Analysis Overview
SHA256
335d7d67678ff4475ee0622beef67a923e4962a034ce7ca97d6b08d9c119a3eb
Threat Level: Shows suspicious behavior
The file medium.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Executes dropped EXE
Loads dropped DLL
Checks computer location settings
Checks whether UAC is enabled
Detects Pyinstaller
Unsigned PE
Enumerates physical storage devices
Checks processor information in registry
Modifies registry class
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-09 00:49
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-09 00:47
Reported
2024-05-09 00:59
Platform
win10-20240404-en
Max time kernel
299s
Max time network
309s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI46962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI46962\geckodriver.exe --port 50048 --websocket-port 50049
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50049 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileM3lq2w
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50049 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileM3lq2w
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4428.0.68719826\834558114" -parentBuildID 20240416150000 -prefsHandle 1484 -prefMapHandle 1472 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {0c72dba9-d2ec-4487-afc5-1f7970ad15ad} 4428 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4428.1.22520073\246153362" -childID 1 -isForBrowser -prefsHandle 2512 -prefMapHandle 2508 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {985992dc-58f3-493a-b021-87ab5fa170db} 4428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4428.2.1938584674\1659341104" -childID 2 -isForBrowser -prefsHandle 2956 -prefMapHandle 2952 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {fb6339e4-d5fc-4b5a-8da7-a7d761c6619c} 4428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4428.3.629704532\918259812" -childID 3 -isForBrowser -prefsHandle 3496 -prefMapHandle 3500 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {dc600745-32a2-4162-a12f-67584d59c38f} 4428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4428.4.1960615043\1249834644" -childID 4 -isForBrowser -prefsHandle 1356 -prefMapHandle 3044 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {166b1c95-febc-4def-b667-de17fe4944e1} 4428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4428.5.1691656523\51827798" -childID 5 -isForBrowser -prefsHandle 2964 -prefMapHandle 2968 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {ea584329-0eda-4681-8aee-58b92aad1d2d} 4428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4428.6.715050382\470441058" -childID 6 -isForBrowser -prefsHandle 4060 -prefMapHandle 4068 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {72b07a81-62f6-4621-8072-13f1054e5a13} 4428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI46962\geckodriver.exe --port 50048 --websocket-port 50049
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50049 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50049 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.0.1701712359\1338231438" -parentBuildID 20240416150000 -prefsHandle 1480 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {88135f89-5c08-4e04-96b0-a8b5eff875ac} 4400 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.1.486916248\1731904888" -childID 1 -isForBrowser -prefsHandle 2572 -prefMapHandle 2352 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {6c223492-8cf2-4be7-b686-6f728ab805ce} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.2.1623871754\1771935632" -childID 2 -isForBrowser -prefsHandle 2948 -prefMapHandle 2944 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {a5909bb8-9f3b-4719-b1af-8c5979bc0452} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.3.830172108\307760989" -childID 3 -isForBrowser -prefsHandle 3256 -prefMapHandle 3260 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {d677543e-b1b2-49df-87ef-56c40f5202a3} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.4.1428134782\1641202955" -childID 4 -isForBrowser -prefsHandle 3536 -prefMapHandle 3532 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {72d93135-7002-4fa9-9c2e-6277f90d8544} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.5.1749633397\1317434453" -childID 5 -isForBrowser -prefsHandle 3752 -prefMapHandle 3756 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {ed9e8324-9bed-44ca-b9b2-1fb200236199} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.6.20982556\863684668" -childID 6 -isForBrowser -prefsHandle 3876 -prefMapHandle 3872 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {a73b252f-76a7-49ef-99fc-9d07f60e616a} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI46962\geckodriver.exe --port 50048 --websocket-port 50049
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50049 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUgb6hv
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50049 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUgb6hv
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4908.0.164503615\1641087969" -parentBuildID 20240416150000 -prefsHandle 1472 -prefMapHandle 1448 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {cba43b5e-c7b7-4979-b484-698804fee259} 4908 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4908.1.1111399301\1036063081" -childID 1 -isForBrowser -prefsHandle 2612 -prefMapHandle 2412 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {5f16d921-85df-4ba8-926a-b15fd4a644e4} 4908 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4908.2.348151961\695690482" -childID 2 -isForBrowser -prefsHandle 2948 -prefMapHandle 2944 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {216f624f-899e-432c-a653-18c6c4cd1ffe} 4908 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4908.3.1305568291\65867346" -childID 3 -isForBrowser -prefsHandle 3048 -prefMapHandle 3036 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {cad9c571-fc17-453d-bf95-7e3d39e0232e} 4908 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4908.4.240405987\1631859902" -childID 4 -isForBrowser -prefsHandle 3672 -prefMapHandle 3668 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {e2e86355-3660-4c25-92fe-39aa1382844c} 4908 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4908.5.1624440310\1629186540" -childID 5 -isForBrowser -prefsHandle 3692 -prefMapHandle 3828 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {8f8edbe5-259e-4bf9-985e-09c28e37f803} 4908 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4908.6.1094865930\555248610" -childID 6 -isForBrowser -prefsHandle 4092 -prefMapHandle 4088 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {be7be3f3-78d5-49ba-886a-e245b91c5593} 4908 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe" -contentproc --channel="4908.7.1380210669\1623041249" -childID 7 -isForBrowser -prefsHandle 4376 -prefMapHandle 4372 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 1120 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\browser" - {12c8eafc-2620-4104-8277-343eda653bfa} 4908 tab
Network
| Country | Destination | Domain | Proto |
| US | 198.98.48.20:9100 | tcp | |
| US | 8.8.8.8:53 | 20.48.98.198.in-addr.arpa | udp |
| DE | 89.58.5.0:853 | tcp | |
| PL | 94.72.118.117:6666 | tcp | |
| US | 8.8.8.8:53 | 117.118.72.94.in-addr.arpa | udp |
| DE | 89.58.5.0:853 | tcp | |
| N/A | 127.0.0.1:50151 | tcp | |
| N/A | 127.0.0.1:50155 | tcp | |
| N/A | 127.0.0.1:50048 | tcp | |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:50048 | tcp | |
| N/A | 127.0.0.1:50248 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50256 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 52.111.227.11:443 | tcp | |
| N/A | 127.0.0.1:50048 | tcp | |
| N/A | 127.0.0.1:50048 | tcp | |
| N/A | 127.0.0.1:50048 | tcp | |
| N/A | 127.0.0.1:50553 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50561 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 13.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| N/A | 127.0.0.1:50048 | tcp | |
| N/A | 127.0.0.1:50048 | tcp | |
| N/A | 127.0.0.1:50048 | tcp | |
| N/A | 127.0.0.1:50842 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50850 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI46962\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
\Users\Admin\AppData\Local\Temp\_MEI46962\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
\Users\Admin\AppData\Local\Temp\_MEI46962\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
\Users\Admin\AppData\Local\Temp\_MEI46962\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\top-1m.csv
| MD5 | a29565710c081a7da5e38a4f4edd4e65 |
| SHA1 | 818c4f88ac3e53f2ea07c7b822f5f7c7d5e7103a |
| SHA256 | b9ebda977c49d54f46dbc40b08dd385dc79e4afca90796f35d538ef13ef95831 |
| SHA512 | eda629b4243b2143e9c4de587606e47f0c65ed258d3fada3d652b6339ca95476adab46a03744bbf09a9fb5456f087fc186546da464d36973622f376ae550ffd2 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
\Users\Admin\AppData\Local\Temp\_MEI46962\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI46962\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 609ed4a7738d4fa849ca0dcc8b7dcee9 |
| SHA1 | 4d64964c371c9f7e244c321a9530b55010625e8b |
| SHA256 | 6cb41969da3319d6e6be5d03240a9590d759ca0c0ca3a0eb884619b9da3eed39 |
| SHA512 | 6b4685b0c67d7c7aabebd31fc4700573654911e6d92035aa0606d859dde5f45c20d3ec5508376f59ed338dd710c57a9841937969ad8b1744a251abc6ec655f23 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 3e5d1660e5396e470670d033b022322a |
| SHA1 | 855179cf681be02c876e481c71c8d34dfe89eb91 |
| SHA256 | 8cf3a30d85a5a5658789177eb5b1ce168d1596b97b2336c25a390e92ba1897ff |
| SHA512 | 046f58174ddf71c4e5f024cb1753c12786917d066222ba7a515f386b7c5b86ef86d3dfc64371ff3e5df869ebb35d76e34dcb8ecf3027e2f27cb0751c1a12d080 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmp2a3qc6sz\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\geckodriver.exe
| MD5 | ecd8efd4cab1e6f7d84483c09c9ce6b7 |
| SHA1 | aafe438def0edbe9176f462d1e4e8c4a1883540c |
| SHA256 | 5032f5bb47f24f8e677397e347fdb4a501b0eda42f5d5aa2f5186edadf9838ec |
| SHA512 | eb40225be2070f88465d35b56d5fd2f94ef4a9ead2306ce5c81bb2fa31b1c252e7b8f57befad32130023c5893fd1cb499c387daeb9b760ce2d008691c5359ea9 |
C:\Users\Admin\AppData\Local\Temp\tmp2a3qc6sz\webdriver-py-profilecopy\places.sqlite
| MD5 | b5c12d055da1a860c64e12fa500bf3df |
| SHA1 | a609d35d60c8fb3b95e1c6d8d632ab4abcb56577 |
| SHA256 | 0d2bcf89b48e95fe3b4a9b58e6cd24c1731559bd15f43cb3adb7421f67f00ee6 |
| SHA512 | 0c0c75e4048c51af99ca26f7eae072ca4d432b09802cab168c467ce1801603594046e1a873502546d76e7b573a182b47a145ef885a3b12c86cebce751a84a303 |
C:\Users\Admin\AppData\Local\Temp\_MEI46962\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
memory/4428-516-0x00000298C3410000-0x00000298C3420000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileM3lq2w\extensions.json
| MD5 | 015b0da614b089bb9d13e920e02c4ec3 |
| SHA1 | 8679ebf903d6f1fd14c6fdba09441e8f7bb13c32 |
| SHA256 | e932aba8871bbeb2c597799eeba85b6001d8fb1bb453f04f547d3f821685936a |
| SHA512 | bfb3410fbc132ed25a4f34b70e7e787e72c6d335cf3278a8435df602e2481308500f9573a0de97f4818a2da13172b3e4f6d52f6b71f2f37ad8f37cfd7d00af30 |
memory/4428-571-0x00000298BDFE0000-0x00000298BE150000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileM3lq2w\prefs-1.js
| MD5 | bb6b3bfc02ad5b4b64c811a87dbf1c24 |
| SHA1 | 2b2e655939e2f6b73b067d494e247a9780aa777a |
| SHA256 | a686c291e82b0aadc0da8ed23372ae88854934c8640dc1857c6d0c10d7abb64d |
| SHA512 | 2085e03203a15ca5da80c4dc606159b3c99dce65c92ad0eef942b739d57a5df9ab0c6d5c169798a64dd75b1d356bfa75af094084d59fd724a28226b6b6d108ff |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileM3lq2w\prefs-1.js
| MD5 | 3563784bf9563bff4ba3f6544e622441 |
| SHA1 | 71b14f76ea41865ccdda174968987c0c5932826c |
| SHA256 | cc1c7c143ffb4b5e638bb4c73b6ac5c2543e8e14d0b94f5f1cb7b9fb5c5b5283 |
| SHA512 | 07cb5efb751ce25a142eb188cb5ffcfbf87de5284291d03112cda2bb216d1bd9407c1616017b0fb16282a2ce1dffeaaca1c2750e8d22e5c9d0bd8b324843856a |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 6ad5e392751c9e2489f3372b90040eae |
| SHA1 | c600b2c47ac9c2b19ee2457ee04c4cc24fb2150a |
| SHA256 | 0dc59890117ad7bd8688811852d5ae2401eaa4cd8ef96b8c1541b17fd774004e |
| SHA512 | cc8ca07faf7624b38c4cf5aa85b5e857184b9385c77bd8f30df37f20327ffc20a514c3eb232552fb582057ff0a713aeb1a9dbad7c6edfcb71f8e085be0b5e9f6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/4400-819-0x000001CDAE580000-0x000001CDAE590000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj\startupCache\webext.sc.lz4
| MD5 | a3d212e8a05ef265c4a288bd4219b50e |
| SHA1 | 96a0e2faa26cff7e5e36b42884cd3996b63d7d9f |
