Analysis Overview
SHA256
88093c75834d60df3b4b6f4df642bb28dc749f4bd562f587fa8f9e30e97d3c5c
Threat Level: Shows suspicious behavior
The file heavy.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Executes dropped EXE
Checks computer location settings
Loads dropped DLL
Checks whether UAC is enabled
Enumerates physical storage devices
Detects Pyinstaller
Unsigned PE
Checks processor information in registry
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-09 01:06
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win10-20240404-en
Max time kernel
298s
Max time network
313s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI41802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41802\geckodriver.exe --port 50046 --websocket-port 50047
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50047 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEBHeGF
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50047 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEBHeGF
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4492.0.2069034238\682652180" -parentBuildID 20240416150000 -prefsHandle 1464 -prefMapHandle 1452 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {b2ca4c1b-3338-4eb5-ad8e-916652053e27} 4492 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4492.1.1083812465\876695998" -childID 1 -isForBrowser -prefsHandle 2444 -prefMapHandle 2440 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {046079e0-3d37-4c94-85e9-2aa02e45fa7f} 4492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4492.2.827919341\473968373" -childID 2 -isForBrowser -prefsHandle 2928 -prefMapHandle 2924 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {b29d0fc0-34fe-4a23-a83f-28f43f7cf3ae} 4492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4492.3.2078457960\2135571161" -childID 3 -isForBrowser -prefsHandle 2984 -prefMapHandle 2988 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {0cc0610b-3406-4313-bce4-480aaeb0d995} 4492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4492.4.889543622\1215238277" -childID 4 -isForBrowser -prefsHandle 3612 -prefMapHandle 3488 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {1278fea4-31ac-43d9-966d-0b2917c47b30} 4492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4492.5.1841215180\855053613" -childID 5 -isForBrowser -prefsHandle 3768 -prefMapHandle 3772 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {3d262547-2338-4fcd-be17-e33f77e9b759} 4492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4492.6.1269957815\890737539" -childID 6 -isForBrowser -prefsHandle 4004 -prefMapHandle 4000 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {f84ece32-28b1-4713-b714-26e4a7d6c1b8} 4492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41802\geckodriver.exe --port 50046 --websocket-port 50047
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50047 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50047 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2092.0.2021413469\589011244" -parentBuildID 20240416150000 -prefsHandle 1464 -prefMapHandle 1452 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {1558ced3-0e01-4f77-ab86-161a4889cdcb} 2092 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2092.1.260130878\28723896" -childID 1 -isForBrowser -prefsHandle 2448 -prefMapHandle 2464 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1092 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {6571cbb4-526d-4463-a988-7323f12ffee0} 2092 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2092.2.1834791795\979022245" -childID 2 -isForBrowser -prefsHandle 2944 -prefMapHandle 2940 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1092 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {97b90d56-9b23-450f-a5aa-29213fdbbbda} 2092 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2092.3.1523731427\1797161106" -childID 3 -isForBrowser -prefsHandle 3208 -prefMapHandle 2948 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1092 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {9eb57a6a-95d2-4550-80b7-c817bd5c5f59} 2092 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2092.4.705881595\314527335" -childID 4 -isForBrowser -prefsHandle 1352 -prefMapHandle 1348 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1092 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {eeea8d32-7ce0-4e42-9466-f96796ebbf31} 2092 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2092.5.379676728\942645185" -childID 5 -isForBrowser -prefsHandle 3700 -prefMapHandle 3704 