Analysis Overview
SHA256
335d7d67678ff4475ee0622beef67a923e4962a034ce7ca97d6b08d9c119a3eb
Threat Level: Shows suspicious behavior
The file medium.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Checks computer location settings
Loads dropped DLL
Executes dropped EXE
Checks whether UAC is enabled
Enumerates physical storage devices
Unsigned PE
Detects Pyinstaller
Checks processor information in registry
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Modifies registry class
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-09 00:49
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-09 00:47
Reported
2024-05-09 00:58
Platform
win10-20240404-en
Max time kernel
298s
Max time network
307s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI19282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19282\geckodriver.exe --port 50056 --websocket-port 50057
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50057 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyoDeEE
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50057 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyoDeEE
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.0.1762187327\492951398" -parentBuildID 20240416150000 -prefsHandle 1448 -prefMapHandle 1436 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {35206c37-8d51-40b9-84d3-d61cf84c875d} 4400 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.1.1982035262\681815068" -childID 1 -isForBrowser -prefsHandle 2300 -prefMapHandle 2308 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {68f7e44b-10fe-4138-be8f-37d168e39369} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.2.1112587165\1302503717" -childID 2 -isForBrowser -prefsHandle 2928 -prefMapHandle 2924 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {a0b7422e-ef0e-4c59-9d42-3096a5262ae3} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.3.542073069\728719562" -childID 3 -isForBrowser -prefsHandle 3316 -prefMapHandle 3332 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {6d650625-dee3-4ee9-8b66-fa0d02b0b3fa} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.4.1925459953\1012485913" -childID 4 -isForBrowser -prefsHandle 1328 -prefMapHandle 1324 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {1c293e90-eb82-49ee-9a92-b7e061e4803f} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.5.1310240746\759228928" -childID 5 -isForBrowser -prefsHandle 3800 -prefMapHandle 3796 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {b8ecdf0d-6c45-47f4-ad1e-2b746e936a9e} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.6.551333419\729844359" -childID 6 -isForBrowser -prefsHandle 3984 -prefMapHandle 3980 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {181bae47-b884-4242-8cc1-92e4b70719af} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4400.7.878520669\1879358117" -childID 7 -isForBrowser -prefsHandle 1324 -prefMapHandle 1328 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {669b1487-d468-4de1-b135-1ba3ce3fc977} 4400 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19282\geckodriver.exe --port 50056 --websocket-port 50057
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50057 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50057 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.0.1655975534\704552722" -parentBuildID 20240416150000 -prefsHandle 1508 -prefMapHandle 1496 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {1507c4f0-3794-429b-be09-a2b6764f4918} 2876 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.1.2100463542\356820773" -childID 1 -isForBrowser -prefsHandle 2424 -prefMapHandle 2440 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1152 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {f3d5d165-e4a5-455a-8f8c-57d2a8c43474} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.2.2127638000\876017370" -childID 2 -isForBrowser -prefsHandle 2956 -prefMapHandle 2952 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1152 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {96ce5e5f-a2fe-4b28-9282-a152989124da} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.3.1080885671\1203369109" -childID 3 -isForBrowser -prefsHandle 3468 -prefMapHandle 3452 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1152 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {1e8b7f67-9497-4f63-a87d-bf441e9b6558} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.4.1820935733\336570391" -childID 4 -isForBrowser -prefsHandle 3416 -prefMapHandle 3432 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1152 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {48778508-fad9-40b9-968f-d37f1db2c77a} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.5.536994085\1326875625" -childID 5 -isForBrowser -prefsHandle 3716 -prefMapHandle 3720 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1152 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {7c9bd1ad-87c6-44f1-8b93-f57f9462a2fa} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.6.1206202220\1752060854" -childID 6 -isForBrowser -prefsHandle 3336 -prefMapHandle 3320 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1152 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {a22c40e8-4c5f-40d8-aab1-243181aed6b3} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2876.7.429247592\1632854695" -childID 7 -isForBrowser -prefsHandle 4320 -prefMapHandle 4324 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1152 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {8033e654-76d8-40c2-8fc0-8bc83ea9b968} 2876 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19282\geckodriver.exe --port 50056 --websocket-port 50057
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50057 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenqApOK
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50057 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenqApOK
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.0.1667122715\1911740531" -parentBuildID 20240416150000 -prefsHandle 1488 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {c720ba38-c8f1-4bce-b893-d7e3a309c824} 3276 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.1.1529622680\734327793" -childID 1 -isForBrowser -prefsHandle 1244 -prefMapHandle 2304 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {42a488ca-ea30-4446-b2c4-bec8958dc74f} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.2.1045025680\1990943252" -childID 2 -isForBrowser -prefsHandle 2968 -prefMapHandle 2964 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {193832ce-b817-44a5-a94a-cf03d619ffd0} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.3.1372127154\1787389727" -childID 3 -isForBrowser -prefsHandle 2984 -prefMapHandle 2980 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {68c4649f-8d3a-4127-a3c8-e9cb46693888} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.4.962811533\598168482" -childID 4 -isForBrowser -prefsHandle 3644 -prefMapHandle 3640 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {2b803278-f95f-448e-8aea-9bd6875a16e3} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.5.1734471020\1258455050" -childID 5 -isForBrowser -prefsHandle 3872 -prefMapHandle 3868 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {8bd5bcc5-9f1d-4c2c-b0b8-6f2895be3eb8} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.6.194484871\1594244915" -childID 6 -isForBrowser -prefsHandle 4024 -prefMapHandle 4028 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {1cb02f15-83b1-4414-abab-73ad7c6eaad5} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.7.942807715\613163013" -childID 7 -isForBrowser -prefsHandle 4324 -prefMapHandle 4336 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {abe61e91-c7ff-46c9-820a-c917274976f3} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.8.549562307\1920489753" -childID 8 -isForBrowser -prefsHandle 8252 -prefMapHandle 8348 -prefsLen 25456 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {57ff3f08-799d-42b6-b72f-eb6546279f86} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.9.1387887522\2028290540" -childID 9 -isForBrowser -prefsHandle 7888 -prefMapHandle 7884 -prefsLen 25456 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {2a0a7000-74f9-4c44-9d47-d52d9bf54c61} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.10.1581002271\2111396534" -childID 10 -isForBrowser -prefsHandle 7892 -prefMapHandle 7716 -prefsLen 25456 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {3ead9481-af40-419e-912a-730eda933383} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.11.615756214\1738077690" -childID 11 -isForBrowser -prefsHandle 7508 -prefMapHandle 7512 -prefsLen 25456 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {d87163df-e9f4-427a-a248-2c0bf3cacb60} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.12.634591099\433457570" -childID 12 -isForBrowser -prefsHandle 7276 -prefMapHandle 7280 -prefsLen 25456 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {d09d29e3-f129-40a1-a5c6-04c2a750da8b} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.13.1238446947\1986844373" -childID 13 -isForBrowser -prefsHandle 7596 -prefMapHandle 7600 -prefsLen 25456 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {a81e18c1-dddd-4464-9bbb-c673599ca577} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.14.210930223\252176701" -childID 14 -isForBrowser -prefsHandle 6324 -prefMapHandle 6328 -prefsLen 25456 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {c9cde15b-1a05-4a89-80bd-87113046ca0a} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.15.799249151\31718092" -childID 15 -isForBrowser -prefsHandle 5808 -prefMapHandle 5812 -prefsLen 25456 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {ea19c506-bd1f-416f-9208-b71c77dfbe75} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3276.16.349568214\1333949734" -childID 16 -isForBrowser -prefsHandle 5512 -prefMapHandle 5516 -prefsLen 25456 -prefMapSize 245849 -jsInitHandle 1140 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {8f572999-8802-4e1c-b8f4-43565693e721} 3276 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI19282\geckodriver.exe --port 50056 --websocket-port 50057
