Analysis Overview
SHA256
31a0852f967a23f76a027fa2321ef833c7e2416376ad75f2744c270dd1d9ecab
Threat Level: No (potentially) malicious behavior was detected
The file L0ADER! was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Checks processor information in registry
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-27 13:14
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-27 13:14
Reported
2024-04-27 13:17
Platform
win10-20240404-en
Max time kernel
150s
Max time network
156s
Command Line
Signatures
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\L0ADER!.js
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.0.1409543113\1814915217" -parentBuildID 20221007134813 -prefsHandle 1716 -prefMapHandle 1708 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ee8d38d2-88da-45e9-a5db-7389377e839a} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 1796 200288d6758 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.1.1847923824\219646469" -parentBuildID 20221007134813 -prefsHandle 2140 -prefMapHandle 2136 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d2570298-eb9d-410a-9b00-ac993c36b5d0} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 2152 2001d872258 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.2.1316115924\2017739874" -childID 1 -isForBrowser -prefsHandle 2956 -prefMapHandle 2952 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ff775d91-6bb9-4eb3-b8a8-68a31d43637f} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 2812 2002cbb1b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.3.388838178\537746837" -childID 2 -isForBrowser -prefsHandle 3492 -prefMapHandle 3480 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {14579c63-ba44-4185-9526-14bea6ba3556} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 3508 2002b42d758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.4.769439959\140630493" -childID 3 -isForBrowser -prefsHandle 3920 -prefMapHandle 3916 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2ee038e3-3ba1-4d46-a60b-1c5381772d29} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 3932 2002d9b6058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.5.288924543\2079707399" -childID 4 -isForBrowser -prefsHandle 4948 -prefMapHandle 4936 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0adcd46b-5c8a-4bd1-acbc-efdb06953a79} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 4916 2002d1d6158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.6.926803587\1135808963" -childID 5 -isForBrowser -prefsHandle 4376 -prefMapHandle 4872 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc9a3620-d584-4a11-8f3d-7f1a4e6dd1d3} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 4764 2002ee43558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.7.419659325\682151155" -childID 6 -isForBrowser -prefsHandle 5160 -prefMapHandle 5164 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b6e46273-182a-4d77-a91b-307f881025ab} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 5152 2002f1b1258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.8.1151742346\1328199365" -childID 7 -isForBrowser -prefsHandle 4984 -prefMapHandle 4540 -prefsLen 26593 -prefMapSize 233444 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {20afcc15-19e0-4a77-9491-ae90d20b7f3b} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 5152 2002f1b3c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.9.1604464291\836147293" -childID 8 -isForBrowser -prefsHandle 5788 -prefMapHandle 5784 -prefsLen 26593 -prefMapSize 233444 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4b6a4305-fa95-4af6-a196-3325e62576a8} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 5796 2002b2e9058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.10.1786050191\991798072" -parentBuildID 20221007134813 -prefsHandle 6052 -prefMapHandle 6044 -prefsLen 26593 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0289720e-8b67-481c-97c5-dfe39d81a7b6} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 6036 2003070ca58 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.11.640007338\933902060" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 6152 -prefMapHandle 5992 -prefsLen 26593 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {76444bc7-27b5-4fa9-a8ff-686d7258cc5b} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 6164 2002e8a2858 utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.12.1296262525\973241272" -childID 9 -isForBrowser -prefsHandle 6484 -prefMapHandle 6480 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {90114003-52ce-4b21-a480-eab28721b228} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 6488 20030a22c58 tab
