fb2cbfd059fee6c4a516c7a59de0a3bc97df1419c34464e1346354979ddda1062101121522f22d8156d

/root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/.metadata-v2-tmp

MD5 2d62fc0973e3aecdc1b8ed22f17eaa04
SHA1 7b660c3736a90a98ae498acfe5d325d1746c1d44
SHA256 0d706b6de05b7dbf2b89fb95f9e838024f914899bb8d61a584f3fce6e391e457
SHA512 e18a2ba5cb9df7ee09f8e093b4bed0f2e6394c3c4bac67ec66947b532872d1d9a5cdfc379bbaf71a29018332fac58d6a8ecbe6d2347bc54b4ccf5f30f03369ef

/root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 225fe36c4bb990de9670b27368d655a2
SHA1 1dc382bec9af9b4bd0308dea1908ab6933834828
SHA256 2185235a458ef8924a1370bb956dd1d65d1f7bbffda08289275e072b65d5d1db
SHA512 11eb31a930a336c13869b0d385df555d7fba32ecea26bf513398dca2a35439643b0896a94c4696ffb439eef18b7f85982155dd12beddef784fe4ed1e86d2d1c2

/root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 f5a959245ad9fcb34d3a04882a2462ec
SHA1 69ddb8f41e817517c5b7ce872a9dc2fc0b4dd886
SHA256 6a53a45ce1e4cd73cc28041bd46973a504a20f0b9bb572c684e7c083c83eaa25
SHA512 68abac54eb2cae1a6d90729388e6ef7074135e081de636e57c62157820436cbef39557cb2c6a50785ac78675f7ab261bea72717671c346a36891988effb3f88d

/root/.mozilla/firefox/akc8f0h7.default-release/prefs-1.js

MD5 bea51179cbf439150657db6b3a41bc0a
SHA1 b7c7ce019ef3f3009a4926a97c78e3e5615b36ea
SHA256 b0c30abc56666f19d9b7113a77b0f8dc664d28485806b9ee15ca59cce008dcf9
SHA512 f6f68bb9f3c138fb9bed732afb601694ca7462b049353a8b430ba74973c3664b76b084de0d2d5bf461e0cc0e4ace08e83d5c26a28432ec5c0289f92fda7acb52

/root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 8b4d1a288c6fa278842d5b799bf99106
SHA1 9450483fafa572007d3c74d8e97ab055590241aa
SHA256 400c41411fe559a8fe8875689528295a7cab6201271ef50d1d64cdd3b2a2592b
SHA512 6bc2a6a0905546d7f779338691e68dd44c8d044b168d261fa38ea84d1c1208c09c6e704ad360193b4cf230e2ef23e133e0e135d5c2813a328b4549c112207bcc

/root/.mozilla/firefox/akc8f0h7.default-release/prefs-1.js

MD5 ee5f4fe6b718c82afa9e26c4f6096036
SHA1 75f7dacded78e1d88941c7ccf13f534eb0758477
SHA256 a2542af4dfc4649e2710dbd4263722fa103ea50b5b19731cd753f3a7a9412c6f
SHA512 67a1a2effc808ce97f82204f75ab6e541a0b8605d5affd76db681883946aaa5129f597cf589a5c404493468f1e06ec7ef276da90636e58ed5dea4ae71478dab7

/root/.mozilla/firefox/akc8f0h7.default-release/permissions.sqlite

MD5 a5e5f5933046e8b41084a2f032a8d18d
SHA1 bcb0531327a9365decbe69666afef7d2d5fd70a6
SHA256 05031885f4fe9cf6c3b0562e5cf7302452b809cdd33f02e7f396f173f785293b
SHA512 6ebb1c2904fcb851541cf08448336330bd2e3d482a8f34cb3f7c68a88c9e591d268b03c112816e3807abee087f719336cd0c183e54f937bad5d4b4fcac54c310