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50057 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezYQlyl
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50057 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezYQlyl
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="5260.0.1708429970\863402017" -parentBuildID 20240416150000 -prefsHandle 1472 -prefMapHandle 1448 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {2a4a5927-b7e6-4e6d-9801-e4b1d51ce05d} 5260 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="5260.1.1882105443\133931020" -childID 1 -isForBrowser -prefsHandle 2468 -prefMapHandle 2464 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {2903633d-7f4f-40a5-8de7-3f9a842bebb9} 5260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="5260.2.565674590\989846442" -childID 2 -isForBrowser -prefsHandle 2956 -prefMapHandle 2952 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {5545eaa2-9955-4670-917e-5532ed2063f3} 5260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="5260.3.1811511470\221798172" -childID 3 -isForBrowser -prefsHandle 2960 -prefMapHandle 3076 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {515e5eb6-9bc9-45ec-baec-78b889c03af8} 5260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="5260.4.325496753\632353962" -childID 4 -isForBrowser -prefsHandle 3308 -prefMapHandle 3168 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {8b0c5dcb-0970-4982-8192-f881f707e712} 5260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="5260.5.2112681304\348287837" -childID 5 -isForBrowser -prefsHandle 3724 -prefMapHandle 3728 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {49edfab0-3a51-48ee-9ced-6f933d53aadf} 5260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe" -contentproc --channel="5260.6.1965251612\1290745356" -childID 6 -isForBrowser -prefsHandle 3988 -prefMapHandle 3984 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\browser" - {96778061-b64d-45b3-8440-894df663b057} 5260 tab
Network
| Country | Destination | Domain | Proto |
| GB | 88.80.184.11:8443 | tcp | |
| US | 8.8.8.8:53 | 11.184.80.88.in-addr.arpa | udp |
| DE | 185.220.101.33:10033 | tcp | |
| US | 8.8.8.8:53 | 33.101.220.185.in-addr.arpa | udp |
| CA | 198.100.153.7:9001 | tcp | |
| US | 209.127.119.162:443 | tcp | |
| US | 8.8.8.8:53 | 162.119.127.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.153.100.198.in-addr.arpa | udp |
| N/A | 127.0.0.1:50159 | tcp | |
| N/A | 127.0.0.1:50161 | tcp | |
| N/A | 127.0.0.1:50056 | tcp | |
| N/A | 127.0.0.1:50056 | tcp | |
| N/A | 127.0.0.1:50255 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50265 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50056 | tcp | |
| N/A | 127.0.0.1:50056 | tcp | |
| N/A | 127.0.0.1:50056 | tcp | |
| N/A | 127.0.0.1:50614 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50622 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 211.143.182.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| N/A | 127.0.0.1:50056 | tcp | |
| N/A | 127.0.0.1:50056 | tcp | |
| N/A | 127.0.0.1:50056 | tcp | |
| N/A | 127.0.0.1:50992 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51000 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50056 | tcp | |
| N/A | 127.0.0.1:50056 | tcp | |
| N/A | 127.0.0.1:50056 | tcp | |
| N/A | 127.0.0.1:51444 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51452 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI19282\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
\Users\Admin\AppData\Local\Temp\_MEI19282\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
\Users\Admin\AppData\Local\Temp\_MEI19282\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI19282\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmporzqlm31\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI19282\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyoDeEE\extensions.json
| MD5 | af4744c2f3db2c8676eb0d7c015763ad |
| SHA1 | 1ae9582819c2a0c4c806641b11cbb7bfff102ff0 |
| SHA256 | 8d16a04c37582fd392fc012e89c65f1ce2988577a7d8f5d280f8cc19fc8c057b |
| SHA512 | e980b7aed08ab017a8c9d451ba33358d17d3cb5fa7ec0824338fb2bb5e80cdd32fdba19a5cde2a4cd3f6b7c1f8115295480d52f9fdb433f0e0edddde72700ebf |
memory/4400-542-0x0000016DFC860000-0x0000016DFC870000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | a2715d35c0bfa4978f12e4bb78f71c94 |
| SHA1 | 9445aa859112b3e8133a0ca7e168e6f8d2d52546 |
| SHA256 | b2a7e69071debec508896146daa89311bcb35f675247b2bdb486a90003d86881 |
| SHA512 | 5eb952d051496e0d1e3d9e04638c87778bdbd16507e23f97054322e5e16f4e7147e0779cff0cf8d796e3fe9b2c5259776d8c1e0118583bf91ccb3add49ef2dbc |
memory/4400-584-0x0000016DF0EF0000-0x0000016DF1060000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyoDeEE\prefs-1.js
| MD5 | a52b9309d5fb514922efcd20496209f0 |
| SHA1 | 9f7181a55f85e7cc84cba2d23e6a3ddb269063d4 |
| SHA256 | c3cc295b22810a48f681a039a0cc10f89c8a9529728ba50abc48eeb941c78157 |
| SHA512 | 80982824519ef16a4479022dfe1f5282af3eb0a7eca30925635f9d4fc6fd9351a7cb5b98f2726ea2fde5e0861a1a639a27d6451e018e70e6bb4709e4a7573461 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyoDeEE\prefs-1.js
| MD5 | c2458e909ab3cac838fdb01dc3f41fe4 |
| SHA1 | b7e759528a773cf5e9956565f32b1375fd302238 |
| SHA256 | 933942804558a572d9c89d984fc40b242cc718e683290f5e5fac35d4c4f473cc |
| SHA512 | 5d8e710bc06078e397257df00f46c43c9d1e2c635efef31e2f1fd164dd362ebdd3da540640896f187d3413596de54c1da4e6dcd3d6e6a40fd9e470b64771b416 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J\prefs-1.js
| MD5 | 115ea4f8ef83678fde7b416b152ada02 |
| SHA1 | 554c455d84908e6bb1569682fe269cdd31c5e6dd |
| SHA256 | 7c91ca988278276fed99fc30b2b9d7914ebb75b658da82a04cb8c02c5150fd04 |
| SHA512 | 4545c4f67ff8a03a1180ae4906e36bec929dedef31803e070bb8adb7418e78c39afd99132e5d5e8cea809fee865f92b762467b9947ef80d161183cfa6b4b317f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/2876-840-0x0000027AC7D30000-0x0000027AC7D40000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J\startupCache\webext.sc.lz4
| MD5 | 90bfc874970acbac1cc23a8cb0eb512f |
| SHA1 | ad18c3de80004ffe7589640853c89ea2584e3d5c |
| SHA256 | 66f1f56986b436255ce7e7cd7626e5f9febebd26194db7881d9dde620f59c6e0 |
| SHA512 | 8c68f059cedf3a3b5d72392671155cb1f2db2a13b5f300d6e4cd13f3e10ede963bbdff8e6e9732ddcca6fb5766f5b30e6da5610f0922b393185233e6f9a384f4 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J\prefs-1.js
| MD5 | 48a58657ae079eb52e7162245c293901 |
| SHA1 | 6dfbe1876122db37274d0849ca07d07943d608ae |
| SHA256 | 30b6a0b74763335ccd158d4abc28d8adcacd4a9d639ea451fc6204bfdbdd4ad0 |
| SHA512 | c14dd339c09e491d63c682ccdb12bf16a1b168bf4456a77ed134874bbc9d5cb930dde0672d29dc5c2f9ddbaecb9dd2175a0c1ec6a2f5bcb8df4e15025cf51f34 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZAVH1J\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
memory/3276-1137-0x00000287DEEE0000-0x00000287DEEF0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenqApOK\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenqApOK\prefs-1.js
| MD5 | 1933ea032ad5e41e1d0129649afff43f |
| SHA1 | 914597821ba2c70c7183178017e4c39dea167098 |
| SHA256 | 1ea463a849f0fd81340e57be694e26ba31f054ecf04fb3aa0d4f47c1bafb39f6 |
| SHA512 | 8cc991691ea47935f484ab64ce99cb02f1f6af04f13ad90b09a45967b30e0ad451535b4a87e0fe48c77b265c409aa4d0b0dbfd33e552d6489caf58467a0b762d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenqApOK\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenqApOK\prefs-1.js
| MD5 | 497e416342ec3d04e0f781984d58737f |
| SHA1 | 71965e279f25e13f789844ae47cef1041f3811ae |
| SHA256 | 9165c749aaaa7a3e5e623a7211ef3130abe2f8b1dcef4ec1b067cbd082c88c09 |
| SHA512 | 255117790b11d415689ff38f5da5a800fd8a96113bd73f818b2b20e3d7260d628224b04275060cfe334b2bc117624c896a64403f724e0e708b38727f4b452801 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenqApOK\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezYQlyl\user.js
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/5260-1477-0x000002952E030000-0x000002952E040000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezYQlyl\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 7b6095fde32487002fdb1cf4d204ac89 |
| SHA1 | 1a99e1ea4167a0d198c36c18cec56159d2049a3f |
| SHA256 | 54ad8767f74abb3066c90746c5394ffdb37f8b8bd441a8d425e739256f3023ab |
| SHA512 | d939392c5653e1e42db4e5bd591345cedf88f1deb42f0e251ec2ef2ec37539ee120b4493976936d6f5658047aa44ee32b1e1c5d13f6cf0879f1e882d573d3e4d |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-09 00:47
Reported
2024-05-09 00:57
Platform
win7-20240221-en
Max time kernel
300s
Max time network
306s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI17122\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17122\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileoYvFuA
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileoYvFuA