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3d4
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.13.1538661548\1177447302" -childID 10 -isForBrowser -prefsHandle 4120 -prefMapHandle 4132 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fba78678-e1f2-42f2-bafd-53c0862f1ad0} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 4460 20030618e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2400.14.55793442\1408387546" -childID 11 -isForBrowser -prefsHandle 6864 -prefMapHandle 6908 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1308 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d7a1d36-60b1-48b4-b826-ce3130cd3107} 2400 "\\.\pipe\gecko-crash-server-pipe.2400" 5988 20030617058 tab
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:49801 | tcp | |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 35.83.153.5:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 166.188.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.153.83.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.121.117.34.in-addr.arpa | udp |
| N/A | 127.0.0.1:49807 | tcp | |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 216.58.204.78:80 | youtube.com | tcp |
| GB | 216.58.204.78:80 | youtube.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 216.58.204.78:443 | youtube.com | tcp |
| GB | 216.58.204.78:443 | youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 172.217.169.78:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| GB | 172.217.169.78:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 246.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 227.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.69.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | rr1---sn-aigl6nzl.googlevideo.com | udp |
| GB | 74.125.168.166:443 | rr1---sn-aigl6nzl.googlevideo.com | tcp |
| GB | 74.125.168.166:443 | rr1---sn-aigl6nzl.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr1.sn-aigl6nzl.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr1.sn-aigl6nzl.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr1---sn-aigl6nzl.googlevideo.com | udp |
| GB | 74.125.168.166:443 | rr1---sn-aigl6nzl.googlevideo.com | tcp |
| GB | 74.125.168.166:443 | rr1---sn-aigl6nzl.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 166.168.125.74.in-addr.arpa | udp |
| GB | 74.125.168.166:443 | rr1---sn-aigl6nzl.googlevideo.com | tcp |
| GB | 74.125.168.166:443 | rr1---sn-aigl6nzl.googlevideo.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 142.250.200.46:443 | suggestqueries-clients6.youtube.com | tcp |
| GB | 142.250.200.46:443 | suggestqueries-clients6.youtube.com | tcp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 142.250.200.46:443 | suggestqueries-clients6.youtube.com | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.180.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.180.6:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.180.250.142.in-addr.arpa | udp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | i4.ytimg.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | i4.ytimg.com | udp |
| GB | 142.250.178.14:443 | i4.ytimg.com | tcp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | photos-ugc.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | i4.ytimg.com | udp |
| GB | 142.250.178.14:443 | i4.ytimg.com | udp |
| US | 8.8.8.8:53 | photos-ugc.l.googleusercontent.com | udp |
| GB | 142.250.178.1:443 | photos-ugc.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| GB | 74.125.168.166:443 | rr1---sn-aigl6nzl.googlevideo.com | tcp |
| GB | 74.125.168.166:443 | rr1---sn-aigl6nzl.googlevideo.com | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| GB | 142.250.187.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.16.113.74:443 | static.mediafire.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.16.113.74:443 | static.mediafire.com | tcp |