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1092 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {23ace422-acb2-4e35-aa1b-800a6dd6b2d8} 2092 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2092.6.1417288741\1428647975" -childID 6 -isForBrowser -prefsHandle 3996 -prefMapHandle 3992 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1092 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {239077a7-c416-46c9-b3a4-41e5f4e4af9d} 2092 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="2092.7.1102376170\1829637233" -childID 7 -isForBrowser -prefsHandle 4320 -prefMapHandle 4324 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1092 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {d488a2d0-5a8e-496c-bdf3-6dba8441a748} 2092 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41802\geckodriver.exe --port 50046 --websocket-port 50047
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50047 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefyG148
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50047 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefyG148
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4136.0.1675211593\1075060032" -parentBuildID 20240416150000 -prefsHandle 1544 -prefMapHandle 1520 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {f3266735-3e6e-4a05-a9bc-3c8f0e36d5a8} 4136 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4136.1.1695593642\1711472645" -childID 1 -isForBrowser -prefsHandle 2524 -prefMapHandle 2520 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {e40d929d-a4a3-4504-9596-33b80abc5c68} 4136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4136.2.860757140\779440294" -childID 2 -isForBrowser -prefsHandle 3220 -prefMapHandle 3216 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {47636875-37f6-432b-8d97-248c69d80aa8} 4136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4136.3.991745452\89912520" -childID 3 -isForBrowser -prefsHandle 3340 -prefMapHandle 3244 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {d78bb21e-3482-4f13-9259-8a84945f00ea} 4136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4136.4.338833445\938646565" -childID 4 -isForBrowser -prefsHandle 3604 -prefMapHandle 3600 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {b3aea71a-84ea-42aa-8eb1-6f6dc03e7ebc} 4136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4136.5.1314001135\1709132539" -childID 5 -isForBrowser -prefsHandle 3716 -prefMapHandle 3720 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {1202ef81-9920-4cbe-847e-5fc125d47697} 4136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4136.6.802122597\1958930382" -childID 6 -isForBrowser -prefsHandle 3916 -prefMapHandle 3920 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {b7366b7e-8cda-404d-b600-cd87114f581d} 4136 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41802\geckodriver.exe --port 50046 --websocket-port 50047
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50047 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyUszBN
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50047 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyUszBN
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.0.1482534080\1165634512" -parentBuildID 20240416150000 -prefsHandle 1492 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {a7166dfd-40e5-47b9-a1d3-3e2202e37ff1} 4392 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.1.968678296\1818773751" -childID 1 -isForBrowser -prefsHandle 2540 -prefMapHandle 2536 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {fdf33f66-1373-4374-a089-c2154eb6d324} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.2.2027104099\802763160" -childID 2 -isForBrowser -prefsHandle 2920 -prefMapHandle 2916 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {6ea5b834-4012-4ac5-b55a-a83c08a28c19} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.3.1046130039\1474223068" -childID 3 -isForBrowser -prefsHandle 3356 -prefMapHandle 3360 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {aceb7c25-a3b0-4985-8680-159e9a78940e} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.4.1889116605\97474042" -childID 4 -isForBrowser -prefsHandle 3660 -prefMapHandle 3656 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {ed7f90e8-dd11-4170-bbc0-dafd91d963be} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.5.555121647\89099364" -childID 5 -isForBrowser -prefsHandle 3832 -prefMapHandle 3828 