| SHA256 | 6e25c873930edafee9aa7634a37a84c6303704084b1713df4b9a6f6833e12cad |
| SHA512 | 9dd32adc9aad8a9ee1c380aec4598bc0a9cb81e0aebddfc0e8f20f51a14936f340ade15c144412bc56d241bc71f4b41c2584a137e2b5da71e14aa6dc86d583ab |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj\prefs-1.js
| MD5 | 77f371e3ff83d0d4cc9dec69b7348f59 |
| SHA1 | 3b60f3bb8df188b2818efa555fe331617f80f126 |
| SHA256 | 2b0f30b0c921f60c58ccce83c39f82e682105c866fd3ca779f9c9fd7e63712b4 |
| SHA512 | 4677a59bff4c913ed994ec2079a0022e7644b6eab8dab2193a812c7630bc73de226a75d06e1e56a1bd449b2ba730ce75dd4512bb5503bab4eacca02b4d497f3d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj\prefs-1.js
| MD5 | 4d2818224b88cbce9cd54166bbe4f6dd |
| SHA1 | adb762756972b56dce236160fd35a7f9911d7ec1 |
| SHA256 | ea3d7a87e1f2c13f09f902da898816df5db379d471e957c426b0adebe66ba522 |
| SHA512 | 44ffe008bd1ee67d38d5eceb44ac73711c10176a2267365888d31c93278f5cad6b996f420025f5de40184bf4a8aad9cce3fde8260605023611cfc3736dec4f19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRsOLNj\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUgb6hv\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUgb6hv\prefs-1.js
| MD5 | c696221e0cb7b246ad937de5d168f140 |
| SHA1 | 30c778f3ce3445abb8d68c45b5614f5c0663f0f3 |
| SHA256 | d915c29b5e9b02bc40eb4216d5a7a4fd99d2229dc0756488b45b6eaa12f220ee |
| SHA512 | 068a6cbda44c8cc5ec6f9a08c4aed4e6476881c4f1bee17307b98d82e96cfdd3cd686d9b285720d20dea50d257e4684b958f1b5e192168afb0219f2862e7a01c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUgb6hv\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUgb6hv\prefs.js
| MD5 | 4ea986caec538805ff802334d51ba193 |
| SHA1 | 605e9dd72978cf0d0915cf14fede0c547ce34adc |
| SHA256 | f6aa2788a8c7619f25bf9fe86c9adfdd6ee161c35b050b1942bd6e124452e637 |
| SHA512 | 6b4746be19db98497a58fb7249b1c5e6f7f575276e1fd88888d6fa6126774f234862c04b97e91a9e94869449c27d1e95f8b04f49b4af4843217ff02f8b016757 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileUgb6hv\prefs-1.js
| MD5 | 9216c034e983dd36aec662ddc0594bd6 |
| SHA1 | 148278423199f0175f02c6dddc0bfebf7f44da4b |
| SHA256 | bc3109eaa39fa4e08905c3f97927b3940d83ef06ded0fe30c075dd9ad98d44df |
| SHA512 | c8b8156fc5b515b1f6fefad6fbb9c986ebd6c8671c7a97eea75b11503d9f95cdca05991b69cd94d24ee5727a3ad55618e7596f942a82e1066fa983240b0199e8 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-09 00:47
Reported
2024-05-09 00:59
Platform
win7-20240220-en
Max time kernel
299s
Max time network
309s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI28362\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI28362\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTbdUcs
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTbdUcs
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2240.0.67025604\1323691850" -parentBuildID 20240416150000 -prefsHandle 1232 -prefMapHandle 1220 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {d1c535e8-8a11-4ee8-80e7-e095f31d4738} 2240 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2240.1.1950765548\350622631" -childID 1 -isForBrowser -prefsHandle 1764 -prefMapHandle 1656 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 852 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {b70e14f9-d9d2-4daa-8c1b-329f8070a2cb} 2240 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2240.2.2061680964\161229150" -childID 2 -isForBrowser -prefsHandle 2304 -prefMapHandle 2300 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 852 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {f17c2fc0-6bff-453d-82f0-29600aec85d5} 2240 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2240.3.291821585\373869330" -childID 3 -isForBrowser -prefsHandle 2456 -prefMapHandle 936 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 852 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {5563cf0d-c058-4ebf-812e-8721018a53f6} 2240 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2240.4.2034998095\230741901" -childID 4 -isForBrowser -prefsHandle 1128 -prefMapHandle 976 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 852 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {18989f4e-77f3-4f84-ba8a-a95041061f45} 2240 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2240.5.2123023307\1820950618" -childID 5 -isForBrowser -prefsHandle 2968 -prefMapHandle 2972 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 852 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {713999ae-026d-432b-8693-545bc63219c8} 2240 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2240.6.1016716417\1905950151" -childID 6 -isForBrowser -prefsHandle 3128 -prefMapHandle 3132 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 852 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {1be65860-af80-4f10-8c3b-d5c946882504} 2240 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI28362\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="1624.0.2109803874\421517016" -parentBuildID 20240416150000 -prefsHandle 1232 -prefMapHandle 1212 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {7754c58c-87e7-4602-a64f-af9eb1295f7d} 1624 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="1624.1.412214523\1878136539" -childID 1 -isForBrowser -prefsHandle 2124 -prefMapHandle 1748 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 632 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {95f6292f-f440-431a-9928-e5fa841822cc} 1624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="1624.2.544742310\1833659357" -childID 2 -isForBrowser -prefsHandle 2188 -prefMapHandle 2192 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 632 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {8c37b60b-4a26-4569-81a0-adfbce37bed1} 1624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="1624.3.1429612255\2041650468" -childID 3 -isForBrowser -prefsHandle 2484 -prefMapHandle 2628 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 632 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {dea3c6e9-fd7e-4c87-9930-034712645c58} 1624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="1624.4.740272249\320818392" -childID 4 -isForBrowser -prefsHandle 2592 -prefMapHandle 2596 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 632 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {20f8f54d-d68a-4be0-899d-98f0fae8a6ad} 1624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="1624.5.1376464196\2057076105" -childID 5 -isForBrowser -prefsHandle 2864 -prefMapHandle 2868 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 632 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {e2cb4c17-103f-4a49-a990-015c50c55be0} 1624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="1624.6.46819484\1186928860" -childID 6 -isForBrowser -prefsHandle 3020 -prefMapHandle 3024 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 632 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {246d6edc-ba97-4d8a-b84b-275875d1c863} 1624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="1624.7.701230150\237094073" -childID 7 -isForBrowser -prefsHandle 3272 -prefMapHandle 3292 -prefsLen 25332 -prefMapSize 245849 -jsInitHandle 632 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {8dde9e06-5ba8-40ac-9db4-82d578da05e2} 1624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="1624.8.952710568\1316138933" -parentBuildID 20240416150000 -prefsHandle 1636 -prefMapHandle 2488 -prefsLen 27451 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {b540f9f2-fd66-40f7-b251-b55728aa2f18} 1624 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="1624.9.304826317\893676600" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 3388 -prefMapHandle 3396 -prefsLen 27451 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {feb3a2ee-cbd5-4246-b3da-a75a73ddc998} 1624 utility
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="1624.10.1156210745\59626625" -childID 8 -isForBrowser -prefsHandle 3820 -prefMapHandle 3876 -prefsLen 25332 -prefMapSize 245849 -jsInitHandle 632 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {d66a2d29-ffe8-4cd8-86ce-7ac2931568a2} 1624 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI28362\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile90vjK8
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile90vjK8
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.0.202796567\1850234000" -parentBuildID 20240416150000 -prefsHandle 1240 -prefMapHandle 1232 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {c45bc412-e3e8-4a65-9a85-8c9a1c7e3fb8} 916 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.1.87697767\1113400195" -childID 1 -isForBrowser -prefsHandle 2056 -prefMapHandle 2028 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 668 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {597ba39c-fbdb-4c4d-a6d3-2290d9418ebf} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.2.1034663898\996179130" -childID 2 -isForBrowser -prefsHandle 2288 -prefMapHandle 2284 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 668 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {57f9b185-57a8-44f1-8e20-d74d007d24d0} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.3.82305643\980608751" -childID 3 -isForBrowser -prefsHandle 2428 -prefMapHandle 2492 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 668 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {37d45db7-68fd-483a-863e-e5a1d65dd922} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.4.1406050852\757218016" -childID 4 -isForBrowser -prefsHandle 2792 -prefMapHandle 2788 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 668 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {0158c8c8-ee2b-416f-9d1e-88b79810de6e} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.5.1484149592\1798432704" -childID 5 -isForBrowser -prefsHandle 2916 -prefMapHandle 2920 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 668 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {d4fdae1e-7449-42ad-854f-06c95bc81f60} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.6.1466601926\1067011057" -childID 6 -isForBrowser -prefsHandle 3076 -prefMapHandle 3080 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 668 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {ca5d377a-7d38-4808-be73-73fe1c0c7960} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.7.2021206354\680308368" -childID 7 -isForBrowser -prefsHandle 3344 -prefMapHandle 3340 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 668 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {4cf6e8e9-d11f-44b8-839f-3696ed91e413} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI28362\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK8UgJx
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK8UgJx
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.0.770990846\1398836174" -parentBuildID 20240416150000 -prefsHandle 1224 -prefMapHandle 1216 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {ee333896-e1ac-4388-9d39-dc31d06d0ddc} 2684 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.1.1311231322\363344279" -childID 1 -isForBrowser -prefsHandle 2220 -prefMapHandle 1888 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {de4b2fb5-4e46-482d-b1c6-080d2abbecc7} 2684 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.2.190306210\1476662671" -childID 2 -isForBrowser -prefsHandle 2384 -prefMapHandle 2380 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {aa52888f-8793-498c-ad7c-06dec9d56838} 2684 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.3.317307971\1542420927" -childID 3 -isForBrowser -prefsHandle 2388 -prefMapHandle 2356 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {10370754-7f3f-476b-b23a-ef7708b0d47c} 2684 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.4.1658350403\271001153" -childID 4 -isForBrowser -prefsHandle 1088 -prefMapHandle 2816 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {d895857e-40a2-4822-8833-e297012624e3} 2684 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.5.2017237374\27702508" -childID 5 -isForBrowser -prefsHandle 2940 -prefMapHandle 2944 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {068fc432-a0f1-4394-8ac7-5aed55ad4d70} 2684 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2684.6.187441421\223030977" -childID 6 -isForBrowser -prefsHandle 3100 -prefMapHandle 3104 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 864 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {20d0d913-723c-4fd9-8612-e89b6be27e9a} 2684 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI28362\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileadpdHn
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileadpdHn
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2892.0.355776255\1053071137" -parentBuildID 20240416150000 -prefsHandle 1196 -prefMapHandle 1188 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {5906fe19-d72c-4e3a-93a9-930e2876e2c7} 2892 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2892.1.1153145399\255648460" -childID 1 -isForBrowser -prefsHandle 1704 -prefMapHandle 1976 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {ac9959b3-b565-47fa-b327-45800c19e3b0} 2892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2892.2.235465548\233658333" -childID 2 -isForBrowser -prefsHandle 2248 -prefMapHandle 2244 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {c5dc65b8-b253-4ffb-852e-6638ffb5359e} 2892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2892.3.2096293236\1098542002" -childID 3 -isForBrowser -prefsHandle 2588 -prefMapHandle 2432 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {e37c3994-eb87-43e7-8b02-496b195eb4d6} 2892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2892.4.448465472\986954779" -childID 4 -isForBrowser -prefsHandle 2792 -prefMapHandle 2788 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {61347179-9d0c-40f0-91c8-98a4e444ba05} 2892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2892.5.167342596\1875831165" -childID 5 -isForBrowser -prefsHandle 2912 -prefMapHandle 2916 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {46d56452-55d4-4215-b67c-a6acd8fce700} 2892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2892.6.1100711091\2015226534" -childID 6 -isForBrowser -prefsHandle 3068 -prefMapHandle 3076 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {7f93d7b3-8807-4aca-accd-7c8097b142e6} 2892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\firefox.exe" -contentproc --channel="2892.7.2033634557\1795516825" -childID 7 -isForBrowser -prefsHandle 3440 -prefMapHandle 3436 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\browser" - {2cab7534-a261-4a9c-9b14-7b00ae72560a} 2892 tab
Network
| Country | Destination | Domain | Proto |
| CH | 213.144.142.24:9001 | tcp | |
| LU | 107.189.31.232:9000 | tcp | |
| US | 15.204.227.206:9000 | tcp | |
| AT | 152.53.18.94:9001 | tcp | |
| N/A | 127.0.0.1:49563 | tcp | |
| N/A | 127.0.0.1:49575 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49665 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49702 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:50166 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50201 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:50794 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50829 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:51304 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51339 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:51750 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51785 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
\Users\Admin\AppData\Local\Temp\_MEI28362\python38.dll
| MD5 | a2d1ef944a3b2ece9251bdd4528d71be |
| SHA1 | 5d422a39b769cddf186e36eba348a5382bb81ab2 |
| SHA256 | 59e24582777846f7b5eb952b08a2346801ae20674f0d18a65c0d415095b8e543 |
| SHA512 | abcfad3bb39d143bd56d350d83a4c9ded669504ab89e5d860862e04801e419cc96d8169d1df320a69a97f13ea6f919a34c68098c3d563cb9eccc6f7c9a978828 |
\Users\Admin\AppData\Local\Temp\_MEI28362\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
\Users\Admin\AppData\Local\Temp\_MEI28362\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
\Users\Admin\AppData\Local\Temp\_MEI28362\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
\Users\Admin\AppData\Local\Temp\_MEI28362\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
\Users\Admin\AppData\Local\Temp\_MEI28362\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | a476120b2211f8725f3764352a6f7d28 |
| SHA1 | 5c166fed2eb792fb4a59ae42abfd6f6cd1a07e7d |
| SHA256 | 248d9a84421bf8408d6e127666b662f2dca9188d4d7487cf7f018f54c903cee6 |
| SHA512 | fa8801bcea830ceba340c28d9a3be61711b1ee312368364d51c56aa8df19931e237373674e41b523cb1a4446476cec62c1595582923ce64706c1e5198aea69da |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
\Users\Admin\AppData\Local\Temp\_MEI28362\geckodriver.exe
| MD5 | 03e46f0ba31e614f40092d699774b2ae |
| SHA1 | 36007b6459149d5e9f3d2172322de262f57c1ca1 |
| SHA256 | 5b68cef6c131bc257003a9c37afc806de5e4a7b41791a926049720c23c22a8fc |
| SHA512 | d6be8db7a95fc0a44e4593625a226683bca224e7f85e38f3cdbeb8e920792ff3ae656688823c0faa379fd6e1a7ece8569c3f3a148a901d9671e92af8ae58795c |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | cef7e290b89aea3372d2ca019c5ed6a1 |
| SHA1 | 2def39d23c90ec7099b0ae7fe160b82505dac63b |
| SHA256 | f2c482fe41b468e670ca6b93c3be99e805a8f65ddfa5b24a47266876b6ddfc2a |
| SHA512 | c905b7ce4e3e9c67d8453d225f5f54e224ce151816723f8f44cd3ddd0ce3d9d69e024d00a37d8cb33817f381273e478097eb68121794b7c67666b13da5c60018 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpzcxgj06w\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 009cb243c28f525419e23bf0aeb55b91 |
| SHA1 | 7f0c1ace24fd9f6ac89efbb1003b534fc93417d4 |
| SHA256 | fa6f5f4f7a87f8ead5e9b786e39448d0755ed75d82e9da264136952409721d20 |
| SHA512 | 92da538f4796ad26c92d0797a55a937f5d847a58357910f83da64975a315c83062ddc9306d9037d08b3bcb250444652d2025e1196c1a8e11ace815a9affdb593 |
\Users\Admin\AppData\Local\Temp\_MEI28362\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | f3f55cfed1db00a7ca5b252c8da9daa6 |
| SHA1 | 7d701244151349bee2e580e2b791b1fc47d0f402 |
| SHA256 | 630c7cb6f3d4fb4710faa84302294565a60a1ba723d331cc3002bf73f8d0431c |
| SHA512 | de13880db5aa19cc11562eed00bbf6109d21f1ab0825c97d10c35ce4044e1eebbf7b9fe47a712546cbf129fd75e33cc1f92656742194f01e8dfe652eda1e6f9b |
\Users\Admin\AppData\Local\Temp\_MEI28362\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
\Users\Admin\AppData\Local\Temp\_MEI28362\libcrypto-1_1.dll
| MD5 | 95c6303a3959e746ad2a37f0558a73fc |
| SHA1 | 4dbe9ce43c9b894947d6388f13b639e6e321d9bf |
| SHA256 | 0e2e78ee499687bee1e30a492c67acb68efb77d12f33b951f964aca1469be98e |
| SHA512 | 7962ffd5bd58495b8b1856c45b6f7ace65378d60f249208d6f883b5e851e95bbb82d1eba2ad563c3747b65db4ace85bcedf0330e6fa856a218dc1a7df11454e4 |
C:\Users\Admin\AppData\Local\Temp\tmpzcxgj06w\webdriver-py-profilecopy\places.sqlite
| MD5 | 6aba2d0351e5cf9191433296312e2128 |
| SHA1 | 724b71969c12657e847ab17f2fe81dbb6bcdf448 |
| SHA256 | bfb39d0bcf90d9bcd33d78ca8ffe3e63cb7c98d2523ab09e1d3e0a5d28c6766e |
| SHA512 | a5d766ab16ddf31bcb7728054702fabde9b9e638f414827c2d180740d7263170061b425aaf29c29ef1e6d3dc342d58cba5b6660fe70fe646e304c6da63df4a66 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\unicodedata.pyd
| MD5 | 74f0f14027b885ef241534fa196562c4 |
| SHA1 | ce3b7da95afcc5d5a1ba98b3559838fd5c590ad4 |
| SHA256 | 0699d54b62a6af51ba3066d2234cdd0993888e96e508f6601bbc072c5ed850c5 |
| SHA512 | 44e53181dbf565f374ffe66f8963d2e48733325df23fd0d4e3d4ecc23a7dcbebc5553a8aba83e918a59263c43a29d2873f252249e43d20525def232fdff0ac18 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\top-1m.csv
| MD5 | bde8be24d19b6f197ca175d49f57a2dd |
| SHA1 | 2b14d577ab3ed746b2a67db0bc01dfdcb67ba07e |
| SHA256 | 6e656f6cbdf9f7958807acf42e5dc8ff9d3c35f47e76b4c4a096cf1a0f64ca5e |
| SHA512 | 0133386681d09db3c25c12bc1dca9054a6ac4b9aa019e0073460416961185c566e83b10ccc623ae088163a6eaeb5156d9095e72e374081bc63a18b76fdb75923 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\nss3.dll
| MD5 | 994bfc2fc10158225503b93c393502ce |
| SHA1 | 66026e54aa8b516df5363571774dc234da41be9a |
| SHA256 | 0f24198a691bf78dbc6e6d69698307c9f9834dd7615f96508204d365fee188e1 |
| SHA512 | 2233393819136e00ed4d0ba4af07528d6a73e0dce0b85793479fa500f03d3e55820618428d2b85af6c316726593c1c056964adf5823ab4135a236bc3801b6abe |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\libcrypto-1_1.dll
| MD5 | 9600e271fdae8f716d352b9187570564 |
| SHA1 | 5f88244f192303054dd1c371232ed16d62a1ae18 |
| SHA256 | 546a0fad95f09e920d4e7a2290b1699e988b00113742337c23ee3f82df8ad043 |
| SHA512 | 7146babb3f64e67cc82ef23e4f958d2cb7d90d10e774eb131fff67e7dfd7cedf675afc98f3b13e26233369b49f7d85795fb036743e7281984808ca32bfc37e38 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\geckodriver.exe
| MD5 | 0c5db0eb17c8d3d150f83fe1f6f1cdac |
| SHA1 | c4ec34bd1ddfa10b7f9573bd8b78e2156df072a9 |
| SHA256 | 12fc60109b5babb7220ae9b1ba044c03362c14571ddbc0cdbf862b9cf099b716 |
| SHA512 | 5a7312adc507ac1c59ae543d06a943f01214b7e417e9f992beea3a3b782480c8806e42afa96e8eb66ce394a2b6b47052260ed0b509d08e7db0a64f493e85aee7 |
\Users\Admin\AppData\Local\Temp\_MEI28362\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI28362\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 5be1294eb3b2c41b9a650ce10a0700c2 |
| SHA1 | b78b0211f3c307bd4d8500d73b31a1ab917def2c |
| SHA256 | 1dd4549547c3f6b3e96c60818f2770ff483429dc2315d81ff6f118cc7f393745 |
| SHA512 | 2f9068f39a903b6676ad1a38de556db1ebd0582ccdeb459f24ea7ed9deb37285bc447130ba8eb690fd31a1499fbdaa5ef848ea292233023da798e2a4c8e73a8b |
\Users\Admin\AppData\Local\Temp\_MEI28362\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI28362\python38.dll
| MD5 | cf8d8acff0fe20588f173649fb5f66ed |
| SHA1 | 56e7d85ff383879dd345ae6f6393c4f121a413b4 |
| SHA256 | 2ba3fa7a65b7bd398a87eea6e44e01c1e49aaca92612b21fc133220e506aecb0 |
| SHA512 | e8480d0ec737025cd2666a7624df3f2329d4aea5d1f92cf300fc82a5c3d4905e1722759632078137eea05095a776a07000aeb1c78f155be3f1ac2967f5be433a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTbdUcs\extensions.json
| MD5 | 634e922a78bf26ed5c5d06b41dbe050a |
| SHA1 | 348f78b5215824a1f3be6da9f9fbd3b6246e22df |
| SHA256 | 1ac87072bc5ccf636297c361b368c15f9affffd6d3a627447736cb2460d11881 |
| SHA512 | a6ab3ef4f08784cc8aff6baf4c333ba43cb127fba364df2e66ce1c444c0e6396c939cad845b3a322f2c8ca49313e78357e63f6749820d174cec44490787a4e8f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTbdUcs\prefs-1.js
| MD5 | 1cd8322ab48eb7e1021f458e1664a6c0 |
| SHA1 | 00538583a102a651b90b0dab2813cff7d783718f |
| SHA256 | 2574fc2ec7fc6efce164163d74d6c32b01a309717397ad632c094a105f7187ae |
| SHA512 | bdc30f58046c6b9053d5f200bd43af14c97d3a95e5385a1711806dbb7960eaba756e91de0c097205c473b8131285e8b7eb2c9d68a0c81f31d983eb0880b50c70 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 491d66442bb9e27fda1acd2abda5e1c9 |
| SHA1 | 5b0d4d96d0bbdac6d975202a4f9dff15bc382b59 |
| SHA256 | 0ada072e20e2be724c10c61a4719f8f263f0d1e91a6b83e774bd7c53fb50fd62 |
| SHA512 | 747992cf490dae6dc02160a115dcb42c7dd7089ee600c22541c1d4a2da7ddc728791293cdfa50ae135082da910e80fe8e6a681093a36271d38f21458f30fa699 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTbdUcs\prefs-1.js
| MD5 | 1b76686caa923b7a1a4621ee0549096e |
| SHA1 | 473d762e2ed14c251f32333f607f009dd3a9c5e0 |
| SHA256 | 2271b852a16cce4494eb766aa5bb48f46a5b9bd53834d238ee85748c1ed91dc9 |
| SHA512 | beec8a273e10e4bd96f0c51a6a465e986dc24b47336e09037ae5bebfd4a4fd88d24fcbea393c33e5d572881b02c38270be3b412d1430756db3f6466e96b55d55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\startupCache\webext.sc.lz4
| MD5 | 4a21d602e2b0c59a13c5492b42653c91 |
| SHA1 | dcbcdebfaf069ed6319a50b3a987f21c807bd799 |
| SHA256 | 726cc21efcde895740a4d5c4be4d2af750b2fc950cb87f78adf26accfedb8958 |
| SHA512 | 1b6d0029d168a4fa8a7dfb8b5ce801a12f4600a1a8df963f8c6350e1799381f39239dd16488e76aed950233315d43f7a631afb0394a6b0962d15d5d64fe08942 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\prefs-1.js
| MD5 | 2e6fa3f0d3e497af4f2beb8153905065 |
| SHA1 | 437f1cbb4da770824c6fb65e736f834edb72d4ab |
| SHA256 | 19390b8ff4076c9193144eb8d780145496479b73bbb05a22703044b930122247 |
| SHA512 | 9ff30bb457e049989088f5836d066571c1ba548c8c25c1a1984ecdef036151efe553acdd1f8d4b4cd7ff88a0dfe993a6cf1828531326819782e292e6c3a0103c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\prefs-1.js
| MD5 | 9c2e17da4e3a76815253c14f5535afdb |
| SHA1 | 148f311689d085e44056f2373b93bf037a3910d4 |
| SHA256 | 73bb341df75418536fb059168bb27d9bc896fdca67b374fea1cfbac909169207 |
| SHA512 | c07f15baf72dd00c16f38079a2f324c20aaac924f3b4de03c6b801761844f86d46a277e1c10b7daff6170532a4a6fd66e68f13cc08fa764bd16b765faf8d1b78 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej4stz7\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile90vjK8\user.js
| MD5 | 2cd0c7d16be65624274cfae610fdf6d9 |
| SHA1 | b7c762a6cd1405c85bde620c94b3820d2e2cc425 |
| SHA256 | a2fa988b218205b3363c21f18dcb22226c1ceaa2cb77ec4c1cb63e204e8f3bc3 |
| SHA512 | 4916439f72cc51eb808cd67a226b2fdf5ef2348e0ad89b6c6675fc58d0fc75ba3689f5edb96c4a9af0fccfd06711a326157d2f77bfb168f1241f441e5d593dc6 |
memory/916-1742-0x0000000007BD0000-0x0000000007BE0000-memory.dmp