/root/.mozilla/firefox/akc8f0h7.default-release/prefs-1.js

MD5 ea02407c8293e3cf439b9b73bb9608fc
SHA1 56c93cd352bc5e3cfba61962e5532534f60d6bdf
SHA256 5708ec7b155e8e5cd4bbe4be71d14d4b06544a128efd76d3cb24a12589c81bc4
SHA512 2133331f1f90620838d92eda833276c1568af516b12977c23ca77662d65e9586969ccc78c149eca4fb45033de98fbb4c1a661f9d96a1e395141b8e7910e7a94d

/root/.mozilla/firefox/akc8f0h7.default-release/times.json

MD5 68e6f729e6bba1eef4d15fb7a16b57cc
SHA1 3cfb80270d639fad45b0e7c7b4e51826fa95bc58
SHA256 09713267065cb142fe601ca90cd05506cf29c5e19e1254e167a9dc01c4402e6a
SHA512 421d0edc825478b7d06d4af14ff40a2c08474fc42711f7c5a86d37f2da70c710ad2dfdea652be7b764948acc1c0fd5485c2b9b148ffe5de5a9760a45580e499c

/root/.mozilla/firefox/akc8f0h7.default-release/cert9.db

MD5 514e02ee5f142b0de77939bf50199004
SHA1 cd446191459931e3c05a1ff14304b67f99bd854d
SHA256 741bc872087b0409bfc3cf0d5b14faf5222e61afdf0d4410164930c002f08bda
SHA512 8cd3ec830c30cf7dd4393b03ad142f84a1c2055dcca723eaa0ca71fbb831b248159d6cd1ebc5727d2fb6404ae82c45cd7dfc7472b17f72426cc12cda789f9f22

/root/.mozilla/firefox/akc8f0h7.default-release/key4.db

MD5 0aa3289fcccd49abab1ccf2097b488c2
SHA1 99602d3a6a8975121d2fc77ca5e2ea02a414d2a0
SHA256 7372be5f51ffefb45d108bdbc736213b34d7c2ccc30cd30827b62fc2001051ce
SHA512 927f5f2de191953094a87f2bf79f1349f83d7115d46b4c50ecdafda1763e8ac435e9933aeadc5a46de1d5e7217f98ff07953192308a81aac2f33d8f153d864e3

/root/.cache/dconf/user

MD5 c4103f122d27677c9db144cae1394a66
SHA1 1489f923c4dca729178b3e3233458550d8dddf29
SHA256 96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7
SHA512 5ea71dc6d0b4f57bf39aadd07c208c35f06cd2bac5fde210397f70de11d439c62ec1cdf3183758865fd387fcea0bada2f6c37a4a17851dd1d78fefe6f204ee54

/root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 1ea539584c41fd171d307fb9e740d499
SHA1 de3d1a3d6a0173bcd30c89f148cd732d0ae614eb
SHA256 aaa3461e12a1343eb5803894e1ef6894014b75b26ef264f29ece30b1cea3aa83
SHA512 22b145864127c0f223522016c6ba0a67e06a36aeba135e546f4d77000f436d5060064eb988b7aafdb451e39f70d0afd20313d15507dd531234ac25d60e9d935c

/root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

MD5 403f62fccf2cd9a388422102063f4020
SHA1 1caff99198da7c0ba16799778f54377e4d425660
SHA256 30f0c83db559b3a1cea3541893c67d0a1bd89356825b9263b7424fa28a8e2444
SHA512 252bff37a18fd2e776b4f52b0806afd1ebc56711682566fc94848a2e9c249ddf61733ed4eca72932a216c2f69f8ced5b08ff9b4439b05003a7876ab7b81af4f4

/root/.mozilla/firefox/akc8f0h7.default-release/prefs-1.js

MD5 7508b432eb46d17ccbdfc214dab6d578
SHA1 cdf26f7b092a6e047c323ef47db4accd7033f4a6
SHA256 52322d5747d36753aee34048364c6e20e7baf54ddc98be0a018c4f9ad1ba713d
SHA512 cd4a09f0768a8768ed52c45e7e9d47510a97ffa2a954c01334faf862c3010c9bc9b026803662d22087ca484295fe02276dcede4564467e929f3311174a6ffce0