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2872.0.2063357600\2147441933" -parentBuildID 20240416150000 -prefsHandle 1208 -prefMapHandle 1200 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {95d8af59-9981-424b-bbc2-5aa80e312af7} 2872 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2872.1.140257970\233963618" -childID 1 -isForBrowser -prefsHandle 2516 -prefMapHandle 2580 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {e93c376d-df55-4f4e-9851-378c86d1275d} 2872 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2872.2.1336060333\367148447" -childID 2 -isForBrowser -prefsHandle 1816 -prefMapHandle 2004 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {0865b421-427c-4ed4-8fff-65641cc54ac7} 2872 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2872.3.457800032\1782919664" -childID 3 -isForBrowser -prefsHandle 2632 -prefMapHandle 2292 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {7966f380-d075-4e44-9ffb-c10075b6abdb} 2872 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2872.4.1780081969\1293128038" -childID 4 -isForBrowser -prefsHandle 1080 -prefMapHandle 1064 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {20ba0aad-2d6a-4ffc-9c3e-c2fb8930f48b} 2872 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2872.5.1641821494\682629000" -childID 5 -isForBrowser -prefsHandle 2920 -prefMapHandle 2924 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {14042059-2406-4abd-ba46-dc9aedd3db64} 2872 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2872.6.2017455576\1414825650" -childID 6 -isForBrowser -prefsHandle 3080 -prefMapHandle 3084 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {1fbd04ab-14b2-422b-8f14-c7b0207d179f} 2872 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2872.7.889923980\534666437" -childID 7 -isForBrowser -prefsHandle 3340 -prefMapHandle 3120 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {e3cdaf55-4495-4c04-a68c-4df4efac3303} 2872 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17122\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2512.0.1433212136\442947721" -parentBuildID 20240416150000 -prefsHandle 1256 -prefMapHandle 1248 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {08899edc-279c-486c-bc29-b97160d9bd87} 2512 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2512.1.1154335990\1424270787" -childID 1 -isForBrowser -prefsHandle 2008 -prefMapHandle 2028 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 596 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {33c4ace7-ff00-472f-8146-1deacd8620d2} 2512 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2512.2.1662192787\445167601" -childID 2 -isForBrowser -prefsHandle 2268 -prefMapHandle 2272 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 596 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {afa818d3-baf0-4391-953b-b49cbccb5bcc} 2512 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2512.3.912710524\312353734" -childID 3 -isForBrowser -prefsHandle 2780 -prefMapHandle 2656 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 596 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {ab402acc-dfad-407d-a8c8-335cdc1fc7fc} 2512 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2512.4.828851380\1448596123" -childID 4 -isForBrowser -prefsHandle 1136 -prefMapHandle 1132 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 596 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {609f8250-ad82-482b-9365-5f45f20bf7f8} 2512 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2512.5.1903175139\713952432" -childID 5 -isForBrowser -prefsHandle 2976 -prefMapHandle 2980 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 596 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {6940ad43-7193-41c1-98fc-0e8ea8f67ccc} 2512 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2512.6.98801404\1288263191" -childID 6 -isForBrowser -prefsHandle 3128 -prefMapHandle 3132 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 596 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {0df1b2c8-6a00-4078-8a8f-764c04fc2db0} 2512 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2512.7.976113731\1422804388" -childID 7 -isForBrowser -prefsHandle 2708 -prefMapHandle 2728 -prefsLen 25412 -prefMapSize 245849 -jsInitHandle 596 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {07a4c74b-8a1b-4f78-8eae-5d7b8c856d47} 2512 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2512.8.2137055235\308005033" -childID 8 -isForBrowser -prefsHandle 3620 -prefMapHandle 3640 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 596 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {4e9c7b8f-eb7f-4ae9-a07d-df8ffeaa5997} 2512 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="2512.9.1002732957\1933281843" -parentBuildID 20240416150000 -prefsHandle 2632 -prefMapHandle 2640 -prefsLen 27764 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {29b9beea-b082-481f-9173-35817fca82de} 2512 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI17122\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17122\geckodriver.exe --port 49467 --websocket-port 49468
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6NDDVX
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49468 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6NDDVX
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.0.1301591945\1249809403" -parentBuildID 20240416150000 -prefsHandle 1208 -prefMapHandle 1200 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {49789029-c290-4e6d-8c7d-e1234d84d060} 1660 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.1.2096764902\1013005817" -childID 1 -isForBrowser -prefsHandle 2084 -prefMapHandle 2080 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {2492b509-8da0-4b7f-8ad8-16debc8fda26} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.2.1262652817\370690488" -childID 2 -isForBrowser -prefsHandle 1112 -prefMapHandle 2156 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {e22b5250-5d87-4ddb-8f89-7919392390db} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.3.782514304\1821142994" -childID 3 -isForBrowser -prefsHandle 2352 -prefMapHandle 2292 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {a7cf8a4e-4521-44b6-a9ec-526c63357094} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.4.1294038113\1639700333" -childID 4 -isForBrowser -prefsHandle 2728 -prefMapHandle 2780 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {5f480e61-9f49-46d1-801e-1198c47b92cd} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.5.1467952037\307356614" -childID 5 -isForBrowser -prefsHandle 2912 -prefMapHandle 2916 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {97f4ff73-4ea1-49ef-819a-c7616044e345} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.6.1934989231\1725031652" -childID 6 -isForBrowser -prefsHandle 3068 -prefMapHandle 3076 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {4effb999-9c6f-4ec4-9ee4-f72666f59b6f} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.7.1505580213\888169756" -childID 7 -isForBrowser -prefsHandle 3336 -prefMapHandle 3384 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {3cf92097-d1d8-4a30-8a02-54873b6b497f} 1660 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.8.695858515\641727280" -parentBuildID 20240416150000 -prefsHandle 3388 -prefMapHandle 1736 -prefsLen 27407 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {3ba12f57-3bd5-4c63-988e-d275a50bdf26} 1660 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.9.1749145515\1609170743" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 2096 -prefMapHandle 3460 -prefsLen 27407 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {bb8fb2ab-e4f6-4e7c-86f9-5d3d54fe6728} 1660 utility
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\firefox.exe" -contentproc --channel="1660.10.885368900\2012300070" -childID 8 -isForBrowser -prefsHandle 3876 -prefMapHandle 3808 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\browser" - {74106eb7-10ce-4333-a3dc-9a0f5040ff1d} 1660 tab
Network
| Country | Destination | Domain | Proto |
| US | 108.181.132.237:443 | tcp | |
| N/A | 127.0.0.1:49568 | tcp | |
| N/A | 127.0.0.1:49576 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| DE | 213.202.216.179:6969 | tcp | |
| FR | 94.23.121.150:8080 | tcp | |
| N/A | 127.0.0.1:49664 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49699 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:50230 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50265 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| DE | 213.202.216.179:6969 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| DE | 213.202.216.179:6969 | tcp | |
| DE | 213.202.216.179:6969 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:49467 | tcp | |
| N/A | 127.0.0.1:50857 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50892 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI17122\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
\Users\Admin\AppData\Local\Temp\_MEI17122\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
\Users\Admin\AppData\Local\Temp\_MEI17122\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpaxxbs4x5\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI17122\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileoYvFuA\extensions.json
| MD5 | bb5c36bcfe5141b75150cf6006c797b9 |
| SHA1 | c91b087ec1dc119db3d5fbed1a7474242b74ec5f |
| SHA256 | 5711585804f257c295799fd877bf59f83ce4ae4bf72001d0c2dd5d6c30378337 |
| SHA512 | 4d6e0692c7f1ef38a2161fcee2340ffa6e6c3a1ff4be7d542eb3e525d8e7280982e79af89542d0c1f2beba0b9b77ca93d11e79459640732556d9caad5c84238c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileoYvFuA\prefs.js
| MD5 | ba578ff3ed2aff50cbc13868e1810aac |
| SHA1 | de533af4496d96eb2ef4240df924752c6297e9ff |
| SHA256 | ef2b432c895594e1962056ef14c242b2e999b64db4639aefba695c4d55fa9f59 |
| SHA512 | 06335f6b0d0c038ba9766260b3c9cc1a8a76ae5873c370402996071ab26bc9466b7141a3ab7b42d8799bcbdc20071c41e184b6038c1b409edec65bb3e94f86fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileoYvFuA\prefs.js
| MD5 | 80a5045b3a9e2a4c2323fd08dccd03fd |
| SHA1 | ac1a57a43463be4495cae6ae3984f3d47d7fff73 |
| SHA256 | d51fd8e547e64dbbc8c134205a3a6fe5a146a6f2e9836933f45303a5d8823932 |
| SHA512 | 193b5a9d8276d581eecee4a0984a799b0f8db144c5df83f2a0bdee621978b821585ca0a77a51b3ab00e9aed3881005eaacd476b897ae0bf6d565baa1566c7d25 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileoYvFuA\prefs-1.js
