Analysis

  • max time kernel
    1311s
  • max time network
    1321s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    08/05/2024, 23:30

General

  • Target

    $PLUGINSDIR/app/js/utils/cookies.js

  • Size

    1KB

  • MD5

    6c60e675f8c8c68c0174b644d3a63a2a

  • SHA1

    3635a3fe07ccc4a6f33a986ddb690522d0611abb

  • SHA256

    9d3cb3822e20d6f5157faa02dc69bdaef44576c3fb5523e00aa152107ce30287

  • SHA512

    1dc9ec7b139bcf37107ecd673c01e4fcc606332ea1645a4a1b4e5d95f817d4c99d5964cd3d941a6a526689341d9623b17b4efc002cdf4c73404299d52b1be452

Score
3/10

Malware Config

Signatures

  • Command and Scripting Interpreter: JavaScript 1 TTPs
  • Checks processor information in registry 2 TTPs 5 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies registry class 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 5 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\app\js\utils\cookies.js
    1⤵
      PID:4804
    • C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe"
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:2084
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe"
        2⤵
        • Checks processor information in registry
        • Modifies registry class
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:4340
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.0.1953389504\752696341" -parentBuildID 20221007134813 -prefsHandle 1688 -prefMapHandle 1680 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9a1cdfea-cdb9-4fd2-b5a1-d7506dbdedc3} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 1764 223c9fdb158 gpu
          3⤵
            PID:1644
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.1.581177280\1366633636" -parentBuildID 20221007134813 -prefsHandle 2108 -prefMapHandle 2104 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {18f71b53-833b-4809-9235-2b05e2ff5b5f} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 2120 223b7b72258 socket
            3⤵
              PID:3436
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.2.299479319\1852512223" -childID 1 -isForBrowser -prefsHandle 2944 -prefMapHandle 2940 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e0f7ca79-a05d-48fd-8068-65f0c61d2523} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 2956 223ce1a0158 tab
              3⤵
                PID:1252
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.3.1936062778\763213434" -childID 2 -isForBrowser -prefsHandle 3492 -prefMapHandle 3488 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {13813b88-36ad-4bc5-bfa4-985d860037b7} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 3500 223cc99b858 tab
                3⤵
                  PID:5072
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.4.392952536\1348876317" -childID 3 -isForBrowser -prefsHandle 3680 -prefMapHandle 3628 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0b91e03-87dc-431b-9c8d-a1b8fb690b54} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 4312 223d0068e58 tab
                  3⤵
                    PID:2300
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.5.1504639857\335946413" -childID 4 -isForBrowser -prefsHandle 4908 -prefMapHandle 4904 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {78c2ad8c-cb08-49de-b738-37fea0d9f8e3} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 4948 223d0b14858 tab
                    3⤵
                      PID:2204
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.6.1565036666\997746167" -childID 5 -isForBrowser -prefsHandle 5084 -prefMapHandle 5088 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c6e5201e-c61b-4c4e-8a76-6d74d5063b83} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 4968 223d0b15458 tab
                      3⤵
                        PID:4212
                      • C:\Program Files\Mozilla Firefox\firefox.exe
                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.7.34991625\192674265" -childID 6 -isForBrowser -prefsHandle 5376 -prefMapHandle 5372 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {cafc2c2c-676a-43f2-a608-4b42e7431315} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 5384 223d0a59258 tab
                        3⤵
                          PID:2232
                        • C:\Program Files\Mozilla Firefox\firefox.exe
                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.8.459955568\421940158" -childID 7 -isForBrowser -prefsHandle 4300 -prefMapHandle 1552 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e173d3ba-20c5-49eb-9dfe-2ad98c9414c0} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 2492 223d1bb1e58 tab
                          3⤵
                            PID:2220
                          • C:\Program Files\Mozilla Firefox\firefox.exe
                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.9.1103435890\470209087" -childID 8 -isForBrowser -prefsHandle 5640 -prefMapHandle 5636 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5836391e-8f6e-429c-9cd6-d763e27e9697} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 2552 223d1e54c58 tab
                            3⤵
                              PID:4944
                            • C:\Program Files\Mozilla Firefox\firefox.exe
                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.10.109668219\948067339" -childID 9 -isForBrowser -prefsHandle 5804 -prefMapHandle 5808 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d11c94de-4913-4730-91ee-e88854cf1fa4} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 5796 223cfe2d258 tab
                              3⤵
                                PID:1464
                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.11.1640186989\1567315873" -childID 10 -isForBrowser -prefsHandle 5948 -prefMapHandle 5952 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {99385567-173c-4a17-9d44-07133ce6ce64} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 5932 223cfe2de58 tab
                                3⤵
                                  PID:2912
                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.12.1601616109\1925820300" -childID 11 -isForBrowser -prefsHandle 4152 -prefMapHandle 4352 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {86ab0d58-877e-4be8-810f-05f0de67ef5a} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 2668 223d1efa258 tab
                                  3⤵
                                    PID:3776
                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.13.1249120504\2011680548" -childID 12 -isForBrowser -prefsHandle 9152 -prefMapHandle 8492 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0b18da68-7ac6-4cae-ab30-253a0f11dfd8} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 8424 223d38df658 tab
                                    3⤵
                                      PID:4492
                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4340.14.267348966\236922712" -parentBuildID 20221007134813 -prefsHandle 9164 -prefMapHandle 2760 -prefsLen 26768 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {49fb4df8-6128-42a4-9c42-8ea72c30a3d6} 4340 "\\.\pipe\gecko-crash-server-pipe.4340" 10076 223d3910858 rdd
                                      3⤵
                                        PID:1932