/root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

MD5 bbe9e4471c97fb1b270eb793922a00e8
SHA1 a1da47669a2b512be64ba97e8bbd587887d2c24f
SHA256 dedbbbca17668696789b6525ec93fadbb5731e96df326c7d84ce355fe0ca1bac
SHA512 1df28b24c05bd0931c3fab72bf6283d4a4df4253bd28060bf9abaf8fa0b9fd91e7790c28d7972287ac82a1bf04eecd3fab8acdaa26dfd394b3493280c7474f1d

/root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite

MD5 488403dd59d861961dbf2e5317cc6e55
SHA1 bcb13cf819bdc370762237a075f14a9be0728a50
SHA256 8645149962df6c816291521b6cb45e9acf79da6bdc3a727ba00c71eb720de4ef
SHA512 4e60bc58fdc1ffe3662b83fc9af3e0ec5af90eeb25da8e60a70717e3588676e135f6cc5a8d57a37c2cd2ce3a3661e665e2688d00799dd834945d5f0964750805

/root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite

MD5 e60b5313fc4ec92d50befeaf4c62e938
SHA1 ac2cc0d82f337479a1052a8fbf9446ae71dc1ce0
SHA256 5e52e5796628d38bf7bbd7b7f95e41616edd3fccc496e04466ecfa9c76bdec04
SHA512 7c1d8095fb8e99f013f7d89af9c35fd60bc5f2e002b174952e1f3340f513fdd6beb0af61ce43b50000c87f1c7b5dde131f304ffeb75c491aa88dbf6a27196272

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/037778A55E1B7E9BED3390289866D09402D6C913

MD5 ebb08b02a53679b082a19f09c51a425f
SHA1 c53653bcbdc400c5f0fb0ff99d1e1b88079a7e15
SHA256 423f783f5ceef7569bf2a76b2fcafbd62992668db1dfcbfa6cda54e450e72c6c
SHA512 6217d28b9e28eac16f08a3432ee4a33f7bd46bf9139326aa263ad2aac26595ce362348237706823851f800519ea6ed89ae6eda37a4ce4750bd9b793ef0f16243

/root/.mozilla/firefox/akc8f0h7.default-release/prefs-1.js

MD5 b1408ac6e324ee0f89ad2eda3dd36b0e
SHA1 100b3d368ba67c3a71f6984228b9283531bf2542
SHA256 db5c149852bb02982336475b720bf5d4100c98d08a2769140bcae9e619f90e82
SHA512 ebe5b8cc7b75285bc58bc634349cecf2b109ee2fb4a2840961aee0fe4bd2ce9ca7e8cf896d66c9f5e8b5ce135fd061b819ad15984e33dc7c91dda1c8a4f6affb

/root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite

MD5 f1cd629017b1fe58fc80953ebd4754b6
SHA1 01e02178484458797c2b682325b26b2633fe8466
SHA256 81bf3da297b9ee8270bea383d9479cd7951e35f552361230358e3a35e1f44567
SHA512 afb775074af046014236a312865a1811de3bfb97f8df057541401867140fcc236259ab237712a7d3bc012ff84cf90330e4e122374cd09c194c4c145f575fb95a

/root/.mozilla/firefox/akc8f0h7.default-release/content-prefs.sqlite

MD5 4d0986c1aae43177b7c80b67d05bc787
SHA1 8b9b91959e197f43288a7cf300c179143463f3d8
SHA256 d2c2233f1033bd7ed263755bd51d61ec2d592ad1b8589f785295adfdf0b0cfa0
SHA512 99864a128f4528815142b83f4e6d2348deab834a98e2b730d54e62028d62cc7ee802cf715a98061071049f851d56a953f7bc067c2f573db595b8fcf5988f3e1b

/root/.mozilla/firefox/akc8f0h7.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite

MD5 96d0e6ed6dfd858f34f2cdf7306a4e9d
SHA1 75f66611217561ac547d0cc365cf6a15621e4ac4
SHA256 8a867ebd85b3573baeecfac36e9a9bf0b7dcef7cc0efa75df0357729d45cac2e
SHA512 1e421603e9dc8e3f74e411d90bcfb4fc3d6d1797f6770c176ab5b90001fc0fe46a55572cfe02d3849754bbe380f6dbe807187ebb869c91a755982156d8a78d8e