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {cefe22f7-a2d3-498e-850e-c6f6833a07c5} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.6.467488696\572382702" -childID 6 -isForBrowser -prefsHandle 3940 -prefMapHandle 3944 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {5959f8fc-99ce-40cf-aeef-25170be3a66f} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.7.1189443662\196268258" -childID 7 -isForBrowser -prefsHandle 4420 -prefMapHandle 4412 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {0502b0ee-3e60-48ee-af66-ed0330e3aba6} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="4392.8.405648508\276576030" -childID 8 -isForBrowser -prefsHandle 4608 -prefMapHandle 3464 -prefsLen 25412 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {4e8476c6-0204-4a34-a8eb-84f9dc5f65a8} 4392 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41802\geckodriver.exe --port 50046 --websocket-port 50047
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50047 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecGPsui
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50047 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecGPsui
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="560.0.1991093105\830526367" -parentBuildID 20240416150000 -prefsHandle 1492 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {e76d26fb-abf2-41cb-b56f-58566de7bb70} 560 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="560.1.461074574\2035519590" -childID 1 -isForBrowser -prefsHandle 2436 -prefMapHandle 2432 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {095c2810-ab8b-4b3a-aa87-e8a249a37c24} 560 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="560.2.1736406796\885403427" -childID 2 -isForBrowser -prefsHandle 2912 -prefMapHandle 2908 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {9011a5a3-8a15-40de-b6fd-97c1d798f05f} 560 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="560.3.267050440\4831524" -childID 3 -isForBrowser -prefsHandle 2928 -prefMapHandle 2924 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {ba25d388-7989-4fde-b085-587bcee4cc67} 560 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="560.4.219455547\2051167367" -childID 4 -isForBrowser -prefsHandle 3612 -prefMapHandle 3608 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {12a6a764-76ec-401c-8d3c-24e3af1223e9} 560 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="560.5.1209290520\379985703" -childID 5 -isForBrowser -prefsHandle 3828 -prefMapHandle 3824 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {d2bd3c7a-9757-417f-9764-2935f5d05425} 560 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe" -contentproc --channel="560.6.318350081\2086657275" -childID 6 -isForBrowser -prefsHandle 3932 -prefMapHandle 3936 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1176 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\browser" - {d6381427-c7e1-4895-b629-3cc486cc4d7b} 560 tab
Network
| Country | Destination | Domain | Proto |
| DE | 185.170.114.25:443 | tcp | |
| US | 8.8.8.8:53 | 25.114.170.185.in-addr.arpa | udp |
| DE | 78.47.39.90:443 | tcp | |
| FI | 65.109.115.38:9055 | tcp | |
| US | 8.8.8.8:53 | 38.115.109.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.39.47.78.in-addr.arpa | udp |
| N/A | 127.0.0.1:50149 | tcp | |
| N/A | 127.0.0.1:50151 | tcp | |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:50244 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50252 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:50567 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50575 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:50883 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50891 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 14.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:51205 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51213 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:50046 | tcp | |
| N/A | 127.0.0.1:51546 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51554 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI41802\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
\Users\Admin\AppData\Local\Temp\_MEI41802\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
\Users\Admin\AppData\Local\Temp\_MEI41802\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
\Users\Admin\AppData\Local\Temp\_MEI41802\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
\Users\Admin\AppData\Local\Temp\_MEI41802\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
\Users\Admin\AppData\Local\Temp\_MEI41802\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