                                  Network

                                        MITRE ATT&CK Enterprise v15

                                        Replay Monitor

                                        Loading Replay Monitor...

                                        Downloads

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\1380

                                          Filesize

                                          16KB

                                          MD5

                                          0163034497311edbb6a9e184f2af5e99

                                          SHA1

                                          cd9d81bc3f9230412da2c66de91ae70ed74d9f27

                                          SHA256

                                          2bf29110a9c6625685601a192059487f640aeacfad6cd8619ddc067bb6684407

                                          SHA512

                                          9de61fca12b2b076704ee00082c2223e16d647d15c8cfd57bc4a1345c41441ff3afc9f580873d9c94f1883b51c7549fe0c2ba87f295bf3f8c819257608fd0998

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\17998

                                          Filesize

                                          16KB

                                          MD5

                                          3d2a10a261b24db26a454d548e780061

                                          SHA1

                                          1f40ddcb4f9f4ce9d14079daba9c4822a448b36f

                                          SHA256

                                          d7ce83315cc630831f4bd52f72d81fca6e2ed480bb5920aab64aa163571f8aee

                                          SHA512

                                          f382d0e88ac294a3e1b4e62bc1060cab704dad0a3103856eba1153a873b6734131713f6d433b20c0af3da5018b5430bb002b0402347ea42bb8538733ad15a4cb

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\20281

                                          Filesize

                                          16KB

                                          MD5

                                          7d04f0892a68f4471716a28ced6572fb

                                          SHA1

                                          93421f1a91fde564dbd488effa50cf14ab58cfdf

                                          SHA256

                                          d3d266013009fb864368e17e8d7ec1d9e56edbc4db5b738c8e069e6ab80c6229

                                          SHA512

                                          e5efa65659c1fe2f8c700184a19302645aa80a223a0d74d00616ffa310cefe58c09d3e293bcfd8fccf302f797c93b632ddada0472cb44247b6a43a971f367b3d

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\20888

                                          Filesize

                                          16KB

                                          MD5

                                          9965e04f43469413a3abcdb2f90f36fc

                                          SHA1

                                          34cb3ae0ff405c73931ce6e6e5ffa4f9294777d0

                                          SHA256

                                          2335ac7bdd48d17d8c8db8bbdf2b26369fc32d34b837f3e7d4f77278214e73ad

                                          SHA512

                                          c52981ce9b836bd413b0d68516034a9f391ab8e2353fc6117a4af916714e0e2e6f74acb1782ab7bddeafc2c3f86fda9edf625eca14acd1a3de9c3ace2b65fa23