memory/916-1739-0x0000000007BD0000-0x0000000007BE0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile90vjK8\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile90vjK8\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile90vjK8\prefs-1.js
| MD5 | c4a485e44ae5735d8b7051b6d40dca38 |
| SHA1 | de8674a4098d626c6c80926e3ac31295ea9029c3 |
| SHA256 | e4556726a201179ad3c785bd080832aaae2c35bd4261405dda7d251dd1ad3929 |
| SHA512 | c3608a61653e91166f069047b72c210da2d7fa07b7dc10c2c26247d80eff4919448c92f7957ec479a989fafd71ef509efc040504f0ed0167138698b4f88e9523 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile90vjK8\prefs-1.js
| MD5 | 799e3dd177e4108bec3220eba7dce53a |
| SHA1 | a1129cfd968927528ec8f80527f95721a00da9a4 |
| SHA256 | 123477ef2878aefd37367d1735965f3f1339033fa08fa18c07ac478bbf78c9fb |
| SHA512 | dd03ca066b9bc1e76a7c8963f776c15432be6a8c6de00e1cde065d237ff158befe6e689ba304f75af205060e3ebd7a20cd24fcc71b1ee66746e9cc9f6c75c957 |
memory/2684-2225-0x0000000009BA0000-0x0000000009BB0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileK8UgJx\prefs-1.js
| MD5 | 3fdfdc89328fbd2369ee5726ecc9e44e |
| SHA1 | c4e2259fb37d98b8dc73e336551104d04c275f0a |
| SHA256 | 74ce9c15dec250dcbfefcf7eb9f0362f257631d43d290325519cc591879d9b82 |
| SHA512 | 57c955cdacde95b11afa8e90f0211afb60c4b7ac47876e009a9130bc895bbfe5c4f4a676a8888bf31109b74ad605b3b890d4bb956f3254a0ef0bfc9e4c3ef263 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileadpdHn\compatibility.ini
| MD5 | 2d38dcbbffe56941aca65d5c0f1581c7 |
| SHA1 | 0f54ee054c90dfadc0f0478a04aaecded25fbd15 |
| SHA256 | 54e839c4e89c013353b224b0d9b99fc6f6a9050a7c0099115049540c6d7ffe24 |
| SHA512 | 98ef617ca4b6ba6d020e3107bbb052adc58b30634f88af6401ee655a6790368e80c578a3a91b160bb5a89edcb140536c1c8223d0f38a57dd033ec9e3f91209fc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileadpdHn\WebDriverBiDiServer.json
| MD5 | 588c0fd9303cd517cd8991361ee77d43 |
| SHA1 | f0e98d927756b403434bf9779828b202470dadda |
| SHA256 | 0c97cca358390c391b821938ce78ee3f21d8791b5ed8366cb37716268b3cca0c |
| SHA512 | fc0efcd87d52f97acc5eea271a8d87917210642231ed3df53c45745a89cb56461da742084ea69c8c0a605c582a7b954ea3a386e09769d2aca6a9a45b08656046 |
memory/2892-2618-0x000000000A5B0000-0x000000000A5C0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileadpdHn\prefs.js
| MD5 | 2bf51f8e8b20757e399be99c2a692c9b |
| SHA1 | 2b6e403f0a6defe665228e6a89855298d8726135 |
| SHA256 | 60fb123dee68e406ea04d4d6724eb4808227407445e8371c73207028d30822aa |
| SHA512 | cc47d824bb545ff1ccb999744cd806200e0ef74be89b840dd1c9f7c5f7c35e2a3bb433339a9c5262ffb4b6fddd83037c18864914f55a38076ebaef890d7e34ef |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileadpdHn\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 1c001c27bad365a8681b93910b4562ad |
| SHA1 | b1c102ab28842b8bc31eb7ed564ccb22778876a6 |
| SHA256 | 3097f037c9d374f0d3910e2915b7f660cefa6f3ef4d0c6709db35902e7d079cc |
| SHA512 | 26da8a30e2647e29cc42ca292b0618300fd7207be0a083b2db70d8e4cd84516b4be96d6fe8b7b87af36e0c3fd4cbe9b84f6eb9516b3751e555c27653e27ac40b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileadpdHn\prefs-1.js
| MD5 | 4aa318f2c7d2f16faf81e7af0f8d8e99 |
| SHA1 | 5418dc7d629522dbecbca3f4a94ff9dfb4e70fa9 |
| SHA256 | 838f097ddedd03af3d96143b08726d297092a50f9dd1a6920f33beb3af5d71c2 |
| SHA512 | e7328ff378318e76d9485466153b16559a07175fafa93e3c2c6cc36b0cd5a2acde12d71d9886e3170d15125e5d5a6aa3705a2a0be42c0211a2bccabdeab06cc4 |
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-09 00:47
Reported
2024-05-09 00:59
Platform
win10v2004-20240426-en
Max time kernel
300s
Max time network
310s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI44682\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44682\geckodriver.exe --port 65323 --websocket-port 65324
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 65324 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileY3xbUj
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 65324 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileY3xbUj
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4952.0.1485966525\581217859" -parentBuildID 20240416150000 -prefsHandle 1664 -prefMapHandle 1656 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {e317ccfb-9c30-4dee-8cc5-5c44e110e79c} 4952 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4952.1.164539061\1721641901" -childID 1 -isForBrowser -prefsHandle 2328 -prefMapHandle 2644 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {073fa7bf-dae3-431c-907f-2078a4ed3825} 4952 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4952.2.50343157\1755911040" -childID 2 -isForBrowser -prefsHandle 2912 -prefMapHandle 3012 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {7e810e92-cdef-4ec0-b4e7-8d24c7a82035} 4952 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4952.3.1760218523\1814629934" -childID 3 -isForBrowser -prefsHandle 3296 -prefMapHandle 3300 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {e71b7dfe-e4e4-433c-b237-74f562a7a37c} 4952 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4952.4.1439850340\1533928704" -childID 4 -isForBrowser -prefsHandle 3440 -prefMapHandle 3236 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {0ea1747d-4cdb-4fc2-b27e-dbebe9b91ec0} 4952 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4952.5.940415616\444137229" -childID 5 -isForBrowser -prefsHandle 3912 -prefMapHandle 3916 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {5b149f62-63fc-43ad-b7f9-2c2353de1994} 4952 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4952.6.1737163679\1993549397" -childID 6 -isForBrowser -prefsHandle 3964 -prefMapHandle 4068 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1188 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {0663b613-9a8c-4062-adb2-97a7cd0e44ff} 4952 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44682\geckodriver.exe --port 65323 --websocket-port 65324
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 65324 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 65324 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2212.0.783386644\666504143" -parentBuildID 20240416150000 -prefsHandle 1692 -prefMapHandle 1684 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {e3e77352-1418-4986-bab3-70212de619d6} 2212 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2212.1.229245837\591281525" -childID 1 -isForBrowser -prefsHandle 2660 -prefMapHandle 2368 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {a7c5c259-e372-4b72-a4f8-4f3924b3ea0e} 2212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2212.2.1356662587\483804056" -childID 2 -isForBrowser -prefsHandle 3172 -prefMapHandle 3168 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {9c63e4a8-db4b-4f85-b992-a35c21cbfc0c} 2212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2212.3.1802191055\1690221979" -childID 3 -isForBrowser -prefsHandle 3564 -prefMapHandle 3212 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {1c80342e-badd-4837-b48c-39326657dd46} 2212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2212.4.1314134903\2146466347" -childID 4 -isForBrowser -prefsHandle 3232 -prefMapHandle 3228 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {f64b5b8a-372b-47d4-9dbf-df9c0c4b84dc} 2212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2212.5.1083027074\968657682" -childID 5 -isForBrowser -prefsHandle 3820 -prefMapHandle 3704 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {73a79183-3932-41d9-80f6-3f69ccbf4a35} 2212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2212.6.1160655818\1805260979" -childID 6 -isForBrowser -prefsHandle 4072 -prefMapHandle 4068 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {3f799be1-8378-4722-89dc-8837c9b6713a} 2212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2212.7.2020330075\1843108485" -childID 7 -isForBrowser -prefsHandle 4524 -prefMapHandle 4528 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {c3f4bbbb-871c-41be-93d0-c995c3287e13} 2212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44682\geckodriver.exe --port 65323 --websocket-port 65324
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 65324 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOwiGqU
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 65324 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOwiGqU
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2864.0.1457741637\2010823586" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {8cb5f97a-686b-4a1c-bbd7-3e7b50c852e8} 2864 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2864.1.1289641011\1538710052" -childID 1 -isForBrowser -prefsHandle 2448 -prefMapHandle 2444 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {877dbf1f-eb8a-4e97-93e3-6497c55bc999} 2864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2864.2.1787326992\1644658286" -childID 2 -isForBrowser -prefsHandle 3184 -prefMapHandle 3180 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {89e51d53-d5d5-4adb-8562-e8e81554c9be} 2864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2864.3.1764460120\370858924" -childID 3 -isForBrowser -prefsHandle 3352 -prefMapHandle 3144 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {c113fc4f-60f3-4e14-b106-c59df45c4235} 2864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2864.4.234800801\1825887587" -childID 4 -isForBrowser -prefsHandle 3644 -prefMapHandle 3612 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {d63a36ce-509c-4ecd-be61-e68d44c8bf3c} 2864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2864.5.2051576988\1393701332" -childID 5 -isForBrowser -prefsHandle 3952 -prefMapHandle 3964 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {4c68c51e-2d20-412c-9267-ade27dba5635} 2864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2864.6.160511547\752567128" -childID 6 -isForBrowser -prefsHandle 4160 -prefMapHandle 4164 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {c7e86595-d37b-49b5-924e-9a1a5a2beafb} 2864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2864.7.2068153786\1802589820" -childID 7 -isForBrowser -prefsHandle 4496 -prefMapHandle 4540 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {abdea1a9-2506-463e-96a1-d53afb6392c3} 2864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="2864.8.775171072\841612239" -childID 8 -isForBrowser -prefsHandle 3208 -prefMapHandle 4488 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {6129aa0c-f221-43ec-83dd-6859446b481b} 2864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44682\geckodriver.exe --port 65323 --websocket-port 65324
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 65324 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5tJd5B
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 65324 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5tJd5B
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4460.0.1128526314\1806605585" -parentBuildID 20240416150000 -prefsHandle 1672 -prefMapHandle 1664 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {a6754a1d-7bff-4a02-9521-315ba7ff548e} 4460 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4460.1.1587466485\1610915787" -childID 1 -isForBrowser -prefsHandle 2500 -prefMapHandle 2652 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {945864a2-b7f7-47ae-93c7-42c06d72c37b} 4460 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4460.2.2110918511\579255074" -childID 2 -isForBrowser -prefsHandle 3268 -prefMapHandle 3272 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {6815b8e5-0916-44be-8da3-fcab03ae1651} 4460 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4460.3.307373279\1688526398" -childID 3 -isForBrowser -prefsHandle 3360 -prefMapHandle 3348 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {5fc6e4dd-0bbc-40cc-99b5-24015996e55c} 4460 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4460.4.590416032\1531050503" -childID 4 -isForBrowser -prefsHandle 3852 -prefMapHandle 3856 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {a51fbb87-dabe-4255-b639-468be800efb7} 4460 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4460.5.2104509885\766517228" -childID 5 -isForBrowser -prefsHandle 4112 -prefMapHandle 4108 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {b7374d3e-4373-4697-80b8-3bf6356d5869} 4460 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4460.6.746519433\1656518827" -childID 6 -isForBrowser -prefsHandle 4116 -prefMapHandle 4172 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {b22d4200-d0c9-41f1-b6e6-eddd42f75317} 4460 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe" -contentproc --channel="4460.7.1701736181\89027318" -childID 7 -isForBrowser -prefsHandle 4724 -prefMapHandle 4624 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1288 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\browser" - {d51e19ac-2869-4ca9-94ee-d8b168d2891d} 4460 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| DE | 161.97.184.88:9001 | tcp | |