| MD5 | 912fc7f8d72f0051af4a58b72d0e2eb0 |
| SHA1 | 60c11b38c75efb2a954d90d326083f9add5dd5f0 |
| SHA256 | dd9ff9f6169cd7229c8ee0f5e9e9d0deb119d2c0056ff4e923d7785f9f3c63ef |
| SHA512 | bd4031d3df3128b58ef1fdc08072216b5c36be455843b051f2b2893223a388685291feb3c07d9e74da9a180d03a52f7a624351d47a2b00d4ada4aa6fc9c5c79f |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 192eb49974dec10e1dd258173d129df2 |
| SHA1 | 28902e575687bbeaf599afa71f2d50c8e3a19169 |
| SHA256 | 52cfebaebff750dc72099b4901c2894cde16df3dfbf8f82897fba8909183115c |
| SHA512 | b509bc3df004154b77e157f7e092677d18066cb1edf4ddf394831f1e9f2fb421004d8010b5c5ef4e2e135d77d189b9afbe3d5273c15c69b59c0864d9e0ea3764 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm\prefs.js
| MD5 | b332d40cb6a816f4c23504eab6beb1ca |
| SHA1 | 86b2708e3d0c20ce8d7d6bc7229d41746a02b46a |
| SHA256 | 5389b95d60e1c2863c53594d9c246b7880d82bf6c3d6e39230413b5bce1fe82f |
| SHA512 | 85acfbe6fc60900b403f6f119f8c75410758a3f370b70c8a13c32492a52a54a00edc39c7640dce84e43bf4e24308c63498574fa31d367731e7dcc8e04f4db66d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm\startupCache\webext.sc.lz4
| MD5 | bcc2d4411abc33503995489a3f996dd3 |
| SHA1 | 29b3acd79e5e76ef7257a7f0884437494070c4a4 |
| SHA256 | 44f133b46f7007b841191375c1cd2121b800f59728dd11909522944f86a39177 |
| SHA512 | 89d64b9e9b9830bd73ef85675255d25fbf7fb516b92d76f8e6ff492e93989bade7f183e1bb067f64d60a36218211a9ae11c474e06fda252f9b519a8b56fcf661 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm\prefs.js
| MD5 | 8501d9dcc3733d51923e70df1c1f523b |
| SHA1 | bc0ba3a131e73a601323dda178cdf8f469866c35 |
| SHA256 | 3ec70491bf7190c6a64888d07be21e61db7f57c2200dbd558f82fba6a6dbfc87 |
| SHA512 | d5c395e182604d091b26001eb8793ada30f7ea27ef732648060593b3198d320c2c9c8af072c82baacfb8d8b748d85e529654203c53fc209e540a145418cef9e3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm\prefs-1.js
| MD5 | ebb2c30420f071b0bafee56d7a488016 |
| SHA1 | e06ed8bdadca5b2fa8ab10ae3dec7984358bed75 |
| SHA256 | d461a917571f2eff53319934e9678caaa8eadf57a63b411e133d369689fa4d36 |
| SHA512 | 5a150d628c0e76be224451a0a49d834e1974a3797f77e57ea88ade632b14e931581bb97aaf5fb7515db7b4c87f51bddfa86310b642d5117cb93082f6795a1837 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm\sessionCheckpoints.json.tmp
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSfLsbm\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6NDDVX\user.js
| MD5 | c12c9f2051ec5c382b2a9dd030d2d188 |
| SHA1 | 242b06ad1e61ec39c133b3d01daac00c8347df59 |
| SHA256 | cc20e30fe3e536df77dde49d370eea21da567da71a78ee041d0901966960ab6d |
| SHA512 | adf5f6967126defd34780dc2c5c98dc1fdff2d6ef3e218d98acd79873ebe7c0c8077ff1e984ebcc8a16f172e03cb684f9ebdf1c7e7b833f75f536525c7d413da |
memory/1660-1764-0x000000000BE50000-0x000000000BE60000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6NDDVX\prefs.js
| MD5 | d5d3600ea7fd1749a11c897dc67ff437 |
| SHA1 | 7348b1a99371680122f367eeb20f6c20e8ac1e8d |
| SHA256 | 9eac8cbae0e9e1024d97a9ca8fe68b672b4a4b2bcc270eef99eec2e493e94358 |
| SHA512 | 0de7ccc66122b1d492d9bba35c5ebdb748c3687255cf83d7606c4f8c176b2c0f0d5b1197e10ed267947067ab2d4f2eb0b212df992cb089bbe5778fcfeb30d667 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6NDDVX\prefs-1.js
| MD5 | 21dc586a2f552d0f7f861bc4b3cedc54 |
| SHA1 | 0a8dca7b06f16be02ca36bc56b2efe3ca96a9319 |
| SHA256 | 70a0644cf62d2c7b42ed0bfd91c9b68cda0bf22e82d68e17dea13208888d175f |
| SHA512 | 8681b33e610a56e10a225eaf2b9ae9b8a4bd2bfd656a39c0dd1849a9445af6e46e539a7b6c6f37e4f0b0c798f3a3406167f0f2b0b98ed1d4d72301e683c8c496 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6NDDVX\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
memory/1660-1901-0x000000000BDF0000-0x000000000BE00000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile6NDDVX\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-09 00:47
Reported
2024-05-09 00:58
Platform
win10v2004-20240508-en
Max time kernel
301s
Max time network
307s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI12162\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI12162\geckodriver.exe --port 51514 --websocket-port 51515
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 51515 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejCnAJq
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 51515 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejCnAJq
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="548.0.1293124701\1867283436" -parentBuildID 20240416150000 -prefsHandle 1648 -prefMapHandle 1628 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {b88f583e-36a2-437a-ab03-89a92c0bf5f5} 548 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="548.1.1449752884\1767877881" -childID 1 -isForBrowser -prefsHandle 2716 -prefMapHandle 2620 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {04250ce5-b2da-407c-ae51-4d2d427a5198} 548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="548.2.2079697494\2084213796" -childID 2 -isForBrowser -prefsHandle 3300 -prefMapHandle 3304 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {7bfb0147-2115-4efc-81c4-a1fe6e3ce3d1} 548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="548.3.187553887\1711353921" -childID 3 -isForBrowser -prefsHandle 3360 -prefMapHandle 3348 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {f26c4ad0-93b2-48a2-aa83-28d7ebbb57c7} 548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="548.4.456964917\1848988556" -childID 4 -isForBrowser -prefsHandle 3360 -prefMapHandle 3348 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {aa14cda6-ac73-489a-96cc-bdfa69cffa31} 548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="548.5.518635185\1717986674" -childID 5 -isForBrowser -prefsHandle 3884 -prefMapHandle 3888 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {537d587c-970a-4d24-ac6b-c58318736094} 548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="548.6.732465448\169850996" -childID 6 -isForBrowser -prefsHandle 4140 -prefMapHandle 4136 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {917f7155-ddb1-478c-be8f-b45fe0e15921} 548 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI12162\geckodriver.exe --port 51514 --websocket-port 51515
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 51515 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 51515 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.0.1366163253\2107556665" -parentBuildID 20240416150000 -prefsHandle 1656 -prefMapHandle 1648 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {f254740b-6ccd-47d0-a571-6369109cd2f0} 3688 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.1.503364881\1292736437" -childID 1 -isForBrowser -prefsHandle 2468 -prefMapHandle 2336 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {5ddb8def-e366-4688-be3f-c8273cae46be} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.2.27044337\480004267" -childID 2 -isForBrowser -prefsHandle 3228 -prefMapHandle 3224 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {cf11be24-39d2-4671-a865-a7132918b354} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.3.1030780544\1333731880" -childID 3 -isForBrowser -prefsHandle 3368 -prefMapHandle 3360 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {04bd2780-cf81-43a1-9f60-3814b5ddb010} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.4.433994083\1461115143" -childID 4 -isForBrowser -prefsHandle 3812 -prefMapHandle 3808 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {c3bee3bf-a588-4d94-898e-9d9b309c48b6} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.5.1739358677\396794999" -childID 5 -isForBrowser -prefsHandle 4036 -prefMapHandle 4032 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {b8433763-2067-4ec1-9364-bec5ef15dd3c} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.6.848741518\1979789103" -childID 6 -isForBrowser -prefsHandle 3852 -prefMapHandle 3844 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {0e79e4af-9382-477b-958d-a5812881e8a7} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3688.7.221687631\1669565723" -childID 7 -isForBrowser -prefsHandle 4508 -prefMapHandle 4424 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {5f05870e-5daa-4259-b1ac-3b1191174975} 3688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI12162\geckodriver.exe --port 51514 --websocket-port 51515
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 51515 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekBGAoh
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 51515 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekBGAoh
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1088.0.1431463122\1287577281" -parentBuildID 20240416150000 -prefsHandle 1648 -prefMapHandle 1628 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {a44e3639-00cc-457b-becf-f12c6c99c8e6} 1088 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1088.1.1939350078\745031192" -childID 1 -isForBrowser -prefsHandle 2528 -prefMapHandle 2524 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {f0153364-b8d0-471b-ae78-b225b55fd56b} 1088 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1088.2.1144744619\1468049935" -childID 2 -isForBrowser -prefsHandle 3192 -prefMapHandle 3188 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {8ff245b3-bf35-484d-9b9b-43c484a13825} 1088 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1088.3.484196208\1944141013" -childID 3 -isForBrowser -prefsHandle 3388 -prefMapHandle 2588 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {974f2e91-5304-4327-92a1-58cbcf06ab3b} 1088 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1088.4.1592353205\1752433701" -childID 4 -isForBrowser -prefsHandle 3860 -prefMapHandle 3856 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {b7e68a96-55ac-4c5a-aaa7-3acc443002aa} 1088 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1088.5.440290459\845415905" -childID 5 -isForBrowser -prefsHandle 4004 -prefMapHandle 4008 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {123d4aea-03c4-4177-9ae5-9d81f8938a3f} 1088 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1088.6.940644914\353779198" -childID 6 -isForBrowser -prefsHandle 4272 -prefMapHandle 4268 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {f0ab24ce-2925-420a-9eff-d52d6b11a5ab} 1088 tab