/root/Downloads/ZtQYCgbY.zip.part

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

/root/.mozilla/firefox/akc8f0h7.default-release/places.sqlite

MD5 d063409cd794083ce232a534c649e7d9
SHA1 87b72754a85ac7b5ce9cb7357301fca0083599c5
SHA256 ef35fe04b25a6769b83dbc72c70c75f5f3b0ac5077498c20d534698c033765f6
SHA512 fec97118a67f797d9ec1015543efcc92eb19420cf148d21c2c5dd7e0e5f3d54c33305a736f56764018a01a14e864e8bb0813186ed2238529ad7a7766b42d4bd3

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/039090029E64BC91E87E77199A6A6BE11FC39B6F

MD5 78a03af504ad1545866e85a03d19d50d
SHA1 c0204cc782feeefc5f1444dca7e87595b23b3efe
SHA256 61e63d3382ac5603f1b5a672983d8381e1490545db93d1f1e232dd99e22d5f88
SHA512 48777e76c94d9c895792fa17d2ca67e638351ac1bc46c510728a5476288eae581663ed3431370b46947c6781baba9594ee3a0d8c7a019ba26aee7e08ef1baa30

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/87E9A5CAE9B8160871853E3EDF072FE9E561436D

MD5 b61ef167bc372737a1d5ad9453f6027b
SHA1 7f8fd13c973041ea03475f4477ff650270a486c4
SHA256 4013719897fac8d11495fdf660a217bba5ee0e6592ddf96d1e39d5a6a2b999ec
SHA512 b2ba26fab4bdc61abde0557e09212f4c9662410b012d14da754fb5572ff250cd459c9f03b59eac03576121b984faf18ac5b92ee2df552d98d1254375532ff126

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/0EDDF8C091E2FED62E44BEDDDC1723F5BF38FE4F

MD5 500e6aaf94223d5ffc1b22bffdd839e7
SHA1 c779e78d1b805df2b47f8ad392865fafa4ca0733
SHA256 c3ad69be59d93a49802adf9c614c3fbf4679faeaa915fb4aa7bfaaa37bdd4211
SHA512 32eac04a9443f5650c178ea54578969ad4519b3e76af46def5845b21e44ad388dc1b3d5f3189e3c3ac9289b0bafb070ab7b20de8f5fdf0369c0c46aa0624fbf0

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/037778A55E1B7E9BED3390289866D09402D6C913

MD5 a4c0d7dd39ee22d962568d9ee27be75a
SHA1 8fa86def47ed611ba5d495f3fd48e71c05838f62
SHA256 65124c60cbaabd55f65aa6aac62ac3c2099a750967a3a9db223982f871dc993b
SHA512 dbd2fc478b52a7af8950505b4138ac7cdd2e2a8ef5f236a41a9e2055474bde11dc276c65ef2e155fa587a57f3942d48859768dbff69a6cb49c8cd9bcfaf9f0a7

/root/.mozilla/firefox/akc8f0h7.default-release/favicons.sqlite

MD5 aff3f84fda6516b87050f171d68531ea
SHA1 6b82d182412601c057bfc591cc6b9a8932c84c73
SHA256 5203714a71df85f81969a193cac50befa4b1e70841b9b2d3ea348d3b99657172
SHA512 aacbaa66d86f8b3f299cead818a0883bb900588da822148b4ac7543a0fa4ee399c14a69534ae55bfd0e7b18630b93f04e0e0174b7d586e0d536c20760b5d65d8

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/A8743ACDA513FF27A72604EA39BAAE662138F0B9

MD5 ccc23f9b87309af2af1453aff2440f99
SHA1 907a43e44a7c3b74e3bda8a4ad0becfe0246e72d
SHA256 010c5962cb70a6a191221f7e98dcf8de4d5b22f32e94521c348671338a8d2efb
SHA512 91ada615c15487dbc1ce45b1bf13a8b2881871c0b397fc5420b7255458089218f58325479853ccfd746f6c6023830f7a216f7c00d23285e93d404886ccb5b36a