| US | 8.8.8.8:53 | 88.184.97.161.in-addr.arpa | udp |
| FR | 62.210.125.130:443 | tcp | |
| US | 8.8.8.8:53 | 130.125.210.62.in-addr.arpa | udp |
| DE | 185.162.250.173:9001 | tcp | |
| DE | 146.0.36.21:9002 | tcp | |
| US | 8.8.8.8:53 | 21.36.0.146.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.250.162.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:65426 | tcp | |
| N/A | 127.0.0.1:65428 | tcp | |
| GB | 23.200.147.25:80 | tcp | |
| US | 8.8.8.8:53 | 25.147.200.23.in-addr.arpa | udp |
| US | 204.79.197.200:443 | tcp | |
| US | 204.79.197.200:443 | tcp | |
| N/A | 127.0.0.1:65323 | tcp | |
| N/A | 127.0.0.1:65323 | tcp | |
| N/A | 127.0.0.1:65522 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:65532 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 20.3.187.198:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 2.18.121.31:80 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| GB | 23.200.147.25:80 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 20.223.36.55:443 | tcp | |
| N/A | 20.223.36.55:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 52.111.227.11:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 2.18.190.79:80 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 20.223.36.55:443 | tcp | |
| N/A | 20.223.36.55:443 | tcp | |
| N/A | 20.223.36.55:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:65323 | tcp | |
| N/A | 127.0.0.1:65323 | tcp | |
| N/A | 127.0.0.1:65323 | tcp | |
| N/A | 127.0.0.1:49487 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49495 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:65323 | tcp | |
| N/A | 127.0.0.1:65323 | tcp | |
| N/A | 127.0.0.1:65323 | tcp | |
| N/A | 127.0.0.1:49846 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49854 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:65323 | tcp | |
| N/A | 127.0.0.1:65323 | tcp | |
| N/A | 127.0.0.1:65323 | tcp | |
| N/A | 127.0.0.1:50185 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50193 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI44682\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 609ed4a7738d4fa849ca0dcc8b7dcee9 |
| SHA1 | 4d64964c371c9f7e244c321a9530b55010625e8b |
| SHA256 | 6cb41969da3319d6e6be5d03240a9590d759ca0c0ca3a0eb884619b9da3eed39 |
| SHA512 | 6b4685b0c67d7c7aabebd31fc4700573654911e6d92035aa0606d859dde5f45c20d3ec5508376f59ed338dd710c57a9841937969ad8b1744a251abc6ec655f23 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 549e54a44c7326c30548c998a1d16424 |
| SHA1 | d4375f9ead356aff85d60375b08db168195d5089 |
| SHA256 | fb2df7a858dbfacbedb5ce100bc71dff2b1e1991b2d574c1d3d46701ceea5433 |
| SHA512 | 7325a6d2ed8cf43c4665f2cda3f4f9578de7a87cf70178eff7e927bb8b58f0dceff4b4bf6029593ff64fab052718cf2da8228275580071de2d0fb77fcb4bb897 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpt7k96_1l\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\top-1m.csv
| MD5 | 8e557ee3798c11aa27178fd4fec9c267 |
| SHA1 | b709dc69562ca372b7e469c3bc4930841941faf0 |
| SHA256 | b57a955285e2a9ef19726616672a83c89699811a58d323fb6f7a60333f133585 |
| SHA512 | 661448af256e33093be38dd5416c2c07fe9c557363d6519696dc365fbd4e35a76a64b0f747d669cf7d7c26cf9847d908d250554a5e172eed2cd707cf02791566 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\python38.dll
| MD5 | 450f118014d7fd3fc6a8970b4890688e |
| SHA1 | 032405d4702c146ec48e6688dcb96e350d094c24 |
| SHA256 | b0bf609028e191edadb7bcf694fae3d71b50fe3e61cb1e00190881645f19b001 |
| SHA512 | cde12189f13979341a674040432451f1fc6de6cff0357d95630ca7a96af997e88c5d9c212476a9331c29f1243f45dd86ee8999b95247d5ff4426344c1038b13d |
C:\Users\Admin\AppData\Local\Temp\tmpt7k96_1l\webdriver-py-profilecopy\favicons.sqlite
| MD5 | dfa3a4ce64626cc3964d930ba7b9fdcf |
| SHA1 | 530ba947eb29f5e795c14025e3daab79b433a86e |
| SHA256 | e4ba330d49ad29b868f5716e4d137f2cc141aabae38f598832b616a596183472 |
| SHA512 | 1ec099138fbbdc0f01c25ee802467a3b994577a353fa995f4dc45182cca9b5703b98faa46da022af077f7dcb51a466775421e6bcac9d655d395a7f411061e0d3 |
C:\Users\Admin\AppData\Local\Temp\_MEI44682\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/1408-488-0x00007FF8D5660000-0x00007FF8D5661000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
memory/1408-487-0x00007FF8D64D0000-0x00007FF8D64D1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileY3xbUj\extensions.json
| MD5 | 8787083f7c607e35d037e364fca7611f |
| SHA1 | e61c0c92e5710ec9d8c4f51d97e01cb3ef5a742c |
| SHA256 | edd60e6a2624aab5c99005e1d16f16b26a0cf87fb9333eff97348bf0c904ff48 |
| SHA512 | a6abcb51fda2165e97e538881bafdb9e371d09e24424d3c0d09f2cc8f5568727e2e5da1cac0eb33a07833fab39440c6122073e12bd23edafef0fe45b7c85f437 |
memory/4952-595-0x000001BCA3520000-0x000001BCA3690000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileY3xbUj\prefs-1.js
| MD5 | 709a3b251aeb70bd56a38cff8eb58645 |
| SHA1 | f6bbb1310e1ded5efb597b947ce2bfdcf6701e27 |
| SHA256 | 202b91e9fcc248987839a616d0e30aefa6c603c9c79467b66a276781070eac1b |
| SHA512 | 1a046dbdee37b89b37da51586ee461c869363787ac11e299f92c124bf4a485b6f5c6f9cbfaa6b11d9a8b8bbf1484430b644778f35d4aa3bffd5c79809f5c6494 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileY3xbUj\prefs-1.js
| MD5 | 43a61fd4ee547f0d748442281a51d036 |
| SHA1 | d6a1ff82cfcd833668d8448589396b1b861e128e |
| SHA256 | f7521a4c1c9d1b5127d0710b7d9bc49d1c88c07669116265fc6a103347545029 |
| SHA512 | 2a2294f53f123ea1653df642d3e760fb0a5f94a40b7fbde412247c573cbce007dc58e9602be1b45e8de7404c40b08f11593c86382c5808c2ade7113229d99dfe |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 5a4cfbc21687801337a381b03494de30 |
| SHA1 | 544b74b31d7029cccc2f8fb282fe39f2851b9cf8 |
| SHA256 | 0b0497b6579f098e37bbe33f95383b217ec7a8c8b8d344b95e8570fe7f3c1ec6 |
| SHA512 | 881ca2536d847b4df21b021af2e5ca2d15228be1be61abe3a1561b9241e6ba86d83459fe7cdac5087a1810a7830603c25c0162a092b387165bde8d96de513abb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/2212-832-0x000001F6EDF60000-0x000001F6EDF70000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\prefs.js
| MD5 | 9be1039c200b7f8075bc6b6a1d7f72e3 |
| SHA1 | 1ce3b0838722dc423c97b4fba2f4e8ae0e23f2d9 |
| SHA256 | 06ce17df6fd758c30d8a693828d6073b6db20d97161e7b7f19d8da6bbd9d26be |
| SHA512 | 500165407a51f0c459eb45945427150cf5138b41ed7aa802fdce2cea2f071bb67d9fc549f1c4a2955a83373a8403cafb7e48c175e8dbcc2313a3a4415c755452 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\startupCache\webext.sc.lz4
| MD5 | 4cf7038234d50199e1eab5149f964838 |
| SHA1 | dd80d7478127ecc3e04db9760d86ca5068f8e4a1 |
| SHA256 | 70fd4ab39a2337df3e29195ee880b25b349ea4e5f6e7b554c0dae7b030673253 |
| SHA512 | 0dfc22dcd2d677be94c2634f3ecd1ea4b59af7b2cfcfc1014bcbc1cd5ae162c04323e0834f7a238ca5fc7a2f1fb1fcf62f0a422a4b094e248efef9200ac4b700 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\prefs-1.js
| MD5 | 8d7fe620cc578b9f022e1034e56c7ed5 |
| SHA1 | f5cec30b777db39bd53b2b570e51437305193add |
| SHA256 | 2f993ec37e115b1a25887ecfe4654a2ff3fe6653117b0936c226babf14cdd60a |
| SHA512 | e7d25b23ef2e0e436948f147772a6134fedbb04688d5771e593191d77216e311ce4f24acc2dffc049d8cc928beaf45f3c22b55996219025e226b1e4399b561e7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\prefs-1.js
| MD5 | 1ad0a3b8b66be9c9179405b41641494d |
| SHA1 | df4e11d3b4c42bf4783cb539c0fed6b6a23fab06 |
| SHA256 | da50551d3303f4ddd84284ef62831bed9eb9e065e1122c971c32681c0db1d6dd |
| SHA512 | 9ad6ce35e0087e064ce58009653bc5abe26c12c5cf3b72bb060ea2fff4539a0a04acda88566230073dee2e3c53bf06b842162f8bf30697cf06054856946991f3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBDizAg\prefs-1.js
| MD5 | 345b44ac3be9bd1ea65c1f00a8d22957 |
| SHA1 | 5b77eb467edec3edb1d9f31b9bd3050eb5c0ed98 |
| SHA256 | 9edfba61d9493b729347f04b5de9cb25212a0a1f7fc7607a328fad238fc841dc |
| SHA512 | f8c31c6e33186f8935adb28ed094d55d8946931b03f7bb568c8efa62d26347e8b7cb580679821799e31d07d8e8071e93c74c5fc4b9bd3db74ea5da0ae31dab68 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOwiGqU\user.js
| MD5 | f5db45cdbc495536fd84d41527219a87 |
| SHA1 | da539d5780eaac9206aac223d6e44c2b536fa7ee |
| SHA256 | b64dbd5ee2c8c6350b818caea2bf74c07dd04cf2a55319331ef353c58af430f6 |
| SHA512 | 273f6c0c8d1f6051b0b3ca2b24a0f2c0ed9c522a9a24c3d110e6b9c10003a9ce41cf07508085d5f4f4b13a5f245efa5c552389427361e47dabb9ba73d2c7c079 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOwiGqU\prefs-1.js
| MD5 | a497b13b7817cd0baaaeb9b6008d4cd0 |
| SHA1 | 831d75355041f5fe4b62f94e1dbb58ef34342695 |
| SHA256 | f3f18b4a2ed95e1d26d1511e7974d87b079da29eca63ff971a0a189eb172d4c8 |
| SHA512 | 89c1ed180a93da72072c63aad69f66fb2f8791a11956f1307a81039498cf84d3129d47f7ac98fe3331eaf9b54a82f6e0409ad2d1faef5f4c3ce0542aa339a0c4 |
memory/2864-1164-0x000001DDF7590000-0x000001DDF75A0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOwiGqU\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOwiGqU\prefs-1.js
| MD5 | d752d5c543eb0ad00325122dd4008a30 |
| SHA1 | a7e624767df0fa3c22620dbe925d1c97909c2eee |
| SHA256 | 53027eb211ccfae48000f16f426212e948e0a79f5be1c89ff2ef8ce3a6adebc0 |
| SHA512 | a1626c027f7005fcac9d4a77bb4735024a6b384da462dcbd38fc4c221356e5e32b1c56b582a7b26b1d8e2a799a9d6aeb0fe54d19ca37a837b09f08ccc684433b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileOwiGqU\prefs-1.js
| MD5 | 388f0550697983a4f050931e056fe70d |
| SHA1 | e83b50342088d4c056c1b8cc931cdfd856dd59dc |
| SHA256 | 47dcadd813ea965f1cd7c313d81fd038d2795c20a6f28af7357751d330848498 |
| SHA512 | 959a603963265508c5a856e60b85f79b9f8f60f048a88e67000a7a1355c62a531627612fd8597d573b367feac8747391097fc2bcef7c3df4e1f9a4e812dd70ae |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5tJd5B\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5tJd5B\prefs.js
| MD5 | e154814e5e90c54bfdf1692bbcfe32d7 |
| SHA1 | 063bea22a790b0ec7017cd8a60c58db28c8ff163 |
| SHA256 | f920f62f844ba0c8798e7fdebdb077e4b94f13f4d387903bf7935cacb58c3568 |
| SHA512 | 7db401f274d01e17f7c5f8a06c2d3d946f1364fa496d32d872dc4715081d14c5f984fc3f89b8b4256e7b86057ac34c6fd354c26b34a3a6363b35b04e336e328b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5tJd5B\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5tJd5B\prefs.js
| MD5 | 0314a9368eafeaa50cfe1f858efae2e5 |
| SHA1 | 06fb7704f7e8c8af07e0a5ab40e30d32a1577345 |
| SHA256 | e210c75f6c021694d279abe53f874bb3ef6d370785772fb44142444dad459d9d |
| SHA512 | b033357a91bc70061fcfc534c2170a2a8a6a4ec1e2dc51e5a7014739122aee555dd10899f3b27e325d54ed45dcb05d453580502c51775223db4ed6afef4873da |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile5tJd5B\prefs.js
| MD5 | f82a3a524aee2f5d2b08243d5b4e95ec |
| SHA1 | 86e489bb1fd84d14be7bc2a0948029720a976966 |
| SHA256 | 628bcd4485dc5b23fa4ee35c53f1982e24968a096bc295bc761751a1814959b1 |
| SHA512 | 9b1ccee0a79c072efb2203742512b61d1df7b6ec44de66c457ff3df469ab6148baf7a75ad75e2706ea02f74b9662959ffa95e6d7960ee91c9771e36285f2e476 |
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-09 00:47
Reported
2024-05-09 00:59
Platform
win11-20240426-en
Max time kernel
288s
Max time network
310s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1696768468-2170909707-4198977321-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1696768468-2170909707-4198977321-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1696768468-2170909707-4198977321-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI40442\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI40442\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuKlk4s
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuKlk4s