\Users\Admin\AppData\Local\Temp\_MEI41802\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
\Users\Admin\AppData\Local\Temp\_MEI41802\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpgp60olsx\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI41802\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/4492-533-0x000001B7FD9D0000-0x000001B7FD9E0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEBHeGF\extensions.json
| MD5 | f8b459fb00ec5d73189e5f2159285e71 |
| SHA1 | 379fd4daa4b80a8343f616fb57b7568881a6f9dc |
| SHA256 | f9574a03aee2791d0c5ae8cd50110873b51cbed5a16d01e419f35012c61f63ff |
| SHA512 | 21300a91867c3902574d14f03442bf02577d7f462d4bbf2180a9ae7d4c374807703b40b3a186151bbc8ef49111c935cc505573f0db0f6d10b301292903ca7bab |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEBHeGF\prefs.js
| MD5 | 9e4254f91231cbb33cc8267fb187c5a3 |
| SHA1 | 9445f46db56d0781767cd11a47a68b05341485c1 |
| SHA256 | e72e7ab9fd50b5dbaed939fc1dbf8969020a0ba32f40286e0b91d146c2a7b5f4 |
| SHA512 | adcc898262e933aade75f0c1b2bc31417f3b1c4352f48a65a2133bec927c9374cdd2941cdbcbfcb42c0ff7ba38a49892a44c25616bff96bb5b54cf3748fa8970 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
memory/4492-581-0x000001B7F1D40000-0x000001B7F1EB0000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 9f9e094404190d3a105a4f4149a10e36 |
| SHA1 | 4cfa575a78dd421bf410fc0b031752a373271e8d |
| SHA256 | cb827a214756a75d6a05eaa1d37a29121d7fe11caa35169b173c7fe49ef623bf |
| SHA512 | 6c5dc731d2622f38b7c79665e88dfb44599528018701a5e789f3a8790b8ebbb1c191fa90fb0b0f2daccd69ed82ad5e1e2ea49a7c6a3e86e082ece12585ab4754 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEBHeGF\prefs.js
| MD5 | a119dd4cf90552ed0ce2eb5211595190 |
| SHA1 | 6be1f64db3743d34e2c1b3ef05ca813f1a52e623 |
| SHA256 | dff4b6c3834a287f09e4846c51dfe5c8a9cb1370a71ff47980085054214035f3 |
| SHA512 | b67d8780a90b1c15587075698bd53d830dcea308fd84f992e7dfe0644a93ec6b708746e1a3072ab41f1052ad99bbcdf16801c6053c9c19b842365f3ac003236e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEBHeGF\prefs-1.js
| MD5 | b81d358d159a012593b532f016cae15c |
| SHA1 | 887cd2c18b125fde6d7384b21cbc56024b28c480 |
| SHA256 | 7c109b8ed54ea56446da66377fbc5af259b0531b0a8aa5cb0948c316c74c5523 |
| SHA512 | fb84c0c7b053d5645c4f7c446cc779275a4bd3aa872a7c7c7090013763f314f5f78409a61cdc75bbf759e521df6827fe1257163a5aa4b5f6f459ddd5ef56c0b2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEBHeGF\prefs-1.js
| MD5 | 5b370c8ce2e3fbd6b07e4f8a0ca30cea |
| SHA1 | e4b5ce27c883153c6f7fc2741abdd885302dd793 |
| SHA256 | c86e426846e2fcd4096c05cd6c11eb84f152e189c41d956380ff590d7105e5b0 |
| SHA512 | 013095c9f6e3ac1557c7710e5b642cdd0e4a9a3617b081cee43ac773e1cac67a412ef12c06423a33082745b1589405f9645ecbe82041fbf8d6a78821c2f4965d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy\startupCache\webext.sc.lz4
| MD5 | 13ba7976d4c472c5ef0f15a40e7e42cc |
| SHA1 | 603a5b92c537c4c507eec669127663dc516a35fb |
| SHA256 | 6dc685b42b1c1738c8d4ebbaa019a671cd3dc454fe04d0827b213ce2f4de615f |
| SHA512 | 741546820048826141ce02ecd6b2ea258b7c389c8049e2bab1a03df43e5284389e66f6fcd8c43309e504a9bad5597343f67f3fe0adaa61eec300fcea0dedf29d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy\prefs-1.js
| MD5 | 3238c808bb1b82180c38abd371acd27c |
| SHA1 | 62dd7b06331876353d2409e461d63c5f442afa5c |
| SHA256 | 1b9ded05c239b0cad869e0b31612481c35c7125ec4808d3be920efd516afa9f1 |
| SHA512 | f16095f02db01f9a83ab720a055f8ee425e31dbca5411c1fad4d4be65158d9d384ab4dfae844affab998b2a8e4168b39a35ecad973732493040eae9667b523b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy\prefs-1.js
| MD5 | aab9c43058444872666c50121fdcabd7 |
| SHA1 | 058d1290e6458b2af29ea60bbb8176528adaa511 |
| SHA256 | 081aa3081d97b1f8e1777861e034a29e72946ee0eafbe686b8a68cb99a4dc647 |
| SHA512 | e05577da63062367d93f8857c7238e80bd8de0ca767aaee82ffda4a6b303add71e754fecd86d79dfa838419fd2846ec4822ba4a5bd9c3fc8e78f42ee42bc749b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy\sessionCheckpoints.json
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevqrEAy\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefyG148\user.js
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefyG148\prefs-1.js
| MD5 | 4415ddd4e7f50aade4c915965c71bed3 |
| SHA1 | cce47692f294d7d60dbf8644ca60ca8e4fed4a55 |
| SHA256 | cb0be6d309820dbb9ce5b995938048a51403b51e7cd68f0ccd224a85ce9edd7b |
| SHA512 | 52826151b638bf8e08c7f837e75958073f390725355e5b3bf0a7836617d1369bee96061267ba4c7d7e2200a68cb711f134e7c3739c8d85755741a12191301059 |