| US | 104.16.113.74:443 | static.mediafire.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.16.113.74:443 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | 74.113.16.104.in-addr.arpa | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| GB | 142.250.200.10:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.200.10:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.238:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| GB | 172.217.16.238:443 | www3.l.google.com | udp |
| GB | 3.162.19.146:443 | cdn.amplitude.com | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.19.162.3.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| GB | 142.250.200.42:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 44.226.25.73:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| GB | 142.250.200.42:443 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.25.226.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| GB | 216.58.212.234:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| GB | 216.58.212.234:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 163.70.151.35:443 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| BE | 64.233.167.155:443 | stats.g.doubleclick.net | tcp |
| BE | 64.233.167.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.167.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com.cdn.cloudflare.net | udp |
| US | 104.21.63.106:443 | www.ezojs.com.cdn.cloudflare.net | tcp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com.cdn.cloudflare.net | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | udp |
| US | 104.21.63.106:443 | www.ezojs.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.63.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.219.188.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 172.67.142.121:443 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 104.21.87.79:443 | g.ezodn.com | tcp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 104.21.87.79:443 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | securepubads46.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 121.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.87.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | securepubads46.g.doubleclick.net | udp |
| US | 23.53.112.234:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.112.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download2286.mediafire.com | udp |
| US | 199.91.155.27:443 | download2286.mediafire.com | tcp |
| US | 8.8.8.8:53 | download2286.mediafire.com | udp |
| US | 8.8.8.8:53 | download2286.mediafire.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | ut.pubmatic.com | udp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 151.101.1.229:443 | jsdelivr.map.fastly.net | tcp |
| GB | 185.64.190.82:443 | ut.pubmatic.com | tcp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | t-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | t-lhrc.pubmnet.com | udp |
| US | 151.101.1.229:443 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | 27.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.17.178.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.190.18.2.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\datareporting\glean\pending_pings\9fc25e8a-a70c-4fc1-b923-08378083426a
| MD5 | 9a982c2ed601f11c769acb4818f2231d |
| SHA1 | 4ed410e7696f2a6c7047d126e69761fc161490c1 |
| SHA256 | 4900323ae492d39c2f2ab7165c92dbd7460935bad87ff6da733d32eaa6553448 |
| SHA512 | 2b5ac7b2254de996c6d3499658188faa92bb5995f0a0847d20883bfe0145ec7134b07c650aa9eb085aa61cf83b459f7707dcd0e7c3fe1eaee35263d94691dd0e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 2eb49725b69f846907a0ba8b5318b837 |
| SHA1 | cdb5042f6bfcc03a6135d1b1d6d19ae33c956378 |
| SHA256 | 4f0efce56c52eba7880406e11b619642fcd359f8c8f1505e89184f5d43b161a4 |
| SHA512 | 89643b08a92f7e22513d84a8dcdda939400f31d1d97846f6d6b83d8d297f7129c075789fd88414399738000f0a3ddac2bd7e05299c63f0c001c24b2d9427f83e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\datareporting\glean\pending_pings\7edb1e2a-1ee6-43e9-9764-87fba78acdbc
| MD5 | 53e4716236748c67bd5f9bd6a200ed9d |
| SHA1 | 59ce60d84aa50a972cf77bee4d33f80e2f6cfce9 |
| SHA256 | f9b20a237bc5a3046f6a744ca7da4e51becebe3e016ae729f02714fc0d82d754 |