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1568.0.1900831193\1764083468" -parentBuildID 20240416150000 -prefsHandle 1688 -prefMapHandle 1680 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {78fd090d-3e79-4b71-adc9-46c639a89fe7} 1568 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1568.1.1810344873\704995491" -childID 1 -isForBrowser -prefsHandle 2704 -prefMapHandle 2912 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {f5d6ebe5-3811-48ba-a1b3-e45abc40feb8} 1568 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1568.2.885859865\660500318" -childID 2 -isForBrowser -prefsHandle 3144 -prefMapHandle 3140 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {5c0879af-69dc-4c71-a8d8-97228480b5a2} 1568 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1568.3.1527865357\347929397" -childID 3 -isForBrowser -prefsHandle 3148 -prefMapHandle 3520 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {aa3409c3-3937-4799-97e6-743e2ddbb6e5} 1568 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1568.4.1856732305\1221752482" -childID 4 -isForBrowser -prefsHandle 3148 -prefMapHandle 3260 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {3b7cef7e-6013-49b9-901a-775fe4b109ff} 1568 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1568.5.1693123739\1353363474" -childID 5 -isForBrowser -prefsHandle 3900 -prefMapHandle 3904 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {aedbac80-30e5-4181-aad1-9d947738103f} 1568 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1568.6.1222956393\991417335" -childID 6 -isForBrowser -prefsHandle 3776 -prefMapHandle 3788 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {f723c906-6700-40f7-9841-13a0059edf60} 1568 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1568.7.1967351973\475783932" -childID 7 -isForBrowser -prefsHandle 3260 -prefMapHandle 3780 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {dc0f3a2c-1cf0-4269-a527-08afd45ccebd} 1568 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1568.8.973251473\793339896" -childID 8 -isForBrowser -prefsHandle 4700 -prefMapHandle 4560 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {0f7bd56f-483c-4d56-9d38-02472767e9cc} 1568 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1568.9.6675604\472727567" -childID 9 -isForBrowser -prefsHandle 4556 -prefMapHandle 4600 -prefsLen 25535 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {8a638102-7201-4890-8d73-96cec663f149} 1568 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1568.10.178138696\940795470" -childID 10 -isForBrowser -prefsHandle 5016 -prefMapHandle 5056 -prefsLen 25535 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {9503ac1e-4349-4e7d-902a-cec7b210610a} 1568 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI40442\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEnhsAU
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEnhsAU
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4992.0.1892055502\567647297" -parentBuildID 20240416150000 -prefsHandle 1704 -prefMapHandle 1696 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {d95f2ec8-b6be-49e1-8c45-119ba3e4a850} 4992 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4992.1.1500879716\1269378265" -childID 1 -isForBrowser -prefsHandle 1284 -prefMapHandle 2848 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {547a0562-0c4f-4efb-ad7f-4d856b4486da} 4992 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4992.2.1349859736\461042103" -childID 2 -isForBrowser -prefsHandle 3064 -prefMapHandle 3060 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {a5c6f8a8-0fa9-4869-9b50-44c1acee24df} 4992 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4992.3.1716312140\1253681449" -childID 3 -isForBrowser -prefsHandle 3116 -prefMapHandle 3080 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {faef0c99-b1b8-4306-a825-7e61e20fada9} 4992 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4992.4.559813468\836664912" -childID 4 -isForBrowser -prefsHandle 3356 -prefMapHandle 3372 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {97a98415-1adb-4e17-85ab-03b1f1462eff} 4992 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4992.5.850362905\285993563" -childID 5 -isForBrowser -prefsHandle 3880 -prefMapHandle 3884 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {d030291c-11a3-4e5a-82b9-92bf4d3f0fda} 4992 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="4992.6.1788622899\513516370" -childID 6 -isForBrowser -prefsHandle 4068 -prefMapHandle 4072 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1332 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {7dac13f7-4610-42be-961a-4c8e7cc2e1b4} 4992 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI40442\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerzBxhX
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerzBxhX
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.0.1434005319\2022518301" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1680 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {42e17ba6-0b4d-43ee-8f3e-e58be1c17f55} 2956 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.1.555780331\1873307622" -childID 1 -isForBrowser -prefsHandle 2916 -prefMapHandle 2924 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {885d7d80-bc03-4a76-9f31-c2cb61342454} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.2.1859349195\1472999050" -childID 2 -isForBrowser -prefsHandle 2280 -prefMapHandle 2424 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {29d5e4ac-1bfc-4ec1-bfd0-2c48188baf55} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.3.697325758\396202033" -childID 3 -isForBrowser -prefsHandle 3648 -prefMapHandle 3664 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {68027dc1-5701-47a6-b6f6-89400364a65b} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.4.2019398263\581596605" -childID 4 -isForBrowser -prefsHandle 1548 -prefMapHandle 1544 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {707147c5-c8fe-4199-ab65-fbb03d5cedc6} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.5.278968875\521770607" -childID 5 -isForBrowser -prefsHandle 3988 -prefMapHandle 3984 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {654dac7b-098c-4e66-b681-f35d96971704} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.6.1612784649\30760626" -childID 6 -isForBrowser -prefsHandle 3368 -prefMapHandle 3332 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {98a15f9e-01a4-4220-bca0-50638c569fd7} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.7.1941194253\582455968" -childID 7 -isForBrowser -prefsHandle 4524 -prefMapHandle 4388 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {79db11b6-36ab-496d-b6d9-461c29b64e14} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI40442\geckodriver.exe --port 50006 --websocket-port 50007
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefef8lk
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50007 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefef8lk
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1692.0.2119534017\1429622671" -parentBuildID 20240416150000 -prefsHandle 1708 -prefMapHandle 1700 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {4218afb8-72a1-42ac-aee0-ea44bd90704e} 1692 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1692.1.1913568931\1367671705" -childID 1 -isForBrowser -prefsHandle 2592 -prefMapHandle 2396 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1372 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {95737924-74a7-4bf7-a965-7f25aa835843} 1692 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1692.2.880148327\6114896" -childID 2 -isForBrowser -prefsHandle 3092 -prefMapHandle 3088 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1372 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {b0406662-c1e9-4c00-985e-26bfc7b2701d} 1692 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1692.3.1890504956\2146004006" -childID 3 -isForBrowser -prefsHandle 3656 -prefMapHandle 3660 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1372 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {16e839fd-9af8-497a-8af0-d3bfbf1cb920} 1692 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1692.4.2058440683\1082850904" -childID 4 -isForBrowser -prefsHandle 3908 -prefMapHandle 3904 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1372 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {2e7b655d-1871-4b13-8d9f-3bdc9f6b8d1c} 1692 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1692.5.206260476\973245123" -childID 5 -isForBrowser -prefsHandle 3264 -prefMapHandle 1556 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1372 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {725daaa1-e5fb-4254-8bb5-31308a4bf116} 1692 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1692.6.1415470236\1311991043" -childID 6 -isForBrowser -prefsHandle 4076 -prefMapHandle 4080 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1372 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {f096adf3-17eb-4b50-8593-f4859b2a9232} 1692 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1692.7.1187517937\24791702" -childID 7 -isForBrowser -prefsHandle 4572 -prefMapHandle 4568 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1372 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {7f5630e9-1fcd-49de-8f1a-7dd22a9624da} 1692 tab
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1692.8.2018377670\929707115" -parentBuildID 20240416150000 -prefsHandle 4752 -prefMapHandle 4756 -prefsLen 27362 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {c7676567-cec7-4b3e-bf63-77b8b2b79d8e} 1692 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe" -contentproc --channel="1692.9.589441240\1878572306" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 4868 -prefMapHandle 4864 -prefsLen 27362 -prefMapSize 245849 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\browser" - {1ac2f9f8-0a09-4f8f-a445-f6c2bb57958b} 1692 utility
Network
| Country | Destination | Domain | Proto |
| TR | 5.252.74.238:443 | tcp | |
| US | 8.8.8.8:53 | 238.74.252.5.in-addr.arpa | udp |
| LU | 104.244.75.74:443 | tcp | |
| US | 8.8.8.8:53 | 74.75.244.104.in-addr.arpa | udp |
| US | 173.52.94.197:9003 | tcp | |
| DE | 130.61.16.129:9001 | tcp | |
| N/A | 127.0.0.1:50109 | tcp | |
| N/A | 127.0.0.1:50111 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50210 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50223 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50649 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50657 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50923 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50931 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp | |
| N/A | 127.0.0.1:50006 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI40442\python38.dll
| MD5 | 305f8ecac261934543c5215f16e6afdd |
| SHA1 | 3920f757f7d3d2c2cd97ce5adcecbcf218873984 |
| SHA256 | 0b75e5e7d45c7d19d5a280e5c3cd296e2601cf378c37174df257e915d4ee244d |
| SHA512 | 9e64641cd7440ee3b3e07ac6aa536a22f9b0bc3684c26ce48462d1f180f0afa692a7f4608174199d91f9dd5665ef49ffafdd1d12d6605f4a896089262d31ef56 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | dff7c11471a2f55c9dcdbffacbdd24e6 |
| SHA1 | a86bf99113b0118aaeca6ff79a53d2b1a68b85a8 |
| SHA256 | 88a08a38f16810abfce451d234a6e02bf61a808bce1a897b6dbc399d0e1a90f5 |
| SHA512 | f56698f649e4b688dcc2bd4b4f573bcf5ef4a5464290f82766e5bfe35c9f85ca2d619f6800b86356c31b9d4875d8e46909a07166593da8cca5f612069d836b48 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\geckodriver.exe
| MD5 | 0c5db0eb17c8d3d150f83fe1f6f1cdac |
| SHA1 | c4ec34bd1ddfa10b7f9573bd8b78e2156df072a9 |
| SHA256 | 12fc60109b5babb7220ae9b1ba044c03362c14571ddbc0cdbf862b9cf099b716 |
| SHA512 | 5a7312adc507ac1c59ae543d06a943f01214b7e417e9f992beea3a3b782480c8806e42afa96e8eb66ce394a2b6b47052260ed0b509d08e7db0a64f493e85aee7 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | dfa3a4ce64626cc3964d930ba7b9fdcf |
| SHA1 | 530ba947eb29f5e795c14025e3daab79b433a86e |
| SHA256 | e4ba330d49ad29b868f5716e4d137f2cc141aabae38f598832b616a596183472 |
| SHA512 | 1ec099138fbbdc0f01c25ee802467a3b994577a353fa995f4dc45182cca9b5703b98faa46da022af077f7dcb51a466775421e6bcac9d655d395a7f411061e0d3 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpue0e5hf3\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\top-1m.csv
| MD5 | 11136fa0eb32dbafb2979b5c07816a51 |
| SHA1 | 783b6bba1043b11a3850ba5c922e39bb1409d094 |
| SHA256 | 98c29fb0f6ecdff973c17b62389b8892a69bda49e2dd0c0ca888ebf4ae1f322f |
| SHA512 | 3f20d5d0f977dc1661bdf98394674ac5c3b1d85873d6ddc1c2a430ae2d0d46d517473c9884e60474093dcac5436d8aab64d98c0e56532edc49b449822aecec49 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\nss3.dll
| MD5 | fd012b8e98a8a2ca935c5bfd8583ed72 |
| SHA1 | 3dd493a8c536cd5fdd0aa387488435fb342835dd |
| SHA256 | 19096ce19fc9d4144638bf2b0b2b02fb29e5f01cc85b9099c82a693349ae1d35 |
| SHA512 | f476139139cc770d0aceefbc687ed6a2397dff2ee7d255fd1432169ff3f29e94f337a2f2b0c6cd96887cdeb7a7ccf586b30b07d652de90850535e6379dc22f52 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\tmpue0e5hf3\webdriver-py-profilecopy\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\tmpue0e5hf3\webdriver-py-profilecopy\places.sqlite
| MD5 | 76751f2f03b393fca965628f50b0c8c3 |
| SHA1 | a172d5c43e37ca1e00234426cdf751ffaa0f494a |
| SHA256 | 5470d18e2c1a49035a23416e6d35e6eacd8f2f8492e40e93bbfbd673aea328db |
| SHA512 | 8f451ae2d118eacceb410ecc4779be90c911aff0bb0f0aae5827c1488deab0f77b236f61ac525fef4253c12730c3f2acb4ccf5df411e1c09a947e665ca554bd1 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\python38.dll