memory/4136-1099-0x00000273CF4F0000-0x00000273CF500000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefyG148\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefyG148\prefs-1.js
| MD5 | 73c9e7ea21688696458555a05ca38ce6 |
| SHA1 | 45aefc2eacf2a8948284d13d81f437b8d4337051 |
| SHA256 | 5a610fa1d6f5895068eec63fe37b7dac0721fe4fe756c388663ce495ac4f1b5c |
| SHA512 | 0d47d89f019cceba8246a55bb0b5875c9184fc1ad5ea8d38871d39cc8a6877e29d64579fa7bb9b81506546d691092d1a24abbaffa612710d7b93bf5b8c961502 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefyG148\prefs-1.js
| MD5 | e40729d52adba5501007d29f65646ac3 |
| SHA1 | 0b1a587a5bbc7180818ac3d2eb2bc5de42097a64 |
| SHA256 | 8eb1a3fd28ad2e73f5784c78d5e3eab0c78365a21450b167aaf1b2c7ee63bfc5 |
| SHA512 | bcb15e849abda665b39a29c1db3f687d042e2c466de4f94f00312c0f6c5c6e355b56e2759fa8d26942d00878124860ece836c2630850a8f2504b07a514e17220 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilefyG148\prefs-1.js
| MD5 | d0a4d520584a3e9766e9fe6d86b73343 |
| SHA1 | 622e8ffc0ac87404c0c4e577c85e005616e0bdcf |
| SHA256 | 88b692351c8c0ee96d5f9f83833903d162a305e3626eea84368f6a9e61b4f527 |
| SHA512 | 1189333e425d4843cf44c71b699cc563226c0421158e068855df277e415e631c975f0718650929f4f879c91f7c0d8d36e93489305c103a62b658b2fa79b0bb73 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyUszBN\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyUszBN\prefs.js
| MD5 | 8ff764a1a2be8d59d141c904e70d3078 |
| SHA1 | e85e2d9e7b8b64939b53adcdb87f419758403279 |
| SHA256 | f9c2779fbb6680863c11abe3d12fc448b7e3b29d4d20cdd8586ca363a9dd981a |
| SHA512 | a0057179e15f9ca35b7ab35b9a29e4df894ef981ac650b10263daf6ce3de1dea3d3d9751e07a475b7c2580063afad3fe06960633e923fab646f4f3246bedf449 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyUszBN\prefs-1.js
| MD5 | 1ae9198a773fd6ee6e175aa7d18aa213 |
| SHA1 | 1a3565944e54c5710b17317a9fd3231a14c96f4e |
| SHA256 | a4459158a269af158777544055463a10cb765b23552886ebd4c5f7317df6c745 |
| SHA512 | f6ef4544ab8f5a54c9df8d5fb50e346816038b1547af8ce3184a6b8e97326093c16f0526b6740565d51e77883091024ec7742f8e90c7d65313be0671c569ae92 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecGPsui\compatibility.ini
| MD5 | 48e730c5c38cd1d36377c46acda3c98d |
| SHA1 | 0f1f61c1d50569da30a78965ac1924ea610cfd26 |
| SHA256 | 3e774df94a5dee871c7d00f0a702dabdb22f225590249484bc4433999d5efc68 |
| SHA512 | fa603f443b0a1fafa95e6906b38cf2fcf55e582237225aa593da165f42c00394b47818cf3cdd95b2afc8832d69fcd02834fa40d9f5b68760772317a788678dcc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecGPsui\WebDriverBiDiServer.json
| MD5 | 27e12c95bbf5178e8424869e57c407f2 |
| SHA1 | 1f2b192b49e182e7ce846d289c32d2140acfad65 |
| SHA256 | 9ccb245f7b550cd8ae8592a1e71fcd8746854f8a297255c8e7d1d6a5e6ecc654 |
| SHA512 | 6dc2e1692b632256fb77756a81f33c9b5bdb2877973d32af7a1a582217043c1889343e3ae3b58e7a2ac9482039993e1f41890f0e040403a7eece71b090aea940 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecGPsui\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
memory/560-1688-0x0000021F87A70000-0x0000021F87A80000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecGPsui\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 1c141a19fa6a68ca9dbd5b67bd5531a8 |
| SHA1 | 78e9f4db968f1e190f836aedc37b994e035f1295 |
| SHA256 | b79760b9ed4640f0eddaa3a55d0c3fc2137b1a946a888be9daf999eb85c4e377 |
| SHA512 | dd0a56240437ad420500243d39b17a7cade1725371eabff7d0d0a3626651d89479f7380b5dbc5e820b0e62ddde46554f3e9d64cef3fea2e019ae8cd4590956b6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecGPsui\prefs-1.js
| MD5 | c83777f17b1e9fd53e93afdfe3321eb2 |
| SHA1 | 3daf962c42506b4e20ce9701ac2003731cd1721e |
| SHA256 | 0aed7d95a215fdea6d7dab6876ff70b0e762036da81fef96612f4f7a12f5b3d5 |
| SHA512 | 1eb310e4662d482d680997b957cb17c0a92a0d639d7fc74c330998a46596e816b7ff9372374410b5a77f213e0a19367a57c99e13619af8c42ff37f4b6796bc89 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecGPsui\prefs-1.js
| MD5 | 9ad4e3ed80f74db94010fc587ed4e98c |
| SHA1 | d8145da605c57d629ac6ab9fc9f6e00bfdc55642 |
| SHA256 | dbf129538949959a890f771a84a679c22af9a250f6676b5509a0ea9d572768ac |
| SHA512 | 35ef191263fa4d352f32f71778baf4811fe519a87ca55bb16eccd08ad2e25478a391d042e44795fc58d34167b1e4cc13396aa26638edfde4b0c231a0c9614b06 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:16
Platform
win10-20240404-en
Max time kernel
217s
Max time network
278s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe --port 50061 --websocket-port 50062
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67ae5J