| SHA512 | face0d489b05ac207ccb7fabbf635be9bfc77431d8dd71868a274b650fd3c62cb790eb308599af41b1ca0fa24bf9415cf17fd5d86fcf3477e863a9b30d4be208 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl
| MD5 | c460716b62456449360b23cf5663f275 |
| SHA1 | 06573a83d88286153066bae7062cc9300e567d92 |
| SHA256 | 0ec0f16f92d876a9c1140d4c11e2b346a9292984d9a854360e54e99fdcd99cc0 |
| SHA512 | 476bc3a333aace4c75d9a971ef202d5889561e10d237792ca89f8d379280262ce98cf3d4728460696f8d7ff429a508237764bf4a9ccb59fd615aee07bdcadf30 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\prefs.js
| MD5 | cf3eee984e2c1a31b105cbaee59529d0 |
| SHA1 | d4abf164712e799d1693825370e94befcee7855f |
| SHA256 | a60c7b886822d3fe17dfdd068382f483c0d19334f80f01a56b811d9c3620b972 |
| SHA512 | d5dda6c87d5f49c555d3eb0a368a81cd53273f2882e7288d33f2ecc4ba20399de03e99bcaff18f036d064591e3ffa8ce67fd022685ba687a4ea42c040e8ce76b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 60ee9013f02a76992f3cc001b26ba893 |
| SHA1 | 95eed07a1151c27e51ce504915d484b65c9ea5b1 |
| SHA256 | bf9441dce843102cffc13be8b53e3d87348a7829f1a08bf05c7e0c6fdaba09f8 |
| SHA512 | 44208edb795c2581d9cce9be2f99ccac2d6d31a04c77c237942b04690ca31b74d0cad0cebb9dcaa2e53f07b2f4ffc28044aaa6981cb10e0490a4dab75267a1c4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\prefs-1.js
| MD5 | b48bdeb418bc6d14cc7f004d9a4833f4 |
| SHA1 | a2306575c6179b6696b3e375b569f2204473cd20 |
| SHA256 | 6431b6d3379d9ea3cdb3339ebe6123a2d2853747b64668267d458892053153aa |
| SHA512 | f120d408f3c9d6bb987e2d6efd823d3bc10a17d1ca126e03dbec2df7acf8b825cf73741e17f8d7d4829916414a1b939b966886e3726ea0308199525c4cd96a1c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | df42b7bb568a4b568b444d0cd79568f6 |
| SHA1 | 28c6344059df3db8b5ef11bfbd282c6c9e92378f |
| SHA256 | 4ab9e2494eebd6e6af2c20514ec3809e7a32a628bdfb52645128aea03980bcd6 |
| SHA512 | ad3bdf191d93a63ccda81279e75bc3caa91465d2bdcef300296ac130683dda57d4d0ac49f269a324023cbb6f5c4d75a609ca2055e1ee6afc7bc34d0fdb7317ee |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\storage\default\https+++www.youtube.com\cache\morgue\82\{6f669a9f-d3bd-462f-bda4-a0dfe35f3d52}.final
| MD5 | 0e3540f92205e51fda63b59dcabfd5d8 |
| SHA1 | 7782b610cca758e73e8a2dd8aab61ac5b2a22501 |
| SHA256 | a57f2ae6e288f38d75f30e5c8401b2bdb26e9443c5ab05806698a84ff291d679 |
| SHA512 | f6376072c249a5e67d47ecc39cdff71d2e67a8e14daebad86d2ea003194fb15f41a7ffb89263e03d666198c726fed6a4e1909127f0b0e1e0f8d98d69c8233619 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\storage\default\https+++www.youtube.com\idb\3211250388sbwdpsunsohintoatciif.sqlite
| MD5 | 9ef7f5a9283edf09f4bb9aec3dc9e8ed |
| SHA1 | ab846405d6261a3cdea55fb4b9dc313d9b210d9f |
| SHA256 | ae446cf7a3a368485105cf1439ba733f2e5a06b180a1fd1d5d7eafab7ec4b3a7 |
| SHA512 | 6be8cef91fb2a140d4d0cdaa2e8bed41386b20dd41397550c77f98622f577b89416d83086ed49a30837b22073cc5f2172164787ca3046368af9ec69fffd1f685 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\storage\default\https+++www.youtube.com\idb\3211250388sbwdpsunsohintoatciif.sqlite-wal
| MD5 | 7e26d6acf509e0cae124b268614c3282 |
| SHA1 | 70f525f8dc5cf65c11ca6a194ee7ab563746c11f |
| SHA256 | e78555f41e8323c8d36c1111a53ebca6c4b64ec2125c95f0fd750338670bd9a9 |
| SHA512 | d4605fefb45e264ab9cdfd17391fd98114af867c6f9a6281e24b214604fa6d8064cc2c77034917e6c51bc38403d686ecad827b367ff35f9855cdb68d025f7c99 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\storage\default\https+++www.youtube.com\cache\morgue\247\{9d074762-067c-4fe6-aa09-5530f02f8bf7}.final
| MD5 | 7996f5b56bd7b7bc32d8706757a0b5c8 |
| SHA1 | 9315756113f12808c90a1d15c952295e0ce229b6 |
| SHA256 | 8edcc45f51fad9387ebfaaa70639da1b488667167d5d4fd9b76840a6f0fb478d |
| SHA512 | 297ca95671f9c3ffb19057df1ac1236c30c538abf380e14a0a2a682b2ce6f56e5d3577a8c9914d1d09e239f5da6d54f316b799284003a37afbdd476d4584ef87 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\23324
| MD5 | 40298e1390567d3928b008604873d414 |
| SHA1 | 78477eea02f97f2b9e663e9513a2bf01aa7afbbe |
| SHA256 | ac9eabc1439d94eecdd84ba2bf4ce1299a6d595604b0970954e57154df64fd2c |
| SHA512 | 7536ac05353a142e44df1acf3468af5ff6f70ad3632a810d7873fbaf7b3d0b20d3dc870d5ecff31a0822e2168ee033e25ac994fd18b37e2ccb680d93766bb6ec |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 1d779a4d636bae2348a0368d668fc3c9 |
| SHA1 | fa5eab830480c3f1d7087822df28585a490d30b6 |