| MD5 | a2d1ef944a3b2ece9251bdd4528d71be |
| SHA1 | 5d422a39b769cddf186e36eba348a5382bb81ab2 |
| SHA256 | 59e24582777846f7b5eb952b08a2346801ae20674f0d18a65c0d415095b8e543 |
| SHA512 | abcfad3bb39d143bd56d350d83a4c9ded669504ab89e5d860862e04801e419cc96d8169d1df320a69a97f13ea6f919a34c68098c3d563cb9eccc6f7c9a978828 |
C:\Users\Admin\AppData\Local\Temp\_MEI40442\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/1568-469-0x000001F5BBFD0000-0x000001F5BBFE0000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
memory/3820-491-0x00007FFDDCF80000-0x00007FFDDCF81000-memory.dmp
memory/3820-490-0x00007FFDDEAC0000-0x00007FFDDEAC1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuKlk4s\extensions.json
| MD5 | 9b9e5e1752bd87466dc7915b3edb8f9c |
| SHA1 | f93f8dd77e87750d9222df10de05b72ca8d52463 |
| SHA256 | 54995453a52b88b085f2772665885fdef6c5a7a84076097a4f58d10c23394827 |
| SHA512 | 76d9ba9de6609d1f1b2b727e915c82a8b5cd6c12985ff71bf4bd39880ac037e9c76fa9ee3bcfc336eaeb0d0823b7e070b9e7424fb9ee37ecf0c825571e6b23e7 |
memory/1568-588-0x000001F5B7B50000-0x000001F5B7CC0000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 474892cd148b4d83fe5c236dd6b41eeb |
| SHA1 | 185281bc833268e62c9e146a310bb3e5267431f4 |
| SHA256 | 2441352cfcd66a456ffa3fd25c0c9601120cd9ab45b10c979e23a72a7716ab88 |
| SHA512 | 21f1a8d28eaa2117949508fdfeb4cca58bec57a24e687657cadedc5ae7e40404033657579bf25c4da2afb10faa6815ed122a81608b487f23c7daf83987b5f11a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuKlk4s\prefs-1.js
| MD5 | 2a962cc94fb6365fff90fe06a7e537a5 |
| SHA1 | 0471ee7ebeb558726f4ea843cc5594c5ed8109fb |
| SHA256 | cac5a46ed2bad1817751d04d204b826cb52d7df95b9eb75e400773c636d24394 |
| SHA512 | 9d58a3fc2895da7357c1209cb2ea961007199c978eacddb585df23bc16bf3a82c983b5505e797d8acd7df001646d4f979879e11386b31ffcb9da8dab169d630c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuKlk4s\prefs-1.js
| MD5 | 1048996017ead2921dba6c11b888fa08 |
| SHA1 | af28da07c4679745c4e4bb13a7437c532895c5bc |
| SHA256 | a3c3ac1f4ebeca4c1a63d1cf76539bb790c702ffe1c1339ee52fbdb4b06124a1 |
| SHA512 | b55e06c33804c67000df1c86e3acb16b80aae03c9dde66d24290f969c76dd6b5a9a53ed6f2eedc7579c84bd063dac73a719e02cee43c56164fab8bcb83c63fec |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuKlk4s\prefs.js
| MD5 | 43a5347235af64211bb57df05b52abfc |
| SHA1 | 3f8deaa7d08b7824e57fcae400991721e0008f21 |
| SHA256 | 4efcf0f501835457f18f9323c3d508f0dfe202e216a9e8dd1019fd99fbc887c0 |
| SHA512 | 4af63d262ad7c1c5320d85fed01f72907950ccca8e6f2b9c4611fcf37f4a002b0360588722dc8b33a401d944d889c80a4dd1bf7fdb0aa9866262e3bc0b5ff5af |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEnhsAU\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEnhsAU\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/4992-946-0x0000018AB3BA0000-0x0000018AB3BB0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEnhsAU\prefs.js
| MD5 | f2c666d67ebdcf4864e25f58a662b1d9 |
| SHA1 | ff82f227d273360976ce0a01baaaa6abc79be897 |
| SHA256 | 9d19e6c32f00c729d6de13cae3c047298645f7ca4f35f64ae7e376008b9b8d4b |
| SHA512 | a61ead4f5befd420d85e746c2891f915ecc78700c8ea977e2b283214799709cfd16b2492a8988192f977ebd056b7e892dea6e4f04cdc71bc59ad0a95db821501 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEnhsAU\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEnhsAU\prefs.js
| MD5 | bcb0ab34c67b35770a0d9d63b3aaf140 |
| SHA1 | ade021c5fd83bcf7687b94d90feaf7d8609af016 |
| SHA256 | bf539ade185942f3b5dfde516f87b19138e76247dfa58c224ab9d612415df20e |
| SHA512 | 2d6ec76ed6f94f43f31f2dffc3979f36823816f9b537777eb5b53e538369390d5662f568fb75c2393de6be6977587b2c8c251be243739420ba99a56d2b1ec7e1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEnhsAU\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEnhsAU\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEnhsAU\startupCache\webext.sc.lz4
| MD5 | bdb67b2d3fb4c6e631342cf0df9160e8 |
| SHA1 | 51b8c58fb97e486bc3ea86c29e5286be7d1b7c17 |
| SHA256 | cbbe0c53f4047f659d7d20dc149dc274f1f9771332878615e94a407cbef0a595 |
| SHA512 | a3076f9378944d157a4a7189270c1ffcdf8504e1377270ddba47df84dc86cffee3e0fff295fbe8f514aaa4ea6119c19651efb9c22add48bf7a973c6b8510b3ba |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEnhsAU\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerzBxhX\user.js
| MD5 | a503f347ef523a5afbae4c6c6ecb0dbe |
| SHA1 | 2814bc64697245f9457e9881ae67aa1312f77c01 |
| SHA256 | ab1c5eca9c8c8a8b2f85f8395983ebdd04d03e7de0419ec8b33233708d8f618e |
| SHA512 | 86ebfbb77c7cc6ed55169662b90eea92ff15e30898538c67433766a0ffc6ca1999b2388c61c8aff3c64d05ef1f858c25b32ec32299879548743e4eaf0d264640 |
memory/2956-1195-0x000001BFB58D0000-0x000001BFB58E0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerzBxhX\prefs.js
| MD5 | b81b5fb8bce2ae97c1c55621853a3545 |
| SHA1 | 282c1bfe088081e57a5ae4d9cdae0c2ed112f0c7 |
| SHA256 | 3814ebf5caaf07a686c8aff21989459e6cee9131ec94f82c83faf08c7fb19c24 |
| SHA512 | 02badb06b25c7cb42395f0294fa8392a752f151c1e30df2b049d8dc2eebb589dea7216b0ffa5d789a0aaabe37f0ac77c829acf1e9a0749dcbb8ad002626bdcea |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerzBxhX\prefs-1.js
| MD5 | 43ac49bc04263bce8ad01e6e0550050f |
| SHA1 | 1b5bf778ce2ee2a222bd0866c81bdd5171d83015 |
| SHA256 | 60d2536a57095502060335fb5a3278fd9bb89bc02809699667ea44e70aa33f96 |
| SHA512 | a706822491a01e4c8bff6974a4f87a2f7fedf399514b7311cdcc7108102d3aae4b3104bd6402d3fb31c42075b0ef0d4318ead8b52a62b879307297c6d3bee33d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerzBxhX\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerzBxhX\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerzBxhX\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilerzBxhX\prefs-1.js
| MD5 | 665aa84c1b7fe7997c02a64048ab30dc |
| SHA1 | 629b4a4f91ca85be836400b71dd39e79d6f7391b |
| SHA256 | 5007906a18c4cce0ab18e3d8a6b8b24d050b3588b47b11527a64712136c62ce5 |
| SHA512 | b12cec0766fcaefcb571167679835587f29d83e6c8d308ccaac4365f43b8c36ca02faf72f68a3e2f3ca6fe2f8a9fa521e0b4a55518e6c7ac5f003dd97d8c3cf5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefef8lk\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-09 00:47
Reported
2024-05-09 00:59
Platform
win11-20240508-en
Max time kernel
273s
Max time network
312s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3107365284-1576850094-161165143-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3107365284-1576850094-161165143-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3107365284-1576850094-161165143-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3107365284-1576850094-161165143-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI31242\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI31242\geckodriver.exe --port 50005 --websocket-port 50006
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50006 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVzvRIW
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50006 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVzvRIW
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="2104.0.1533069072\769721623" -parentBuildID 20240416150000 -prefsHandle 1732 -prefMapHandle 1724 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {8282ffd9-3f2b-471a-9e10-6842d609ab91} 2104 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="2104.1.2100984616\1122543198" -childID 1 -isForBrowser -prefsHandle 2444 -prefMapHandle 2328 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {8bc93005-9d6c-41fc-91bd-f84218822f0a} 2104 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="2104.2.2055407521\197485696" -childID 2 -isForBrowser -prefsHandle 3056 -prefMapHandle 3052 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {8a0c19b3-de58-42f4-9017-4f074fc17de4} 2104 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="2104.3.1982404956\357307335" -childID 3 -isForBrowser -prefsHandle 3588 -prefMapHandle 3184 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {32b14753-099b-4b52-a3bc-58f0fed65434} 2104 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="2104.4.850960517\1960356233" -childID 4 -isForBrowser -prefsHandle 3420 -prefMapHandle 3332 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {860293bc-f3b8-43d9-a340-62bb9b8313dc} 2104 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="2104.5.2021071995\2135485174" -childID 5 -isForBrowser -prefsHandle 3980 -prefMapHandle 3976 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {b039fc4a-40d7-4598-9d16-f6bc9029c407} 2104 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="2104.6.1447026246\1059236719" -childID 6 -isForBrowser -prefsHandle 3308 -prefMapHandle 3348 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {1695d44d-a03f-490b-8ea9-ce5c43429f0a} 2104 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI31242\geckodriver.exe --port 50005 --websocket-port 50006
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50006 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50006 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="3428.0.88870653\1028942501" -parentBuildID 20240416150000 -prefsHandle 1688 -prefMapHandle 1680 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {fb97c2fd-60ae-46de-98d8-0483bd851e9e} 3428 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="3428.1.316109281\1897410470" -childID 1 -isForBrowser -prefsHandle 2688 -prefMapHandle 2580 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {24b83854-a983-42c7-a983-9cc312a66582} 3428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="3428.2.61013513\1287112377" -childID 2 -isForBrowser -prefsHandle 3104 -prefMapHandle 3100 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {dc251d2d-f029-439c-9496-b1a3c5803cca} 3428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="3428.3.1347622111\474790232" -childID 3 -isForBrowser -prefsHandle 3556 -prefMapHandle 3268 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {471e004b-6057-4bdc-8038-a18c19954dbb} 3428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="3428.4.2011576875\2134493798" -childID 4 -isForBrowser -prefsHandle 3680 -prefMapHandle 3676 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {4141dd23-291b-47f6-8889-0eb03d9dd1b6} 3428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="3428.5.166575845\1604766551" -childID 5 -isForBrowser -prefsHandle 3908 -prefMapHandle 3904 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {671a9361-2bf3-4cc5-af70-11b958e09101} 3428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="3428.6.1551057326\962738207" -childID 6 -isForBrowser -prefsHandle 4092 -prefMapHandle 4088 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {670affac-ae4e-40b6-9bff-a1c3544676f0} 3428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="3428.7.1958566150\1064916915" -childID 7 -isForBrowser -prefsHandle 4588 -prefMapHandle 4504 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {dc91d809-3ca6-42dc-99eb-25de5543f9ad} 3428 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI31242\geckodriver.exe --port 50005 --websocket-port 50006
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50006 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejSx2aE
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50006 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejSx2aE
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1180.0.593282665\298748477" -parentBuildID 20240416150000 -prefsHandle 1712 -prefMapHandle 1708 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {d8736807-adbf-4082-b8fe-0d49db37e244} 1180 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1180.1.1306663663\971051125" -childID 1 -isForBrowser -prefsHandle 2304 -prefMapHandle 2820 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {167f5e0a-b545-41a7-8eea-c319e45e4e66} 1180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1180.2.109109003\150378906" -childID 2 -isForBrowser -prefsHandle 3096 -prefMapHandle 3092 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {62eef79c-1afb-40e9-918e-865d9051c994} 1180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1180.3.1683554861\1990210303" -childID 3 -isForBrowser -prefsHandle 3604 -prefMapHandle 3480 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {a1f6cc1e-d0e2-477b-a8d5-cbf4fdd61b39} 1180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1180.4.1037276794\82244689" -childID 4 -isForBrowser -prefsHandle 1576 -prefMapHandle 1572 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {08c34231-22df-40f4-8aea-18f5dd98d119} 1180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1180.5.1118778261\363910665" -childID 5 -isForBrowser -prefsHandle 3912 -prefMapHandle 3916 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {7c3a84ac-b1ac-4c94-ac3e-55bc77fe4989} 1180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1180.6.1786528540\220840452" -childID 6 -isForBrowser -prefsHandle 4100 -prefMapHandle 4104 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {6e159673-1990-4aa7-8fed-aec428549950} 1180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1180.7.762414534\1943262200" -childID 7 -isForBrowser -prefsHandle 4132 -prefMapHandle 3512 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1292 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {38c89886-e635-46b8-8292-85df06a7cba4} 1180 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI31242\geckodriver.exe --port 50005 --websocket-port 50006