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67ae5J
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4316.0.277430297\305318119" -parentBuildID 20240416150000 -prefsHandle 1464 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {3504fc6a-724d-4e57-beee-741acb2764ec} 4316 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4316.1.1331981921\414153377" -childID 1 -isForBrowser -prefsHandle 2404 -prefMapHandle 2420 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {ecb0875a-a168-474a-b70c-e7072e8a6fb7} 4316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4316.2.1989648539\1680942734" -childID 2 -isForBrowser -prefsHandle 2960 -prefMapHandle 2956 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {7d60adbe-1850-42a9-98a3-e6b3617548e7} 4316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4316.3.1973741227\2002247466" -childID 3 -isForBrowser -prefsHandle 3088 -prefMapHandle 3028 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {b457536c-3236-484f-85e4-342ae53700d3} 4316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4316.4.777030424\25515592" -childID 4 -isForBrowser -prefsHandle 3648 -prefMapHandle 3652 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {01f404ad-a3c0-4bbe-9dbf-4cbf89b3df8a} 4316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4316.5.334040896\911962804" -childID 5 -isForBrowser -prefsHandle 3820 -prefMapHandle 3632 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {76bf028e-c909-405d-bb40-65fa8f147738} 4316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4316.6.235953262\1358837383" -childID 6 -isForBrowser -prefsHandle 3588 -prefMapHandle 3584 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {1981a486-4fdf-48ec-9e04-b1f27db232db} 4316 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe --port 50061 --websocket-port 50062
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1736.0.1802593148\933298820" -parentBuildID 20240416150000 -prefsHandle 1480 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {7fded763-6dfd-424e-b54d-274aa5de6c57} 1736 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1736.1.852393285\943451622" -childID 1 -isForBrowser -prefsHandle 2384 -prefMapHandle 2548 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {31da8f93-d363-44c0-835d-b1e2c0c9497c} 1736 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1736.2.2122506637\358492136" -childID 2 -isForBrowser -prefsHandle 2956 -prefMapHandle 2952 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {abf1b48e-30f6-4f3d-b88e-5b15ca9ee05e} 1736 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1736.3.558329167\117160682" -childID 3 -isForBrowser -prefsHandle 3000 -prefMapHandle 3004 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {39a3d989-bd3b-4a59-9751-0a20a6a828d5} 1736 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1736.4.858694720\1189859801" -childID 4 -isForBrowser -prefsHandle 3556 -prefMapHandle 3212 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {0ded0841-bce9-4f7e-a4e0-31932eb11983} 1736 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1736.5.680514538\1093499659" -childID 5 -isForBrowser -prefsHandle 3684 -prefMapHandle 3584 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {3f7b3ee5-c3ba-4026-83f7-39f87bdb4b37} 1736 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1736.6.1719619406\69197370" -childID 6 -isForBrowser -prefsHandle 3888 -prefMapHandle 3892 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {ab357967-e0d7-41e2-a472-b085bc3490c3} 1736 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1736.7.492711327\1128350041" -childID 7 -isForBrowser -prefsHandle 4404 -prefMapHandle 2268 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {6da0552a-8f6d-4277-9368-65fc84c83373} 1736 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe --port 50061 --websocket-port 50062
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyeecIj
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyeecIj