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1088.7.1782780611\248887128" -childID 7 -isForBrowser -prefsHandle 4524 -prefMapHandle 2408 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\browser" - {fbc86e28-9c3e-40ab-a59f-0afafc65a566} 1088 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| CA | 159.2.191.175:59001 | tcp | |
| DE | 144.91.66.153:9001 | tcp | |
| N/A | 127.0.0.1:51521 | tcp | |
| N/A | 127.0.0.1:51523 | tcp | |
| N/A | 127.0.0.1:51514 | tcp | |
| US | 8.8.8.8:53 | 153.66.91.144.in-addr.arpa | udp |
| DE | 162.55.84.59:9001 | tcp | |
| DE | 188.40.255.116:65001 | tcp | |
| US | 8.8.8.8:53 | 116.255.40.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.84.55.162.in-addr.arpa | udp |
| N/A | 127.0.0.1:51514 | tcp | |
| N/A | 127.0.0.1:51725 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51733 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:51514 | tcp | |
| N/A | 127.0.0.1:51514 | tcp | |
| N/A | 127.0.0.1:51514 | tcp | |
| N/A | 127.0.0.1:52095 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52103 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:51514 | tcp | |
| N/A | 127.0.0.1:51514 | tcp | |
| N/A | 127.0.0.1:51514 | tcp | |
| N/A | 127.0.0.1:52522 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52530 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI12162\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\tmpyb0z65ie\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\_MEI12162\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/3180-490-0x00007FF912FA0000-0x00007FF912FA1000-memory.dmp
memory/3180-491-0x00007FF911AD0000-0x00007FF911AD1000-memory.dmp
memory/5044-518-0x000001FE8C230000-0x000001FE8C29B000-memory.dmp
memory/548-539-0x0000013124AF0000-0x0000013124B00000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejCnAJq\extensions.json
| MD5 | fd6fc291d8a68f1b909058303cfa6705 |
| SHA1 | d77da792ad57e10ef38787b228edd4b57d506968 |
| SHA256 | 7d42b0ef9ae5d6c0c9251fd73bb0ea37812d4cd2476a16c02401235260753a30 |
| SHA512 | e311656d034152e35d3b5971250bd2a4c9a7151623a9cf951469f3f6727f14e364c1f268c8ab0f7cdaa46ddf5535c0e345f7961f88ce353c795250b588ee9f55 |
memory/3180-591-0x0000022764320000-0x000002276438B000-memory.dmp
memory/2220-599-0x000001EEF23E0000-0x000001EEF244B000-memory.dmp
memory/3388-600-0x00000231CFB10000-0x00000231CFB7B000-memory.dmp
memory/3236-601-0x000002B44C870000-0x000002B44C8DB000-memory.dmp
memory/1100-598-0x00000177E3120000-0x00000177E318B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejCnAJq\prefs-1.js
| MD5 | 64a3725a132e0aa47bbfedfc14a25bb4 |
| SHA1 | 90c33dfa45c07890f500f232e3bb4b2e0b10f8cf |
| SHA256 | 21592dc7563a14a276bd9ce28baf2189cc375076f77ba10adc71ca8b2cddbf07 |
| SHA512 | a2c6910e5634ce544d669e2519de2c9410279c22de7f55f209ef7096d0bc058ae81cf11a43c36d4f9c96ac34345d1ac80b330e0c66c90fca9232671c0f712f75 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejCnAJq\prefs-1.js
| MD5 | b528b995118799b5b73ad44523629213 |
| SHA1 | cfb3c748e949e3121b0ef2451ab110b986c3191b |
| SHA256 | a1c6b73508cbd652027164488665aded9d339108bf7ab949967b7f2bca054bf2 |
| SHA512 | 488d3ba6db7bbb2df8aad97471413e34bd7487fcf9edbe8c5f34458c8e6d1ce805d4e4370c28555aae8bc43247ef78951902108d4801e6aa2b028d22e2ba95da |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 6bee1b5211a93db12cc00b597df06b7e |
| SHA1 | 05ae3b691628ca05905a58c699040bf17cf738b9 |
| SHA256 | e411919dac14523a997602559c700198ae7623fe5c761e5d887090c5f45628cf |
| SHA512 | b0cc8027c42d8f1af4959df50e93f09a6f4b1ba4789163bf0f30c5f13d60c03fd24d0d98341fd91bb0caad8ffded66922255e02b1d6e940ced0aba5932dc2259 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\prefs-1.js
| MD5 | 9790797292f3cad222f027c72031a017 |
| SHA1 | 1aae821ad53431918fda7b1ef9e088db5416b881 |
| SHA256 | f9370af041339120d9b129533f883d2ed707f9e455c12e29d0259fb2a4be9ff2 |
| SHA512 | edb7716010c428ad491fbe5c38fd502eb2af97eb39847529618b9df97d78f481652a405f0a985c9575becafbda94f58c9925acd107939f7eae4b61406dfc5c86 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\startupCache\webext.sc.lz4
| MD5 | 76da77333d79d4837a81c73608444a19 |
| SHA1 | 4652bc2413ed77a5383f92d5cbd23f1585e78f8c |
| SHA256 | fd8ba8ed9c520fc3df5f5f32f9bd2864951e70f4593c5182733b5e8672d3d6eb |
| SHA512 | 44f43d0b2d5eed127fd5a2c8aa1ffa7d90c03bb3566c49d663f9c57372bfab0e337211495340d73c406ce28cec7992d66d33ea05da5501ebbf9d3b39209d1602 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\prefs.js
| MD5 | 9be356cf05e8c5bd4582c7133ddaa540 |
| SHA1 | d17a2a3413648d14c64f47aeecefa87ead363bdc |
| SHA256 | 24bb3a4feafa306a9be4c5fdb21005a8890c26b754b9c40c1184a68b5138c8ab |
| SHA512 | f496cb743cb31b49b2a2bade2cc76322b8b571e815bf34e29a3f18319f8f4dd526fbe711fda815317e806a00fd60fd95dda5786e8a14bcb36ea1b1e810d90df2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\prefs-1.js
| MD5 | 5b16ea685dde997ad17a6fe33612c32b |
| SHA1 | d7147b5ec7c96bba5a012b245d2039bca95ead50 |
| SHA256 | 7cf3a9e554f20448abf0e5665104e8bfbab937db597369f8fc3fc71bbc60133c |
| SHA512 | 682bfd49e153316eb6639bba1f54fedb120a98d0d5a4ec46ebd880985eb86c3712c93960a1296bc3db09c4d3841cb9157917ffe13d58fb3bebc824fce0fdb097 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQMgfu8\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekBGAoh\user.js
| MD5 | 26450da1c42891781e35551760103efc |
| SHA1 | 78713b80975c7a46bb023e039e3b092483f29f7e |
| SHA256 | 6559af956874d698a3a21dcecdbfef89eb1606ee7302b0f9bbca841773b34037 |
| SHA512 | a3852849bf8fb7dd1c4fea4f66fe00a6aeee053d9ca3aa0e2a4a1adfe259cc64178068e23dd7e0645eb5bb41e1baa5b7fc5246f71e0696923391157169fa88b2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekBGAoh\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekBGAoh\prefs.js
| MD5 | 42d3cebd026f9cc754c20debbf39e613 |
| SHA1 | 3c49b607d6c18860e144747845f63ed98d4f9e61 |
| SHA256 | c742e293ac9a6009cdfbdcf4c6596dd99b4f26abcbf296cc656e6629bc8fe975 |
| SHA512 | ac81317bddbd983fdef100a5cc44ed4cb808143a0d9090d6696428077a62a98829e8f5a550bed82b2894537845b69d00f7e425849c2b5f574f0815d07faaa3d7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekBGAoh\prefs-1.js
| MD5 | 4ff8139667ac7ad6cd0e90035197593c |
| SHA1 | 211216769ec196205a343ec5547d2b993c029634 |
| SHA256 | 6f42ec9c50ca79f8538b0fc703263851b71766611cced0df617c790a78a1b2c3 |
| SHA512 | 676c84d2233ded7295e7e268d1446831bc07a14371f4e1bf0f44c586d4458516f388a635977a86c349ee2b57860db18050c1445f915d733ee9957e05fad54993 |
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-09 00:47
Reported
2024-05-09 00:58
Platform
win11-20240426-en
Max time kernel
300s
Max time network
310s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2994005945-4089876968-1367784197-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2994005945-4089876968-1367784197-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2994005945-4089876968-1367784197-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI35922\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI35922\geckodriver.exe --port 50003 --websocket-port 50004
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiNoKGe
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiNoKGe
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4112.0.1269542094\602244815" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {f0f2f7f6-ab15-48f0-bb46-7520ad407e14} 4112 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4112.1.868584559\100611450" -childID 1 -isForBrowser -prefsHandle 2612 -prefMapHandle 2656 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {b665ae4f-84a8-4d7f-8993-b863f1a5888d} 4112 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4112.2.1659452940\1782257436" -childID 2 -isForBrowser -prefsHandle 3080 -prefMapHandle 3076 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {9dc1fbee-991f-446a-92c9-61e52105b5f1} 4112 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4112.3.507828883\1807492826" -childID 3 -isForBrowser -prefsHandle 2972 -prefMapHandle 3484 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {8aacc248-16da-4109-9551-14db48c06fd0} 4112 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4112.4.1333773892\1660147551" -childID 4 -isForBrowser -prefsHandle 3908 -prefMapHandle 3904 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {96e1a4a4-b8fd-41f0-9c94-2521fa24007d} 4112 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4112.5.993189854\789856407" -childID 5 -isForBrowser -prefsHandle 4024 -prefMapHandle 4028 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {1fc1b0e1-01bc-4297-83c2-40bf25b6e1c2} 4112 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4112.6.1678753044\1131364798" -childID 6 -isForBrowser -prefsHandle 4220 -prefMapHandle 4224 -prefsLen 25287 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {bda6321e-bf12-4114-b6b8-5eb8371a3b17} 4112 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI35922\geckodriver.exe --port 50003 --websocket-port 50004