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50006 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRUIKGK
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50006 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRUIKGK
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.0.1395156045\1136624723" -parentBuildID 20240416150000 -prefsHandle 1716 -prefMapHandle 1696 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {389156a5-6dfb-4b5b-8fde-65d591673c1b} 1964 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.1.878788325\1985580605" -childID 1 -isForBrowser -prefsHandle 2644 -prefMapHandle 2336 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {69a51485-44d0-45b2-a42a-4d7627eaaddb} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.2.505642771\22043553" -childID 2 -isForBrowser -prefsHandle 3112 -prefMapHandle 3108 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {eccf0261-3aaa-4842-b6d1-e57a89b9ee15} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.3.1376074046\2036288594" -childID 3 -isForBrowser -prefsHandle 3544 -prefMapHandle 3608 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {1c268147-38ab-49fe-8da7-f3a90f6d3449} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.4.1507915162\2129051041" -childID 4 -isForBrowser -prefsHandle 3764 -prefMapHandle 3768 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {94d7ab01-b5b8-4b8f-a3b4-4919c2eba154} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.5.470736963\1224299012" -childID 5 -isForBrowser -prefsHandle 3932 -prefMapHandle 3936 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {e244cea6-c99d-49e9-91e8-ceaa47d23e44} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.6.2010168833\491068818" -childID 6 -isForBrowser -prefsHandle 4128 -prefMapHandle 4132 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {83939b8a-cf47-4f35-b089-551d64bc7940} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.7.1018758199\170765237" -childID 7 -isForBrowser -prefsHandle 4460 -prefMapHandle 4456 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {38147784-829f-488e-a4a8-6cd96488fed8} 1964 tab
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.8.683553951\742883877" -parentBuildID 20240416150000 -prefsHandle 8552 -prefMapHandle 4640 -prefsLen 27362 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {ba6d8f00-6a6e-470d-8741-b51f934ba606} 1964 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.9.1949079352\2144998715" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 8600 -prefMapHandle 8652 -prefsLen 27362 -prefMapSize 245849 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {2604e399-1f92-4daa-8c44-ddf2a478f89e} 1964 utility
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe" -contentproc --channel="1964.10.1739906382\661548050" -childID 8 -isForBrowser -prefsHandle 8328 -prefMapHandle 8412 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\browser" - {be1abe5e-d321-4c39-bf3f-1324a426e0e2} 1964 tab
Network
| Country | Destination | Domain | Proto |
| PL | 45.141.215.97:8100 | tcp | |
| FR | 54.38.241.3:8443 | tcp | |
| US | 8.8.8.8:53 | 97.215.141.45.in-addr.arpa | udp |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50019 | tcp | |
| N/A | 127.0.0.1:50005 | tcp | |
| N/A | 127.0.0.1:50005 | tcp | |
| N/A | 127.0.0.1:50205 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50213 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| RO | 109.102.193.184:9150 | tcp | |
| FR | 87.98.243.204:9000 | tcp | |
| US | 8.8.8.8:53 | 184.193.102.109.in-addr.arpa | udp |
| US | 52.111.229.43:443 | tcp | |
| N/A | 127.0.0.1:50005 | tcp | |
| N/A | 127.0.0.1:50005 | tcp | |
| N/A | 127.0.0.1:50005 | tcp | |
| N/A | 127.0.0.1:50600 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50608 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50005 | tcp | |
| N/A | 127.0.0.1:50005 | tcp | |
| N/A | 127.0.0.1:50005 | tcp | |
| N/A | 127.0.0.1:50977 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50985 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50005 | tcp | |
| N/A | 127.0.0.1:50005 | tcp | |
| N/A | 127.0.0.1:50005 | tcp | |
| N/A | 127.0.0.1:51367 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51375 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI31242\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpstttrhdn\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI31242\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/2252-483-0x00007FFD148C0000-0x00007FFD148C1000-memory.dmp
memory/2252-482-0x00007FFD13DA0000-0x00007FFD13DA1000-memory.dmp
memory/4544-521-0x0000024A83AA0000-0x0000024A83B76000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVzvRIW\extensions.json
| MD5 | 8256ffd556114eca39350732fbe426b2 |
| SHA1 | 0cb8598c74ef160d529529278085431221fa3c03 |
| SHA256 | edb15c390cd08edb080f48187f25a72fe039b843b78fe88777e494dc2133a506 |
| SHA512 | 7afdce772494f344386bd70fae4cb33410db4916286c6196df610eaccfb196f63e2e05f2223b5eb71c0753a3311a12ec559430fc0983884a7a09857db2a8c718 |
memory/2104-549-0x000001BAAF080000-0x000001BAAF090000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVzvRIW\prefs.js
| MD5 | 0820a9be02eac673c58e8af3145c8ecd |
| SHA1 | 2f4d1164bff4dee178c70b3ce4db62323b449b98 |
| SHA256 | 8f2855d824b9ad5c79a71263ec29bcdb947297d2df0efe292c6f8edd85065112 |
| SHA512 | 8762fada3ad3de4650be457ff0fdacd400de61afca2d72cacbe420be731cae2f4c2e0f2fb64783567da705cdb70c9354e6f5aa30dd2869dcd5760d0ff7d7f659 |
memory/5068-599-0x0000021781610000-0x00000217816E6000-memory.dmp
memory/4912-600-0x0000020FC81E0000-0x0000020FC82B6000-memory.dmp
memory/1084-602-0x0000020890410000-0x00000208904E6000-memory.dmp
memory/3616-601-0x000001BE7D200000-0x000001BE7D2D6000-memory.dmp
memory/2252-598-0x0000022D5B700000-0x0000022D5B7D6000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVzvRIW\prefs.js
| MD5 | abea6a0fe542af81c2fc1ad89beb0c34 |
| SHA1 | 4af59dcd4f904079f4b1fcae27bc16830015ffeb |
| SHA256 | 0bb783cf0ce7e0a9fad5c0dd2beb386047d40e752cd7e366f2cecf33b7d8f3ca |
| SHA512 | 6c892318b46a4c86f73ec34000cd19eb9591202b853158d430b2ce08c668a4e7a09211d7058d13973e90caa3c9a9e2d777130f0ac4a9a966ab62dbf09868ff50 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVzvRIW\prefs-1.js
| MD5 | 47b9e12a1e44a025a6b70f4ed3239552 |
| SHA1 | bf0cbdfccd2865b43471c8d4b907041ef9ca3677 |
| SHA256 | 6773e53ba7cba43e1e0ff4ec2b5a966084e2457f0c77ec15996d2d7bf357c1a1 |
| SHA512 | 21c4a14611996775c405407dad695d394f99a319ac4722124e9c895d83a9eb4757845f3c17a51990363a0b25e592a1d218c0a95a9d138619c3ffc90786b450ac |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 7ced7fdec5ced2eb84b009616ba443c2 |
| SHA1 | eb6a8d8faa0b6e5e2078d9b9ae9da53fc3103159 |
| SHA256 | 21cb4097db9a8058a481e536b2ecbbf81e483ca53ffc1a65378ad96afda94420 |
| SHA512 | d35a4b0210a2f9cae9c137965b196936c926be3a5ee30e29f20e591cfd786fac7f8671e263e4eee9cee833aa7cc6f92db4e3c5c273856f1fb9922f7f1d2534a8 |
memory/3428-831-0x000001F2C1600000-0x000001F2C1610000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7\prefs-1.js
| MD5 | 7df659a5d28664b830bfdd382e979939 |
| SHA1 | 68b34402a65540d505c2fe50e7f965a267416598 |
| SHA256 | c46754f80e5aeb000519480cb6cf117403752c8dd58689fc67167ced127a1e4e |
| SHA512 | 7ef53d0c7e29687668c5d12727f77e6e801db3767c870e7784ccfa33400c424ccebd5c4c47d9a4fe4dd2c0024a9c354384abb4e47bc14dec9ac79e3c5755c0eb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7\startupCache\webext.sc.lz4
| MD5 | 9136b91888473f74e45a6a0e993b3457 |
| SHA1 | 0ebd24b21e02ba714ac2b806e215f5d2ab9db0fc |
| SHA256 | 47d5e268ac53a107b59ba1ac3f5e4652cf69d003f96c503012f4b7744b6283e7 |
| SHA512 | 44bddf5e6d91a5bc09ef8f657420d90fe5f416ff94cdaa26f6c3f8b72c82714feadaac4fbf52332ce34f2c5363f0661262a335b8763044e92f36335a876b6552 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7\prefs-1.js
| MD5 | 59614f8ea2b5b72717e0e6e25a8e5a53 |
| SHA1 | df5a1b90e3c1914c2ddd684ac85a6fd5d666b5c4 |
| SHA256 | fbe32f0d70c2af71b247a82b9e9ce47ed8b68083673228938d9fa75ddd3b4b83 |
| SHA512 | 86a1c503de3db85e9cdc866e31fd7da52c3bf13b5744f1e2b086f4c1539a70cebbda4f97a0edaae94f85fd077fce8e681842d9726db73bd73d609296552aef89 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7\prefs-1.js
| MD5 | f5a0746a27de92d8525b3dffb6647151 |
| SHA1 | 25fca7b3787b66691cc6c85a57ac23bcfb91f9f3 |
| SHA256 | 53e4f7a4a85a91d411e7851a99fe1757acd5d967a3daea24a2d098c33a51ca22 |
| SHA512 | 17609f42b7109ae3d0fccee16780757628d4c6c78013ce0502142ca62fda0f4179b1dfb135481a841d1e8b8468c7debeb3b786823504f3506df9d042b51883e6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecSnCI7\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejSx2aE\user.js
| MD5 | edfdf979553a052396d4df5ef1d42c00 |
| SHA1 | 79884150d3589c1077516606301c2ed30e49e1e8 |
| SHA256 | 557624eb22d38bea0a32bdde861f09b485cc8adf70d8d6c0b42b95463d79d7b6 |
| SHA512 | 78e8614df1224cdddd88ecd83cd01d085efec7c3707a7b7f57148555d904274c8408990b1720df526cda6075444cd4813aa0d82bcddfa4031d61ed580cca6774 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejSx2aE\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejSx2aE\prefs-1.js
| MD5 | a269bf1d2bc5e92cd0e9f50c6de4b125 |
| SHA1 | 9b55fed08c1fae71dbc0f7085b46cdd552092094 |
| SHA256 | 7d4226e75ec37a9b0dc12bcf015c3262d533bbe271346026d973726a4c47d19d |
| SHA512 | 8b378ae5d9b1e9ffe5209698bcdfd11603994a190d3d172f4e0eba9ab6a594f323d31a862d890ab2d9ca5f5ca0335d72ce169425401655ec804864ab3100e268 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejSx2aE\prefs-1.js
| MD5 | ee6634d2d6f224e0aa156d76f1b04b10 |
| SHA1 | 064ba28773340395e34d7af8da2da30ec524ffe8 |
| SHA256 | 0ec3a4330988ae77c3880cc9ed9604683c8be583f095e36ea4447ddf760cccc2 |
| SHA512 | 6c8becfc03b9bbc47ed30de3305cc00b6b13b27fa9fb5e1656560b0349c87f100b9670784ec22ad8fc1b59e6ef149088d0c37f946bdb78d074e447022c649edc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejSx2aE\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRUIKGK\prefs.js
| MD5 | ff4ce1ce9900f80c86f3e04ce239ee2d |
| SHA1 | 4d5afcaaa249ffd557b4047854b015b2a7592f7b |
| SHA256 | 38cc45c5d97f2b2ec7fb817350ba571c8595fd01ea5a0320e828be6fcb0e0416 |
| SHA512 | 60bd2fd13550f16a00ee8e80b7d6e4f2509338d49d12be2bb16caf4239dda1e51294ca877c74ae60c54160c90af535b1f803a2e03510aa596f0c7f18064dea9c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRUIKGK\prefs.js
| MD5 | 50f0a9da14308ce715096fba7b556e0b |
| SHA1 | a016ff887403cb9d71e58a9a3627766dac959aac |
| SHA256 | bd05e4c562c338d6cb956ddc9d8033e9fac6231d90173e852da18f846bcd44f9 |
| SHA512 | 42c6299c40fb060d5d967826e0ccfef6a0d775838cb974c739271560174bf06f95f792b890ae8d79782a6d35e1c5d690e479dec60441d302ec99a1bf4987cef5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRUIKGK\prefs-1.js
| MD5 | 56d5169ac7043774253c60341cd9b38f |
| SHA1 | de718b63e494df0e5e64173d4305c1c2f4bda720 |
| SHA256 | cc80b052cafe2643106dd5dc89dc8a6007189f87f71151d3c7c6ae10fb3d9c25 |
| SHA512 | fdde3a068ba92dcf334fbc4740a6195cd004d761e2f7d9693b19ff56161122d22660ebeaaeb3e6f22080d21ed4484f00e990afde03913b4c232c236522a41159 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRUIKGK\storage\private\uuid+++30e5c1be-edb0-4b87-b918-8a48b1eb6f9a\idb\57aded41-4fa3-4fae-ad8a-7ef7cba34e96.sqlite
| MD5 | 4f66abe89b555ebbea1d3d0369cb622a |
| SHA1 | 1ac81c7e74b38cc8a2e7627c5d0d4353522822a5 |
| SHA256 | 0a88b07b84905aa66230bd32284efe6b47d447b8dbc7bc844ba6599bcfbf471d |
| SHA512 | a39ba1e892b050efbc3d906577c8ca885887cf12af2a08f5070bcaffac02c0031462e5b3fba7eba90a34507e853d80f4579518ad94efec04d4d2429295d4c659 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRUIKGK\prefs-1.js
| MD5 | 066f2997f19a5848ac58dd4e579d2560 |
| SHA1 | 92d82ef2a4a6fe8f5cf52e8664427fe310e72466 |
| SHA256 | 1b92d3faf4af1770d576d1ed6a9d4274eb924e949a57dc2572d4ecca5d4d7307 |
| SHA512 | 6ed27aab0f4ae54b1858cd34c2dd31072659788c7be72691902543592cc92e3ad827b0ac815e462c0c2b1171bedacedc2622207b961a83f09b96625a69cebb25 |