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/D154E1CD66DAEBBC055D1D367858E65F2CC266C5

MD5 30fbce34b9d8903f0628751996e436f9
SHA1 582cef2b5ad7b494a0776da3d78611648815e9c5
SHA256 5a859394621e47cddc75bfd4bc25fb10bf1a0c0a3f4d58aa8a909af264a86eff
SHA512 5b0feb21bca7104eb7bc9764fef2040fcc2894de32ef74b6ab04556ed3e50ada34c8a938c126b1137cb524110e11cf8904889e4fe11963ad5e626e0574e01837

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/3F5BD2A3838305545BAF11838A20DDE8D3F6CABE

MD5 907b5a54c52cb0bf95e3a8c5fcf01904
SHA1 72dec349a34f440c55bcfafca1b6a86d693f3a92
SHA256 1b77b5b34a6a96cfa060a64d75fc82bb2c2a29ff4d6feb4d54be4d9edd467798
SHA512 b9f5065cc7b2bebed124183c40896a66fd05f7a03dc7a45ee5625344aa50196108bbd3c0160b58f93d81281c57b69028614592140b4e5274d3658c770046a26b

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/6762E24BB9F66A6430B9C774503510453B4EBA21

MD5 d2cf09fcd5f0f5d989fb1b3f7a086254
SHA1 f7d47415f4e534d6fde743d3f43c8524c8667418
SHA256 192c250908b7cc681f9f3a536a2c69d55cbe851396b13dbb67703562f3597fcf
SHA512 32f89474f5924ec3e3488a72892a2a0dfcdefe3015463d5a41f3e406ea059269e6cfff74a32fdc3cf70c7d08ee9f8d4f4f73b9ec9e3eed50064fa63c380f4449

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/7DB3359FF1AE28D679D8DE03A74F2C06BC18D50B

MD5 8c8f2ec7c7b49d7d5181a89129b815d7
SHA1 691626e4a4260848531c4a162ed778e56bf23522
SHA256 a3b017a54153dd61de09d445d769ea7265320853619e07d742893f95d8b345dd
SHA512 eed1b2642c0438f822e406d45be7907c33dc1296c365dab4e26dc6c576a36476ed34fb0f10623e0394d076e0df97d215ecac1a05f5b711183194cd719503b493

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/58FA4C93D2C2293EB9F0554BA83740A06674316F

MD5 e461ea620b1a232601c9875b84a82cf3
SHA1 18de03277682e8997e1b9c81b1749cf29c922663
SHA256 fe0d4e4e7859a0d93ff957be0926235d371a9184a32e07b8a66c068ee39634d3
SHA512 b19d410291b1b9d0f0f96433e7199fc86ba3004a08b38956de651b419648fc5e18f3547953598a9830c8038fd94742d21a46cbe6c773c4883e5db3097773f0b0

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/D8EF12DD3F5A0B350AEDF5A0EBB7935D12C12CE3

MD5 9223a40ff7fd7e26d67c8c45430f437c
SHA1 a0d00d54f154cef74994dcca4756579cf21066d8
SHA256 9b30ecc5708cbe9aa237f250d5c2a11e97f0a1e2e6b4622bd183994ef1cc8539
SHA512 3f35339231ca52f3f7d72e8a9e2b291c0490db2a94ef83366c6511d10c82228e86211efb9008a087b114a6cab4d962d6d6d447acd0f9709bf8b0de2d68649d7b

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/109D080055C1548CE320A422FD98DA1D5E1A5BC8

MD5 8f509e5f58b7fc3fd6a25c37e55116b5
SHA1 510013801ed9b0088451cf4212d6827f3839113e
SHA256 2139f0e163b305a80908af8acb6d7e4f38759eee531c7bae478fef7c58a550ec
SHA512 003da1f68221300be8da348e5ec2f953f0f2de5c0421cb5a26d37de6ee031890876555c667580067ae5bf7d38bcd28f42e3475f05a872ef6fe081052086654db