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\29536

                                          Filesize

                                          16KB

                                          MD5

                                          35c9acd0988316f2bca6aaff094e00d1

                                          SHA1

                                          eee8c4e1b55720e099714228e92543e613e20afa

                                          SHA256

                                          02a3cf1ef4d2556d5bef3d8b9e5a144cae194d3ef85293123cf60c1270c33e0d

                                          SHA512

                                          5a10ae73362f914a4bfc879a868cd88df66915d9d36732c2fbc4854382f783c8c4c8dff3c27a26cb72654eb1c7e9433d7497f1ec18bb25817bceb662aa30f905

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\29965

                                          Filesize

                                          16KB

                                          MD5

                                          927f55d18d154cd04cdf469206df3efa

                                          SHA1

                                          a6b984b7f5c6b042f98835260428dd2f8711f494

                                          SHA256

                                          9d6a480c21f35379b8f540283ed1c2162bb4a832cdfaeea518f50a86f1dae60b

                                          SHA512

                                          9c4f0781c49219f5e6d0eb05a846d34931acfc861a7e8b67dcab6e24eda37daccab4695e8013dca530f703f6b4c201b95027c5ef954b68694effe072e81e5a78

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\30909

                                          Filesize

                                          16KB

                                          MD5

                                          36021583f43d6b79f18e0b9261e9e5cf

                                          SHA1

                                          90dc186ba81a232e2c53864d58520b6e87478b22

                                          SHA256

                                          8feac1eaac6106d050d886d28ba96acba5c65d5217bb8b881eae06796282ca40

                                          SHA512

                                          3ff582bb6d3825a18d5a195cc03d6534439ae46ffd9dab46235e50ec60315dde6e2d69f1ffe53216f76ee06401a1a6849c0d284383fb68e3f42dba01910eef8f

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\doomed\4375

                                          Filesize

                                          16KB

                                          MD5

                                          5e8725e203bd15ff5526b709f11cad2c

                                          SHA1

                                          78f8bd1e27d2365047da2696f8f53bf4ab2082a8

                                          SHA256

                                          84eb53135e7f970dc8a35559b3876009e5172ec22552aa64111e9555657f21cb

                                          SHA512

                                          ed570d68dbc0ef93270a9c01eae8f028d45880bbd3f3d3dbcbc679c65db4f97567e09218e749acf60a4c8cdea646434d7d1f5593f5becbecddbf2189ab967b15

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\entries\42FBC92BECB6C579184E489E280F0F4B3357EAA5

                                          Filesize

                                          131KB

                                          MD5

                                          b459fc03afba11f81b5fd9d68e71186a

                                          SHA1

                                          162d664e384e40a99e42efb1ed145b72b2ccf714

                                          SHA256

                                          a82b806952b44fd7cb5de2302d51c125110b1ee9816160d0fae064cc1539163d

                                          SHA512

                                          d9215549f8987b357da9a58eaab9536c1b4b18b48df711327971ab71c603537730f566016af8a78450e3c4640b8fd00c4d37dcf66f3f48638bcadc03f63ca1b8

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\entries\639028690EAC90CBBCD6DD68DA6CE11697C3C461

                                          Filesize

                                          124KB

                                          MD5

                                          532eb18db9d73dccaf52a77a727a95ae

                                          SHA1

                                          4ac896b829a8bbb79e75b691561112113b92e746

                                          SHA256

                                          e430d0d91c46323caaaff293291c670db1d930c4fb5c580a487cbe81602ecacc

                                          SHA512

                                          84da0965dcd405b359ce601cf56af3a8bacaec5acdc1e869d0cc014d93fb8db97eb14d537d9727df677fb1e38050e0a1f5941b40e22b7288d3db13870018f83b

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\cache2\entries\E00BECD303B77CED95A357A7A1E4C8D69B473C88

                                          Filesize

                                          208KB

                                          MD5

                                          018263ae0b1e9e029a1cc36e65f7fe7c

                                          SHA1

                                          4827f4de8e61f9b76f8a85a42bed3b2a287d5baa

                                          SHA256

                                          e927b66ac01dc27652a1c3a8cc16b302a8676dae524435865f2dd002dbc6d57f

                                          SHA512

                                          34e809cd1bb133a6508788f5cad0b21b9a549ec9614262bd8ef72835abbb5cc11d33b7c871b5d687604712a6827dba92b919c3b68f666ce6964402c7fbff919c