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4816.0.1011192593\733942952" -parentBuildID 20240416150000 -prefsHandle 1732 -prefMapHandle 1712 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {24235bb3-ac2e-4c1d-92a7-ce6657a079ed} 4816 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4816.1.1741566859\1689473453" -childID 1 -isForBrowser -prefsHandle 2492 -prefMapHandle 2460 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {b1abcf7b-9a97-4f95-8b54-6e97b8f8aff7} 4816 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4816.2.1082868830\1702294036" -childID 2 -isForBrowser -prefsHandle 3096 -prefMapHandle 3092 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {dc140248-3278-4f06-8f18-81b070551735} 4816 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4816.3.518587692\888674164" -childID 3 -isForBrowser -prefsHandle 3692 -prefMapHandle 3460 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {2a7d2c84-ce4a-4e5b-a3c7-bfeb6f3b2dea} 4816 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4816.4.711456350\1825670718" -childID 4 -isForBrowser -prefsHandle 1808 -prefMapHandle 1464 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {89d47ec1-dad8-40e0-9692-803db93a16b7} 4816 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4816.5.1142893279\756224939" -childID 5 -isForBrowser -prefsHandle 3968 -prefMapHandle 3964 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {cb6643d9-13a1-4e85-bc47-56d8f1a8759d} 4816 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="4816.6.1223562917\327630848" -childID 6 -isForBrowser -prefsHandle 3880 -prefMapHandle 3876 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1308 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {b166d60c-43d0-4d18-a8f2-addcdff1c0e3} 4816 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI35922\geckodriver.exe --port 50003 --websocket-port 50004
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejt5Qyg
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50004 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejt5Qyg
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="2148.0.1790378987\1980036166" -parentBuildID 20240416150000 -prefsHandle 1708 -prefMapHandle 1688 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {a712d859-eb4e-4803-b990-ff2d52eb2737} 2148 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="2148.1.1668408119\603731423" -childID 1 -isForBrowser -prefsHandle 2788 -prefMapHandle 2956 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {31565502-42e3-4d15-b053-163385ad3759} 2148 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="2148.2.1386892840\1537269117" -childID 2 -isForBrowser -prefsHandle 3088 -prefMapHandle 3084 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {d3bf6728-585e-4141-a809-44cc30bcb84e} 2148 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="2148.3.528015485\509298101" -childID 3 -isForBrowser -prefsHandle 3556 -prefMapHandle 3560 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {b20ab8b5-c95c-4545-846f-439377e3d3a7} 2148 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="2148.4.798657760\547814118" -childID 4 -isForBrowser -prefsHandle 3780 -prefMapHandle 3776 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {a9292eb7-2fb3-4fba-9006-f34cc6692e72} 2148 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="2148.5.588511663\382071747" -childID 5 -isForBrowser -prefsHandle 3916 -prefMapHandle 3920 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {70781a2c-2a73-40f7-9bf8-7e7cf3c67868} 2148 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe" -contentproc --channel="2148.6.21450164\127780524" -childID 6 -isForBrowser -prefsHandle 4112 -prefMapHandle 4116 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\browser" - {3d5bcf57-8046-47b2-bf5d-81385af5b6aa} 2148 tab
C:\Users\Admin\AppData\Local\Temp\_MEI35922\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI35922\geckodriver.exe --port 50003 --websocket-port 50004
Network
| Country | Destination | Domain | Proto |
| DE | 88.99.145.25:9993 | tcp | |
| US | 8.8.8.8:53 | 25.145.99.88.in-addr.arpa | udp |
| DE | 85.215.42.225:9001 | tcp | |
| US | 23.137.253.26:2087 | tcp | |
| US | 8.8.8.8:53 | 225.42.215.85.in-addr.arpa | udp |
| N/A | 127.0.0.1:50107 | tcp | |
| N/A | 127.0.0.1:50109 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50202 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50210 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 52.111.229.43:443 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50529 | tcp | |
| N/A | 127.0.0.1:50537 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50839 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50847 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50003 | tcp | |
| N/A | 127.0.0.1:50003 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI35922\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpuncm1w1w\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI35922\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/4980-488-0x00007FFF446C0000-0x00007FFF446C1000-memory.dmp
memory/4980-487-0x00007FFF451A0000-0x00007FFF451A1000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiNoKGe\extensions.json
| MD5 | df89a5c35ba966b6ca8ee60c21edbdf8 |
| SHA1 | 423d926a564f62917f3448e41db5168a2b9c3b26 |
| SHA256 | f72c2bcf6ba79eac0b553688b91b348bd35ce87f3935fa7a9d9774785a674754 |
| SHA512 | 585555b4212a3ffa1bfabad5bde523db61e82f4a0358a7bf7d761dad39b1d92c37d5350acc50cd7dea7c6720693a6afd6e03f127ea3f8735746f0bfe61eae5f3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiNoKGe\prefs-1.js
| MD5 | 1bf60bfb15196132e3d9fcc691ad86d1 |
| SHA1 | d035508ba6174b2451f74eef44b0a9454cfb1b23 |
| SHA256 | b843abdffe2d67617af8b24142521d993fcc2ca6d2111d12e04399a03e882793 |
| SHA512 | e16776577a9dd2e1f41550e79f885f7cd3226ce32ffa12db96ced74c21cbdc6dcd72c00397af3443c0e79c708640b18675ae79b536bd257ec5c0fa0a42d3e2ad |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 00957fb34ef09c6360c8a181506f5fbc |
| SHA1 | 35981c56f01047cc506a91a088df2b9f38aaf883 |
| SHA256 | 6d6e175c81c8dedcd01888996aca7d25cc6a05d611470dc709f0609d6376ea32 |
| SHA512 | a04dd88e4e3eb4e9813dc6debda928477e976e1948c7e097fcd189272cd11273a101f8ef18fcc56670537d535ea69b5b86987dc1e38ce7d405b64d511008e0b5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiNoKGe\prefs-1.js
| MD5 | c85ebb30daecbef8b8252c979260354b |
| SHA1 | 11cc4b91443ccdc0ba8b022094f95602e9a3a538 |
| SHA256 | 13d80eb4c8acac29d6cfb3a035f890ef837995c8034f70e8bd9d56cbcf245da3 |
| SHA512 | 8d5c37c88d73c96d74887f3c9371033e6c2ade0ded995fdd7165e4c6e775d75e3f4e96dee18974db58c2f1dcf5789f8584e87f170cc165a5b0bc25500bd655eb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\prefs.js
| MD5 | 74f14647ff1904379f7e44385413ee95 |
| SHA1 | 903ad1bc2cf75a3c3882a6cdfbceaffc7682ba43 |
| SHA256 | 9013cde16d353f8af5fee220078a5d5492cb115088382e07d2fd27d904fa84c3 |
| SHA512 | 4ccf6006be241dfae3545ddc36be2bcc6a560861416a5af8a580bf9e4da0b6310a0a86d43eb84a991b4bcfe6e04662353614d9a45da3379e412bb63dec5cb4ce |
memory/4816-840-0x00000141F29C0000-0x00000141F29D0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\prefs.js
| MD5 | 922cafd47ebdb0802468275c8d15591f |
| SHA1 | af7e175c1b4a62b9bc46ec704841e5363d2c8118 |
| SHA256 | 0d9999463235107dba0b9f547763a149a4818b80a044d1eb8e5ffafec4413a7a |
| SHA512 | da1f23ede64831554d1843ff70e8faefb8e2ed699ba518e94706e76cdfc882640cf2dc230fc744997e5b73cc485b627c6e37e3b62fa0636535153fe0715e47f9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\startupCache\webext.sc.lz4
| MD5 | 83b114fdf437aaad63443ec1893baace |
| SHA1 | aab3405bec3a3a2fc7f6d0852d8167aa3e5a9c91 |
| SHA256 | ad7d97386927c949d7e8eb56961c45965c19a3f68784bdf556c6b5c1200ed1b4 |
| SHA512 | 1f091d8c6ab24af1c2eb08b4e9408116eac577651a8a5022e1787452034d9f74debbdb1b1254adc861d2ba49adc3664a2488037a583e088601cd98f55958f7de |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\prefs-1.js
| MD5 | 81906157380b0deb1201b6cb34b35349 |
| SHA1 | f7d4e999163aec4e28b70b995a4fb2499e56b1d5 |
| SHA256 | eb2795c3b5854aba02f3f0069a1ec6b10a24ad74af59658971331f88589dbca4 |
| SHA512 | d92d0410578e2e9220cce5e2a5787c5d916697c7dce391d95299ff07bf524b05f3d87105e5557f649d92371942f848d371c9a2ebc03b05a617de6819adbe534f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\prefs-1.js
| MD5 | 1a1453322a75315241231f6fa45373e3 |
| SHA1 | 1076cc38a083a710964aa190a65b0f64d63dc576 |
| SHA256 | 7264b438eaf5351a48bbe9cdd6fa76a075835599419518c66dec39fd7d579b74 |
| SHA512 | e4f6ae3a412fc22827a34de7cf82c84a302c8635a349a4aa1d83fba1784598f6b92425624fbc34e019e6003468e9044a9c0cee74e3d2c9199119429a2fe9f334 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile56BRC3\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejt5Qyg\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
memory/2148-1089-0x000001C5668A0000-0x000001C5668B0000-memory.dmp
memory/2148-1117-0x000001C56C1E0000-0x000001C56C1F0000-memory.dmp
memory/2148-1172-0x000001C562430000-0x000001C5625A0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejt5Qyg\prefs.js
| MD5 | 739a20cccbe0c4aa9b011404b398899a |
| SHA1 | e3ae960b256b480fed2712f7963b2cb8a6c96a65 |
| SHA256 | 49e5cbe5e8b3a6b772747bc4848d413b3b19da78a4a1ad01017c70dcd7ec667e |
| SHA512 | c9e0425e51046a4674799932fcd801d8c6d15d3a1b6ccb8fc9f6a781665e93586708da1a84def2aefc717e067ad176ede8fd1209d392c7a1728ffb75c0489ce6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejt5Qyg\prefs-1.js
| MD5 | eb47cae186a5ef9b292802f737040a42 |
| SHA1 | 5e819f3e6918b3eddbb10b08cf38ac88c015c316 |
| SHA256 | c902f05cb9b4e43bbc3eaef7d7c29f5f377710949bf2a5627bde010fbf1e8aa4 |
| SHA512 | 69866c9c41be3a3c52ac138b756ef9810bcbad94201d17aa7e162ff2135732630593b7b741ed5986c10679f466f2099ea5292cd9c3a6f31562c21a9c124650da |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejt5Qyg\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejt5Qyg\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-09 00:47
Reported
2024-05-09 00:58
Platform
win10v2004-20240508-en
Max time kernel
299s
Max time network
306s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Users\Admin\AppData\Local\Temp\medium.exe