/root/.mozilla/firefox/akc8f0h7.default-release/prefs-1.js

MD5 6b92130d9b44c0f36cd713a9ad20043a
SHA1 fb3b4639dd410d5edb726f978dadfa19aecbd517
SHA256 a026525a0bb5727bdd917d894f4f0c969c26a5b74bf2cb15e70b6e0f5b33deed
SHA512 698449d931bc1e4d646f6135bc55a65ab2bd97f9fe17e113e9224f14163d37a7be84e9ba41f4d8f03ef73c2aac5d88bb614d27afe103ef81e2ff48271bbe36aa

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

MD5 486d8dd46072e9b8c72e42585e06bc2a
SHA1 a4f4e79f2652f8ff61efcc1e7fa169bbf34fb251
SHA256 ba9fd8c840b2f3868a37d558c37de04e4ada854ad0780678f296f75f7e72d4d0
SHA512 78731fb2bedba727bfe3c00b53ee5792d100b5a92ec3f6d82b28ba097c09f012ad10940154b897be3a67eba51e10fdbfb94f9763322efdde72406807e64412c9

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/3C9B2D192D535C347CDA9FB12BFC88FD40CF0382

MD5 87328d4911b8710539ea0ab71eb83171
SHA1 e13a9676d28c01ccd58ef8e2544006dfa24218ce
SHA256 87bd81c3d1fd8b8396374143218691d1bcf7da52d1e584305e11d9841102a541
SHA512 1f01da3d8eb62e756bcb6a0eda36731bae2843fa65d640cbe27904c7358c84b3361cc2b82b0be18efa51e8fb1c588a1d6e18171a12678d7ab6045d41f3fb8735

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/22F59957B7E08CD6CCFED6AF2A1DF26FE157DF40

MD5 35ec33b7eff4a7e9e7e2e627d5f6532c
SHA1 e667ac1ea4314f2f73abee97eec37489a21ecea3
SHA256 31d15e4e8182847b3f1216bd85552ba8644c0379c7041f06dfde60a8afef8f08
SHA512 20e6355a243ec2a45a6b0a57d5a56a9ead39f8b8bbc915cfbea676de964d03ecd5dcdd55cbdd0f58b7a46373d3d3eab47b6137b76a1fb3a96877975f26b62faf

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/0EC4CDE0C33626CA7FA76264533E1686E66A2198

MD5 1c4f748cf70fe18dca5c8862a12cc63b
SHA1 d60f5f90987748943f16c110d5dc6190a5af11a9
SHA256 489fdf668a52eb126411ce83ab9148f6aa69477401a696ceb8d2d097b046e11b
SHA512 5fcb75983d34ded7f44f3a3cc14beca0585dd50cecd11d0129e6d34117741b597d2b7dd7710a35278db7cb853e777c093c524a0da7a5be600d734eed145a65ab

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/11D4B015E14B1F9AB0E5EEFBBDCD2CD392027BB6

MD5 5207b5c74d1c18746c5aca8339fcace0
SHA1 f5ccedcb5731a8410a3293e5d9d105b1aa75b6c1
SHA256 fa47135e5b0194e9dc5a014cc75b00b27afcc4d81f4ab964a355305e74f75437
SHA512 adee7da5f503019257638ac708b81174ab704aa2f8176ad41e1d106311e0f580376cfb4c3b6148f34cc5d59c1b5223ac82c30333dcd6fdcdda3224bd7ad5ed55

/root/.cache/mozilla/firefox/akc8f0h7.default-release/cache2/entries/252CE8AC445A184A1F4A1C6C6D4ADB8AE41B7776

MD5 8129dcf52e5ca6f07f185aaaa5936ec1
SHA1 ea6cbd4f216d5d4d134827151134502387dd60c1
SHA256 e6ba135f49577344b0f625ce92797200fc442d2c947e869e3aa592ee9ddb862e
SHA512 7f5b00e1e89086f442a1a7f5efc7dcc5266aa88567e5bda01b0391a36f8554b66d1e13a4baa5a5b47be8f2688ca4209786d54f6b61aa76a55ca854d43c50a2bc