                                        • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41eh5pdr.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl

                                          Filesize

                                          7KB

                                          MD5

                                          c460716b62456449360b23cf5663f275

                                          SHA1

                                          06573a83d88286153066bae7062cc9300e567d92

                                          SHA256

                                          0ec0f16f92d876a9c1140d4c11e2b346a9292984d9a854360e54e99fdcd99cc0

                                          SHA512

                                          476bc3a333aace4c75d9a971ef202d5889561e10d237792ca89f8d379280262ce98cf3d4728460696f8d7ff429a508237764bf4a9ccb59fd615aee07bdcadf30

                                        • C:\Users\Admin\AppData\Local\Temp\tmpaddon

                                          Filesize

                                          356KB

                                          MD5

                                          f66d14540349e2820cba7569f707635c

                                          SHA1

                                          69178b72350607149fbc660858662cc36d0c0148

                                          SHA256

                                          899f123e598fdea72258dce4a074eb6b9d9f7c49bfeadb76f0dd88bb790a0e94

                                          SHA512

                                          fe5de9926ffd89a5d4cb0cd9a40ff60a46b610be59f6a1c5bc98982564a96f3338afae471d3cbcffab858e1235c51e0968426c2a56d716150633900a11e70c74

                                        • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

                                          Filesize

                                          128KB

                                          MD5

                                          1b584e628b6501b666a4867a6c615224

                                          SHA1

                                          3d6bb397f06e4651137690304390328a8f580b95

                                          SHA256

                                          00ec0cb3f537f1fa9775726b0f5c646e91476c7c26f5b9e50a4cc17a724038fa

                                          SHA512

                                          774d6c1770cf8de3fc08bff493284cf48136d410e44012f7f6077eb1554569a4dff00f26b3485f2178ac766fa41efd2ecbe8d82699a1eeeb2b1bb20d487ed6fb

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\datareporting\glean\db\data.safe.bin

                                          Filesize

                                          2KB

                                          MD5

                                          cf065e8aa4ac4f6e4089bd6dc0c672da

                                          SHA1

                                          510df1b3b9b21e35bd265ee62ac7a36fc6d3f667

                                          SHA256

                                          1b09e674503ca30f7b80fa66ced4bd05dce3a823278a1ba25e6f1ace4faea490

                                          SHA512

                                          1d88170489548d5e1b24163013d1d071fc691bf35964fb3a9ebe2c22628e9dd4c056df52d33c5f3329056d39329ac76be70f83d30b7dc7865357dd956426b27e

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\datareporting\glean\pending_pings\ab701757-2943-4412-8845-396be43eaef1

                                          Filesize

                                          10KB

                                          MD5

                                          289033529b030b519c1f0c14d9bf7e95

                                          SHA1

                                          82934c6c04f0f3072fb47cc867fa3bf7a5713f9b

                                          SHA256

                                          3fa5cc295a09ca491be1d53c5cf7ec2251b014e0ea966856c56c8e0f36934acd

                                          SHA512

                                          a65593692fa47c3b9fd681f4297c3cfbbb99563a59f1c8fde4f540b5fabf3db295a5539bcf03a701b1789bd25539143c36633f58d58a595bf5e665410d6b016e

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\datareporting\glean\pending_pings\b535c775-ee9f-40dd-9ec0-207c43a0d273

                                          Filesize

                                          746B

                                          MD5

                                          06c593a1dde7e586f673e8feede8e55d

                                          SHA1

                                          1fd6b50a8b88401fba430b69c3b457a064a89b20

                                          SHA256

                                          12303af6de2124edd1389e9161a75189b43a23d6c7de483844f937b8719fb2e5

                                          SHA512

                                          fe2f4441e0f1d0f50b11bc5ab938cab2638959831223d66e048f55cc1360e374252c36226c65dccc9a610021f540c089dc5d5a7045adc446ec9e502a364d3183