| SHA256 | 05b31f93a6b54d6cff10f1be500d7d76cbd4a1d37da114e8ef16e06a3f00a87e |
| SHA512 | fb5d149e205a012bb0603fe97069c121f7c41153dccb75f4ca38b82be87b443f98088af0669068489d450b98e52024fd3b1c34fc9f4bc9fbebed862afb5bffa1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 4a073a330a8ac7021bfc213b18531a04 |
| SHA1 | e13e0808379ace00c341187a3be7e394141335cf |
| SHA256 | b7ed5198ec83026620f21f85eef5ef5f5a921832632851ebfdd6eb8ca7616085 |
| SHA512 | ae72232351ba4d1b3e8baa0520661dc175e5342d52225078de3c4f6bc8d1b7a3ced96674caae0b5c2dc557f995a511005406d811b237f58bf391a37342114a5e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\28248
| MD5 | 19b2a851dc0ac519274d4ab5f3b8ffbd |
| SHA1 | bc2973e8545ddce8b9aa4a52a97e9bc59ff3885c |
| SHA256 | 867b0f0e8f62a24ddda4f01309ea6ca73330230648fd036267abfdafc75309fb |
| SHA512 | 032766f314e098d2e653e7e896b099e266e046e709dda264f4b492aba2d663995d115bc287884efff0fcc72f350b1e9c34123aec42892f98dfbd8da0e4bd48b9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\18644
| MD5 | 267ae98e07f8dfb144819d2be1025647 |
| SHA1 | d8d877bde4b4c37657e7921b669b3673514b3246 |
| SHA256 | d2210786582c486cc0fdd0132e6d574a8ab7d404104eba05629f3fc2cd8fcb7c |
| SHA512 | 42446f1478d82dd47441eade9728edfbe2a9e721d0d4915b50e9edbcafdd46f47888bafa609f44f0bd014b9bef483152c98388aa26f9837bb15bdbd73d54d312 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\17309
| MD5 | 92a0cff793922e2e7049880579c85947 |
| SHA1 | 768b73f47f9b87a9adacbba1ed89a3726aba228e |
| SHA256 | df0e4ce286c7c35a718a7447c557082462134c232ade2d21be648670049aebf8 |
| SHA512 | ab94c4da5906a248fab5cb6c3195bbf8598210f90fb830353b21f187e5907a88b94815d17aed2b04dae8d00e754ba1d799d64e936936cc264fbd93c514dc6984 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\entries\A4CE164F50B862A9A4129172EAE07F4D83D47575
| MD5 | 9ed22668a4eba8dd6367a1fff8e46190 |
| SHA1 | bfbe0025c0d844c4bf88f58c4295e294a2ac5a9b |
| SHA256 | 9d5ecd8fb8f7bfccf05b7c69fde59eaea3dbdbc6278ae675267232a7408b901e |
| SHA512 | 0aa8bdcbe6789804921d867045c1aee89fba5aaceffffa2cf805bd090eff9801e9d1882a985157e55d27b10c2187a6049a587269cc724e6c776bd040876cc964 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 7919dcc0af69a671ed5365694241663f |
| SHA1 | 862c1e6219ea9409e7144b3bea931e7658b9728c |
| SHA256 | a44f4fb699d95da00734f7449eab9a1bcb044ffd1a55e67836b897f430cc6eca |
| SHA512 | 0628236f8a684bab38132652f713741294d3ed7861ca968556fa170fb2db159f8711a20f19a88d2781bd2eb7142ad4eae2347bb99c5138f680148b6018bbb17a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\19369
| MD5 | e70d75cb75901bf7186084792b37764f |
| SHA1 | 09891a632a8a66ddd9225395ddda9f26f6525266 |
| SHA256 | d178ff80e1a81745d471811f2f2dd415b5c3fd124ba033b7cbc0712d85f7564c |
| SHA512 | f212f7e09c818890861def1d868ff8abc96f546740a756a7081cf57b7e5af04a2c97eaf93808879d5e5fc02d46472e3c8ebffbaaa940665d770ece834a5c38b2 |
C:\Users\Admin\Downloads\1INSTAlIER!____Pswrd---1231.pDFBDISh.rar.part
| MD5 | 70f8376bf705e11ae8a40c29f66b79e2 |
| SHA1 | d4084f91f65cedfe5239f792c9db135aa5419ea3 |
| SHA256 | b03e99bea2acbeb10f648a1abba9c0d08bc85b7ab0088ad81f7b52c69d5bd75f |
| SHA512 | bf2c0ddad6360c0df4b5a06c5c91abfec424cc7995190534b3ee026b6cdf659f9d1ae7bffe2cb4aab54eb5c127070666641c6b976a83fd769ee1342ff3947401 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 0e3fc7f93714d96d20472c3b02f60cae |
| SHA1 | 3bb110f78643371a388e555d11f4b82cb468ebc7 |
| SHA256 | f3f1db706eba5fb5ca47cdac652e68f56a6f916313d1f1d5f977f4586057aa05 |
| SHA512 | eb6c7f73521d94643d48c504dc9823e86b3f41a95faf78d96321cf78e6334577b0c7a723e9efe6f7012f9e875f8934af7e5fd1588da52ab64431c07d327d2bde |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 10d3098238b874ad741b6c56f63057bc |
| SHA1 | 310ccd9ddd4d3067a56c2a79990f8d8a39f13068 |
| SHA256 | b4048624998fb0de30507d20a26bc00074ef5126be1234f0a0067c215171f71c |
| SHA512 | 8147dc284a946e9fe4f4738f53ddde0dc95ba928d709d748b2ede434a452a29e36af074996ac7d084685af54717bf61b0d4f12bc7553d2c93d2a04657e044a97 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | c2abaec2ef5b26375a846fc402bd6c27 |
| SHA1 | e11bc3cd228dd45a929df0c7835b0685b92d62a8 |
| SHA256 | 169f90078ffa0d9c95fe3b5079832a945db597e171ec04f519ea29bb009a9cff |
| SHA512 | d7a6fd6cbb04a911986f8151b43b34ac3a0bce2a8bd725f198b85784f6cbd0cd6a414d86f2b655a3c643c21acad80cc365ad7dee2b66b73a379cebd707ab72ec |