"C:\Users\Admin\AppData\Local\Temp\medium.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI6522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI6522\geckodriver.exe --port 63945 --websocket-port 63946
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 63946 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTo9ZiF
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 63946 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTo9ZiF
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.0.1261348380\1344824668" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1660 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {ba9278ba-72d4-41fb-a133-f6daace8a8da} 2956 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.1.2021796033\729307039" -childID 1 -isForBrowser -prefsHandle 2600 -prefMapHandle 2596 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {a684822a-52db-42be-aa6b-e89f52f4b19c} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.2.236865648\2038056264" -childID 2 -isForBrowser -prefsHandle 2996 -prefMapHandle 3012 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {d9a6b708-19e3-4552-a4f3-21658d5eba21} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.3.546859565\1226747565" -childID 3 -isForBrowser -prefsHandle 3244 -prefMapHandle 3228 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {0921700e-6f0e-4d06-b8e7-7c7f372cfc84} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.4.1989889343\1529450537" -childID 4 -isForBrowser -prefsHandle 3428 -prefMapHandle 3536 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {dece4e47-ab54-443b-bc43-8fcb32d90a79} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.5.152933196\345427361" -childID 5 -isForBrowser -prefsHandle 3932 -prefMapHandle 3928 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {3cb304d4-9838-41c1-97ab-7ebae0175a4c} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2956.6.1621208504\1786867147" -childID 6 -isForBrowser -prefsHandle 3596 -prefMapHandle 4028 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {9a49f7ee-f091-453d-bdb1-24c069c491fd} 2956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI6522\geckodriver.exe --port 63945 --websocket-port 63946
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 63946 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 63946 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="432.0.341769492\1828591070" -parentBuildID 20240416150000 -prefsHandle 1732 -prefMapHandle 1724 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {b8ae05dc-187d-409f-98c5-0b9ec63a738d} 432 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="432.1.328013368\145827669" -childID 1 -isForBrowser -prefsHandle 2692 -prefMapHandle 2688 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {eb4c1f8a-e18f-4135-99d5-0d3ed8248dac} 432 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="432.2.317814442\1266643538" -childID 2 -isForBrowser -prefsHandle 3244 -prefMapHandle 3240 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {6b7ef800-e5f2-49c3-b627-d5fb91d5d3a5} 432 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="432.3.630543661\1104418709" -childID 3 -isForBrowser -prefsHandle 3260 -prefMapHandle 3628 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {e3cc446c-9cd1-4c53-8b80-eac02a62a430} 432 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="432.4.793289357\1271185505" -childID 4 -isForBrowser -prefsHandle 4036 -prefMapHandle 4032 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {0bf7320f-1143-4602-be3c-81699cf6a69b} 432 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="432.5.1238871392\496356916" -childID 5 -isForBrowser -prefsHandle 4244 -prefMapHandle 4252 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {01c9764c-3664-4997-a18f-7cdb0344db5e} 432 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="432.6.2040819538\858298705" -childID 6 -isForBrowser -prefsHandle 4404 -prefMapHandle 4400 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1236 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {6dad23b7-eb8e-4937-a204-837a7335182e} 432 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI6522\geckodriver.exe --port 63945 --websocket-port 63946
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 63946 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile26TwvB
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 63946 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile26TwvB
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2364.0.447556877\1605577050" -parentBuildID 20240416150000 -prefsHandle 1660 -prefMapHandle 1652 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {21221b08-fa93-4664-8194-feb75a11e744} 2364 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2364.1.1192708169\1662305202" -childID 1 -isForBrowser -prefsHandle 2644 -prefMapHandle 2640 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {a733fb27-14d0-46a9-b71b-f7034ee4ea1b} 2364 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2364.2.1585473941\948258399" -childID 2 -isForBrowser -prefsHandle 3216 -prefMapHandle 3212 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {e0c0a304-01c3-429a-bf4a-99f022567511} 2364 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2364.3.1024176436\759603926" -childID 3 -isForBrowser -prefsHandle 3280 -prefMapHandle 3140 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {78c834c0-8a85-4001-8a16-ff5ea9cd1300} 2364 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2364.4.634101675\1387544173" -childID 4 -isForBrowser -prefsHandle 3892 -prefMapHandle 3896 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {15efe67d-26ef-41e9-8edf-a592e926d1d8} 2364 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2364.5.1264766325\910805645" -childID 5 -isForBrowser -prefsHandle 4020 -prefMapHandle 4024 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {075883e1-7b99-4230-8a77-d43575be047f} 2364 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2364.6.235300159\656536678" -childID 6 -isForBrowser -prefsHandle 4088 -prefMapHandle 4100 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {c168becb-445f-4e82-a22d-2ac36f377d6c} 2364 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2364.7.957100198\55206355" -childID 7 -isForBrowser -prefsHandle 4536 -prefMapHandle 4540 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1284 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {baeb3c0f-7bd3-4641-a0f3-e533dd26e2ec} 2364 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI6522\geckodriver.exe --port 63945 --websocket-port 63946
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 63946 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehzzoAu
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 63946 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehzzoAu
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3164.0.963999314\727067195" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {0689e43c-bad5-4523-8f08-65d46a743b20} 3164 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3164.1.142541342\317685356" -childID 1 -isForBrowser -prefsHandle 2652 -prefMapHandle 2648 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {1f3b9387-a9ad-48f2-839e-677f097f8abb} 3164 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3164.2.2130486472\308936157" -childID 2 -isForBrowser -prefsHandle 3180 -prefMapHandle 3176 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {96fdd158-7c18-4d91-8dcb-bfc0f38f0721} 3164 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3164.3.131667380\272524402" -childID 3 -isForBrowser -prefsHandle 3212 -prefMapHandle 3476 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {c573b091-36e3-4d5c-97a8-6ad2b05e99cc} 3164 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3164.4.5036249\2105968799" -childID 4 -isForBrowser -prefsHandle 3848 -prefMapHandle 3852 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {9d3d93b7-520e-4e29-84a6-14d4bbce55e9} 3164 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3164.5.5018731\622829335" -childID 5 -isForBrowser -prefsHandle 4060 -prefMapHandle 4064 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {cb1f87d1-78e6-42ab-8580-7699885ab6d0} 3164 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3164.6.78814340\220733185" -childID 6 -isForBrowser -prefsHandle 4252 -prefMapHandle 4256 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {e3de287d-7ff8-42de-b440-77ef27108903} 3164 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3164.7.1652702738\1493644873" -childID 7 -isForBrowser -prefsHandle 4600 -prefMapHandle 4604 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {d326d170-1a37-41c5-bafa-7ccd4fa8e587} 3164 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI6522\geckodriver.exe --port 63945 --websocket-port 63946
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 63946 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqAYhgY
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 63946 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqAYhgY
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="320.0.723912055\1489651859" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {e697cda3-74ce-4ea5-ab54-64df440851e9} 320 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="320.1.568564468\382239786" -childID 1 -isForBrowser -prefsHandle 2664 -prefMapHandle 2660 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {289110c0-4d91-4498-8e50-8eb3f6aefdba} 320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="320.2.41795329\1063347656" -childID 2 -isForBrowser -prefsHandle 3300 -prefMapHandle 3212 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {c49095e5-deda-40ff-b338-eb1efc38bf29} 320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="320.3.1502250256\1360986984" -childID 3 -isForBrowser -prefsHandle 3388 -prefMapHandle 3376 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {4f222de1-92c5-4ca4-a1b2-b972737cf174} 320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="320.4.1325136420\163078761" -childID 4 -isForBrowser -prefsHandle 3736 -prefMapHandle 3732 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {a3097446-bc76-48bd-beed-f8d09c08726f} 320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="320.5.507670400\1247219348" -childID 5 -isForBrowser -prefsHandle 3916 -prefMapHandle 3920 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {b277bb6b-3ab6-456e-a459-cf1b859fdceb} 320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="320.6.1800754150\498781783" -childID 6 -isForBrowser -prefsHandle 3900 -prefMapHandle 3780 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {90e3c273-d3e7-4a3a-bc32-4658baf8957b} 320 tab