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

                                          Filesize

                                          128KB

                                          MD5

                                          68a9104bf26e9f1714e14c9de411c866

                                          SHA1

                                          6943f123e03bcccc10227bb154fef2fe6b91091f

                                          SHA256

                                          3a679824e92b961a0c71dbfcccf0fb4f6929ef74de2a604b0cfefe8369d0f295

                                          SHA512

                                          07564a603ca6cb289c3d9667c4a561487575db6bf455f79f09f98c598abc0731a2e2435368bc4fa91d905e10ba266f81e7d4f30ef7215464da6a33ca52a86f1d

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

                                          Filesize

                                          116B

                                          MD5

                                          3d33cdc0b3d281e67dd52e14435dd04f

                                          SHA1

                                          4db88689282fd4f9e9e6ab95fcbb23df6e6485db

                                          SHA256

                                          f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

                                          SHA512

                                          a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

                                          Filesize

                                          479B

                                          MD5

                                          49ddb419d96dceb9069018535fb2e2fc

                                          SHA1

                                          62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                                          SHA256

                                          2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                                          SHA512

                                          48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

                                          Filesize

                                          372B

                                          MD5

                                          8be33af717bb1b67fbd61c3f4b807e9e

                                          SHA1

                                          7cf17656d174d951957ff36810e874a134dd49e0

                                          SHA256

                                          e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                                          SHA512

                                          6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

                                          Filesize

                                          128KB

                                          MD5

                                          3bec5a0393b8eaa07500e6425c649089

                                          SHA1

                                          16b6dd92bf3b124f9e474d21f07abfcb678eed5e

                                          SHA256

                                          c8c48a9f730c0b594c2e4f0d41fddb785e555a7a3b8c9f2b604703b89219bb14

                                          SHA512

                                          9f9cafa7bb5b863a7466d719c902dc7723d3a3d09b9a76a471bfa40db6d8a55ecea96f0757dbe83c713ae2687edad0edc44128d04cceef0f080c825924211866

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

                                          Filesize

                                          1KB

                                          MD5

                                          688bed3676d2104e7f17ae1cd2c59404

                                          SHA1

                                          952b2cdf783ac72fcb98338723e9afd38d47ad8e

                                          SHA256

                                          33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                                          SHA512

                                          7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

                                          Filesize

                                          1KB

                                          MD5

                                          937326fead5fd401f6cca9118bd9ade9

                                          SHA1

                                          4526a57d4ae14ed29b37632c72aef3c408189d91

                                          SHA256

                                          68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

                                          SHA512

                                          b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\prefs-1.js

                                          Filesize

                                          6KB

                                          MD5

                                          765ff5d88cd6b3f46f4da215c9ac7ec7

                                          SHA1

                                          5d658b18f78479773d274017b646b0d58de1f0eb

                                          SHA256

                                          b0e0cde19dfde2d4685bc5b8be3ed0ec7970d81947085afea8f73c228b234a80

                                          SHA512

                                          64024da1f881b28e8280a381d1ff012874b7d731402a5f79734d385eba91305e9e3c6778b2e35fcb09a7702760357faee3f53a887863bf3473215184b21b1973

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\prefs-1.js

                                          Filesize

                                          7KB

                                          MD5

                                          3c261e3deea3f2040b4e0fbd24a4962c

                                          SHA1

                                          a742272742e587da3ec30a44e6e9ad4837e5b89d

                                          SHA256

                                          3926879add621d364751fd79f3fd32cf116f43b8d067698ca75af896e7a09e96

                                          SHA512

                                          b2a68eb9cf7bc770506c968c1ed774a8f51846a6eac8f47afa43c9f5edf7bd018162e72d2c783e1d1947ac0cc794b2c060194ed9bbcc1888350298b6a5462a2c

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\prefs-1.js

                                          Filesize

                                          6KB

                                          MD5

                                          c11ec3ba91c3b046d64e9186f686ea51

                                          SHA1

                                          e25e499123a8f10d38a49c579e6955f454eebeb3

                                          SHA256

                                          594029f5073a4ab15de9e834e6f87bea4a4933930bb5c56a9b25b0410db3c4a3

                                          SHA512

                                          db6a27cfdfa029cf8d2460e070cf2dce969ab9b304e019b4245827a3a6cd98a052fb5a8b185553eb829fc43700ca3fedbc0bc7c9a4e19e00e79a417571e354a1

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\prefs.js

                                          Filesize

                                          6KB

                                          MD5

                                          6f7a962a6d57d30f31a53e482c517045

                                          SHA1

                                          5461c7ca2ce07cf17680cba421c14ecab35b514c

                                          SHA256

                                          85d7d562c0c4f04714f078f310b2d9966b30f215492a4e93d83a23b271e3d37d

                                          SHA512

                                          885fcd406aa5921790431d105c7c37884581aa2d384169495ae47d8f016db84eb53f8eac2b3f35ac2e4899659c3f616586d94c5fdf2bcefa8c2b6f6823476131

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          3KB

                                          MD5

                                          27597897f94fcb58668b7d2a0c043277

                                          SHA1

                                          11c28d04aa4adc7e81a2cfa366150beaebeedf69

                                          SHA256

                                          4e44060dae2b1f3face6253a9ed8f48f958b0bb775b205d30cad816c52b27036

                                          SHA512

                                          af1f572ad6e5a695de87f0f08abcfddf35f4ba5cc0bf13e11d448b763c2b7578fb452c9498e4a91f9c913c3699058ce4ce9dcf335ccca1b42aa88db9443232df

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          4KB

                                          MD5

                                          dc7f05c488630843558264f28977f4f0

                                          SHA1

                                          b50f32a39d6a0241a9b5afcaebf0abb91780da06

                                          SHA256

                                          53a9f20c6039585382d4673861c660b9b372fde15f924291214b0ef76f4f741b

                                          SHA512

                                          34b98aa09af0ca0976f05f9ba97d81d903499c996b25487b1c2491a610ee95f39dd8bbf98cd02bbf3ebdda2f91ae47b537cf12b7b3f363f8425f032c4924c0da

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          9KB

                                          MD5

                                          e0eee5ea3e89f14b482ebb105145f46a

                                          SHA1

                                          3a558facc479d36a5151acbcd85afc4dc1929403

                                          SHA256

                                          178978cc23dee6156db4c32adfb3e68e57d7f1a3e7eadb349e069ff3404a4a4f

                                          SHA512

                                          5f880673b261da058dbbf49eacd11b1d8455ea8478e9371c0df0047de6991de82ba84d3b71a588284519f4e439dc4a9470f48bb83d79f65b01704a85fe0e011d

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          4KB

                                          MD5

                                          caf4ed8d36a34028b03dc6e958b3cfa1

                                          SHA1

                                          b76ffbfad0212f2b45bd5e110f9ba8393ada3726

                                          SHA256

                                          27949fa04959975ee25903389830ef2d8432f0fe55d097b346d99fbd872c1d71

                                          SHA512

                                          09fa8b363cd2ad0538da5463348febb07a69033d13fe8ddc605f4f764dc722e5de44a3aedcf7cb8552e04b78018abef0b1647cba9be8b51aa46aa672f1e15fe0

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          11KB

                                          MD5

                                          450fa2516628d1cb021b66ac2a345130

                                          SHA1

                                          f081797766e20835f01dd5838824f3d58ebd97d7

                                          SHA256

                                          15fab62837ca5f433f934ffbd7060219f061afd4c46e95e6c7a092f430253333

                                          SHA512

                                          879df21548fcd8bd408f59995e51634fd632b5a140d848987059e57771e111d89cb42a04ab6be8ce92a4f4ef74181708ac2eb4975a7b258f6c3b8b7991ec1173

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          6KB

                                          MD5

                                          359bc828aead9343a3e9936932ac9cc5

                                          SHA1

                                          2980d2d186b48387914660e26d7ea91c1f04f6f4

                                          SHA256

                                          34ae46cb23904c7640f2eca44cb5bf86996a03f3ce1d2cd9bc952f6a59d27968

                                          SHA512

                                          fca3dd39939effb12b9a34ac2185e024d6c74cdc0fa8fe8f8b68241e60a0c1be4fa07cbf962901adeda1d23af2a350dcd29c6cc60f6f9306541eef04e438c97b