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe" -contentproc --channel="320.7.1513642006\1315512172" -childID 7 -isForBrowser -prefsHandle 4684 -prefMapHandle 4688 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1228 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\browser" - {8bc661ee-8773-4a9f-9bdd-b3d4c5519b8e} 320 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.32.126.40.in-addr.arpa | udp |
| FR | 51.159.195.41:993 | tcp | |
| US | 8.8.8.8:53 | 41.195.159.51.in-addr.arpa | udp |
| ES | 143.47.34.118:443 | tcp | |
| N/A | 127.0.0.1:64048 | tcp | |
| N/A | 127.0.0.1:64050 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| US | 8.8.8.8:53 | 118.34.47.143.in-addr.arpa | udp |
| DE | 195.201.204.149:443 | tcp | |
| SE | 46.246.44.53:443 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| US | 8.8.8.8:53 | 149.204.201.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.44.246.46.in-addr.arpa | udp |
| N/A | 127.0.0.1:64154 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:64162 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:63945 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| N/A | 127.0.0.1:64457 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:64465 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| CA | 38.102.84.24:443 | tcp | |
| SE | 46.246.44.53:443 | tcp | |
| US | 8.8.8.8:53 | 24.84.102.38.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| N/A | 127.0.0.1:64782 | tcp | |
| N/A | 127.0.0.1:64790 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| N/A | 127.0.0.1:65115 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:65123 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| N/A | 127.0.0.1:63945 | tcp | |
| N/A | 127.0.0.1:65439 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:65447 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI6522\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmp8ma0da77\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\_MEI6522\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/4652-491-0x00007FF8CF6E0000-0x00007FF8CF6E1000-memory.dmp
memory/4652-490-0x00007FF8CE740000-0x00007FF8CE741000-memory.dmp
memory/2956-538-0x000001F371CD0000-0x000001F371CE0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTo9ZiF\extensions.json
| MD5 | ad1064de633b15bc38a89d64aad23b91 |
| SHA1 | ceb7a68c7fd8475d96cf765c5ff7d1d522a6d481 |
| SHA256 | 1326dafe6647900b91e754b2aa85bb7f6386477d1b2787d142ce84be092602ff |
| SHA512 | d3e1d85e17d0cb1488348fb6779d2e56ba8c1e28d32728806dffbc39d69935db54568f11d6233a740d537cf690acac5e07acca2fc187aad3c2f848505e05f72e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTo9ZiF\prefs-1.js
| MD5 | 334dc51503a34e2e21006402c7923e61 |
| SHA1 | b13ac64140d465d199391b8c0ea6ed487a567274 |
| SHA256 | 85ae678799ce9d6f36a5ef0f5877c6b3b55aa4313fc595c668abf9b328e1e953 |
| SHA512 | f91b0aa215475b188393bd7848c51221889203fa723b582f671ebbcd5347aa5251025dda07d6c9500430bc5837f89e0363e9ae3f183f748e553ea0307a5f3c3f |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | d65af531e0d0b5169f3a72b3b82b6ab4 |
| SHA1 | b99da82f3ac09eb492add0fd83e547aa987e2481 |
| SHA256 | 430517c819038c683d3f4339d8c2bd55b441880298495ac4f8857017daa18ee5 |
| SHA512 | 89568a95899a3e07ce980703e5a5fe727b10e72a9aaa484e84d0704fd9083df263c98f60e60e4c1488bde0be690b4b3a8945bdae1d98ef9fd78def52abd3c7fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTo9ZiF\prefs-1.js
| MD5 | 152264cbc9f209807f34d4d0f34e4823 |
| SHA1 | bc7ab413bc9d8243edf43b721356b2a6ae18cc44 |
| SHA256 | e341964e121efe95a94eaab1c54c9d9f283a9fc6cc2fc3cea3bf0efb15086397 |
| SHA512 | 192540ab150aaedf3593fa73751cdfc98ee8a3802fb69179e0cfc159452f1c6434a2d3d169fe26c9ba13983d8464dbd1bb85b617e976a87742a547ad429e1f99 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTo9ZiF\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8\prefs-1.js
| MD5 | 38d9440e1ec5152050a55ffb72d743ee |
| SHA1 | 8ddd5d5b092ace6ddb5b5c4722996da6af39aea5 |
| SHA256 | 8c6c345b1bb5b2aee628c3b28e54083a90335cb029001302967c5e88e3100573 |
| SHA512 | ff91541e9b02209890fb4c51ebcd02767c2fcb3fc7d73c18dc35e6d05889a99b6bb046f62695b7598d22d53d4f661767d04ed4792d3354646c7753e25f619a33 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
memory/432-841-0x000001281D6D0000-0x000001281D6E0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8\startupCache\webext.sc.lz4
| MD5 | 1b799cc5b6cf681cfa54d37c8ce8cb06 |
| SHA1 | 2f0fae44eb2fe74542df923e37f0c7e23a74fd17 |
| SHA256 | ce654b3257aec215ee980682aa6a48628dac50252a09301efe8686ff3f406a03 |
| SHA512 | 10263e878623c9375095f150a83e5fe42fb5feccea139e107d37b2337f0c68c4f8a47952247d7e8517876a12dcd696202b8ecdf115577c0e416a489a280451d3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8\prefs.js
| MD5 | 0120e62c7ddf2029b84055626087d020 |
| SHA1 | 18793d596884a632ed2456131ca0f19237344db2 |
| SHA256 | 38123731e510b4deca99cd7be24751ce4e5c10c65e3e36e4ada0ae07d52ed792 |
| SHA512 | 581befb27f71d5f0991c50c14357c5a38960267ee2ede20310740338e1729b30768bc2fee3a114e63278b4ee081dd2b56e8c115171c5004306b663684f81074e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8\prefs-1.js
| MD5 | a71c999e34a733d1baf90e8b6cd946f7 |
| SHA1 | 8ed2d6c35178ec030309d3c9c14b294786eeac5e |
| SHA256 | 13de984428c7e53ebdea5d56a6418049a93cfa725770d139466314498633151f |
| SHA512 | 9d237a99770bd841436a118af62cb4f10f87eda67dc402eb68439a8fb7e52cc7b0329b7e7e933865972cf2d11d9cdb43f39215085b23215ea446299b12cb444d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8\sessionCheckpoints.json.tmp
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile76Qxt8\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile26TwvB\user.js
| MD5 | 855dc589373a4d1a313c9e960ee62887 |
| SHA1 | dc10bb2de0ab34ff4d58d3e5a33bd04e3fc32556 |
| SHA256 | b9349e3eba0a32c3bf4a4057f518af713a1365749236e13a06ec83f89fa128c0 |
| SHA512 | 85cf2779c5d773f8acf3b86e88b3db88af3e243693ce453e2c5138346bb7c7aea00439b3bd9d9a2cc358fc3c025429db6797ff4ca238b5172bc6a6cf4f0ac48d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile26TwvB\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile26TwvB\prefs-1.js
| MD5 | f86640850c9c47558d1df334c6e92942 |
| SHA1 | e7770378d99e120b4ed8657880af06363e652f27 |
| SHA256 | ebbe41572328b75d45b973cb4cd0ce51cd60650a6dfe1271feda377c28298fd0 |
| SHA512 | 665501f1d054280f9f94ef8d6b2ebb36c43ef4f2fd381840a657b52fa262484e91478ea8cb9e0865f1189a0b121d4adc76de5a04bd2ca31c215935473d1c8644 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehzzoAu\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
memory/3164-1429-0x000002602C2A0000-0x000002602C2B0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehzzoAu\prefs.js
| MD5 | 14acd246ad149298232f7f5dd75cae13 |
| SHA1 | f68e71b66d35429ba3a0cd7b7d04e1a61212101b |
| SHA256 | 895b5912b63bd5098f9e3b1a8016b504afcb4bd6c3c5418b4eeb357813f6efd1 |
| SHA512 | bea0bf80afeca284ee1a18421dade431603485dae78250eafc7aabebb3a7dd61f5c9e873ba299b963b6ff33c81fbec8113a5684c2b9734586a0615da1b8116f5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehzzoAu\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehzzoAu\prefs.js
| MD5 | aa1346bdb8d2f5075b6f751e6aadc319 |
| SHA1 | 4f9d670258136d9ab98db494ea62d6dc4101df60 |
| SHA256 | 019f438079e804bd09395652fb3bd9f07784b59fe99239840eeb3792b02d5298 |
| SHA512 | be6252819e2fb93ae64747c98e4ad1897d0f55adc1961148769f3bb455d90b4c6a0e6427f545e4159fbbf0dfd35a65abdde91d82af99522416cb39303995de93 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehzzoAu\prefs-1.js
| MD5 | 0f4129fabe63a67638488a242a695f66 |
| SHA1 | f0ecc4fe0e65d054c326353e0f22713e23880228 |
| SHA256 | 51a5a51856b3a2a094726674d4594fe4bf6f20e98c68129b6d1c57752fc24ee4 |
| SHA512 | 428ff9e62fa399008eb8fb1de65409444173d21730ccff71e3d56fd63b653939df07cc6714f8f9057aed36cd1383c5e2b8138f9c36853ed737f1c2227246b429 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqAYhgY\compatibility.ini
| MD5 | b1097689bee911d1431629272ba3b756 |
| SHA1 | a97e532a23eefd633d8c4ae687e09cb40e365678 |
| SHA256 | b6c4445481854fd43a8ec6799a6f028e9cdbfcdecb458c649c0026c747ae3b58 |
| SHA512 | 24f529b36a9e438d3b0886812c23006be3b44c58411cf86c0ebee27f5e1ed543830e95ce15fb525db001c39d77594fbbd2004800f2174a0c892d1638a30aa257 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqAYhgY\WebDriverBiDiServer.json
| MD5 | 8e1f450204ddead7569339af9f9f64d4 |
| SHA1 | cc9e08ffca0084a4e58527c52e27f57c6aa1cc93 |
| SHA256 | ae66c5073a69467234e498ea2b67a4035bbcd214c99bc9713e2e6a471dd0c31a |
| SHA512 | 06417f3bbcee6de9db44c09d22c2caf261727ff0ee245d223307db4927d0c08d3d663f8e06839bd0d4dbfe88e734670a411cfca7c1922f603f23572db77b89da |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqAYhgY\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 2724c7ba618caac13f85faf421ec2b23 |
| SHA1 | 2ca1785ef6f84cec8cf688613b33ca582dc30982 |
| SHA256 | fd7fd561d11c1f8d0e6b224178a7d1c16a8bb35492786cd376ad708abb573359 |
| SHA512 | b41333e4f2c7da21c161a0f7fb6d372698f524c90abd1efb03cbfe684517164b925bc63a71eef867850c216d8c4a6b063361b74103efdcb071b8fbc720274315 |