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          11KB

                                          MD5

                                          41c4d3b985769e271ac04c98584aea72

                                          SHA1

                                          920e689a2247de249315c54611b95f9e60897cbd

                                          SHA256

                                          a14b614b50aa16ac6bc08465c5be8d7d56139bad76ca51f3a03c2fbebfa46e13

                                          SHA512

                                          9827486ba32bd8b934202e801e7217363a606a662a5df0e2f89ae3d91f78f121be802abc011939ff085a4c82d06c671ccf672b08c7e04333ac62afe7135fa3c0

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          11KB

                                          MD5

                                          8ba2e099e22276cf93de250e987057dc

                                          SHA1

                                          cd78619144d1e8f216e77dfd761ff3114b4cb527

                                          SHA256

                                          046ef0456425c5b8864b1c0a33db8b3461d8a61b0719a5fadd4f391e6fe16449

                                          SHA512

                                          692711564f87a30d895fb5972d2679adae5f26947b770f420121d80438d781ee33567f6b2b209a2401feaf96e11124aef2bf25936d43f6e649088be6414b8924

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          17KB

                                          MD5

                                          5217bec8425db4c08f6b0b83345686fd

                                          SHA1

                                          e43bd75b95b8666298ca2553466eb8dff126858c

                                          SHA256

                                          653941033229db9d060b94a0a4603b154093282d7b0c8d21a07b500aed6dc743

                                          SHA512

                                          4035f81e2dc54cec39bb977b379d64d824001409b9b86e583ef0eea3f2ce45d5581ea69cdf14ff5c566c801c80cd1fe487d70262d60e842942eec9c66458aff2

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          11KB

                                          MD5

                                          8b2e0cefa1ae19a1a60e90787e67f936

                                          SHA1

                                          4cf3d27094d1cda0e6ed4a106ecd849087681de2

                                          SHA256

                                          b33a53265d015a052caaafc1a74f0d75e29b89b1f0aba3f8cc73d94306eca4f5

                                          SHA512

                                          fa9248f5f7111683e46cb91bd2f43fcd76aa418283b98df60d38d985ef9e68e62846b49d7d3775e214144952f831f7d07a934a98b760c03540e3d82dc3e58b4a

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          17KB

                                          MD5

                                          3b85cf84548809b4faec8dd410f0c0c6

                                          SHA1

                                          db41b44a892102c6d605aad9f3c56f4cb3217f76

                                          SHA256

                                          8bccfb765dd6f6ec9872df9019cb2bc3ccb70d8f65598a5a3796d5d2e094bf95

                                          SHA512

                                          98ca399651c8d7dfaecfe27fe495f4d540895612e4554e0081e293f9e57463d9e947efe8d25ed6c5ffa874d98480fdecdee3e9d6dcac34fb727dfe5413ba5638

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          13KB

                                          MD5

                                          676cd77c6fb893bc86369cb2fbe2e12d

                                          SHA1

                                          cfa315f9b1a5eef159970a2d38a37b5134b30089

                                          SHA256

                                          31e8cd80949986ce01fc75dc79b700f9e0c406fba36ec33cffa1525687e194cd

                                          SHA512

                                          ef5b231da2a5d54b8f9b439ad290c8ebb1fab3f32cef99f6ef96b5f6e44527884386958ff68a37e690704e4b3f84b78d848a2439ce30a05249a2ab52fe676f12

                                        • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41eh5pdr.default-release\sessionstore-backups\recovery.jsonlz4

                                          Filesize

                                          17KB

                                          MD5

                                          1311b9fe8394da30f296307485f267bc

                                          SHA1

                                          5b0f8cd4f768637c43f4a1419be8b9d4fb6fdff5

                                          SHA256

                                          c4890d6e5a06aa94dfd6524dadc25d95c4bfa77ad8d704e62f8b1850e04a4e4c

                                          SHA512

                                          6de51b265f0c0cf3651e51f0bb70aa83cbb439c38807006e0db0d2eb5e52e7a3c628411db552d180609d9da2fc8db41ab4727549f41349fd5324c785cd05dfb7