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2984.0.1903428236\509790980" -parentBuildID 20240416150000 -prefsHandle 1456 -prefMapHandle 1444 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {bf2d2ab3-e3f5-4183-b5a3-42c14bcb5e4a} 2984 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2984.1.1442072650\455967033" -childID 1 -isForBrowser -prefsHandle 2260 -prefMapHandle 2304 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {0f777343-60d8-42bd-8172-f07ffc9ae304} 2984 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2984.2.1988580345\767568864" -childID 2 -isForBrowser -prefsHandle 2912 -prefMapHandle 2908 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {d70a599b-8944-4541-8451-3fb1a4d71ef0} 2984 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2984.3.954193124\851542683" -childID 3 -isForBrowser -prefsHandle 2952 -prefMapHandle 3040 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {5bafbad0-8dab-41d9-bb95-339a002c7ab4} 2984 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2984.4.1306979388\2142498820" -childID 4 -isForBrowser -prefsHandle 3564 -prefMapHandle 3560 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {6c52f8ef-a428-4939-9370-f504a6096fde} 2984 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2984.5.1666130914\878034619" -childID 5 -isForBrowser -prefsHandle 3704 -prefMapHandle 3708 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {d2a9fd9e-c266-464b-aa0a-acf0b44481eb} 2984 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2984.6.1501949137\1407016189" -childID 6 -isForBrowser -prefsHandle 3924 -prefMapHandle 3928 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {83cde8d7-b28d-452e-8f1c-8b0e7af686d3} 2984 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2984.7.1987860488\357590701" -childID 7 -isForBrowser -prefsHandle 4460 -prefMapHandle 4456 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {3838e1b2-99ef-4831-a850-b4a503ea582f} 2984 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe --port 50061 --websocket-port 50062
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKq6751
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKq6751
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.0.120553683\1086556487" -parentBuildID 20240416150000 -prefsHandle 1472 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {6db6eaa9-5199-46c9-99d3-b7b6d359c860} 4152 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.1.1564184200\1875676949" -childID 1 -isForBrowser -prefsHandle 2372 -prefMapHandle 2560 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {08d8f5d6-2f5c-4973-a8db-23409d70bf4d} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.2.870846057\1098390493" -childID 2 -isForBrowser -prefsHandle 2968 -prefMapHandle 2964 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {35e02739-0ac9-4f88-b427-91123a5d0c30} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.3.305842672\1956878216" -childID 3 -isForBrowser -prefsHandle 3428 -prefMapHandle 3452 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {270571b1-1745-40f5-b890-2983cdbd9b0a} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.4.655622566\95947190" -childID 4 -isForBrowser -prefsHandle 1348 -prefMapHandle 3556 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {c8dd7175-a8c2-4b2a-b162-9d0dd9b9e334} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.5.36812404\1484171685" -childID 5 -isForBrowser -prefsHandle 3780 -prefMapHandle 3776 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {2f4cc564-f30e-4720-a87e-590088e562d8} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.6.1288443594\1654999434" -childID 6 -isForBrowser -prefsHandle 3700 -prefMapHandle 3704 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {32694ed8-8aef-4b91-8ed8-fbc7a1199f30} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.7.1843001948\1387495309" -childID 7 -isForBrowser -prefsHandle 4300 -prefMapHandle 4304 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {c824ef50-5fa1-4331-a27f-1f52555a2bf7} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4152.8.971608210\720974697" -childID 8 -isForBrowser -prefsHandle 4720 -prefMapHandle 4724 -prefsLen 25332 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {6d6712c3-d4c9-45e7-a660-f4621d67766a} 4152 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe --port 50061 --websocket-port 50062
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxj1JB
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxj1JB
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4544.0.1712924874\1151706322" -parentBuildID 20240416150000 -prefsHandle 1464 -prefMapHandle 1448 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {edfbbd95-a030-4d15-b894-e86f7980ef18} 4544 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4544.1.494357892\380660437" -childID 1 -isForBrowser -prefsHandle 2716 -prefMapHandle 2712 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {601d4518-b44d-4026-a321-9673c32b2282} 4544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4544.2.1467392997\439950038" -childID 2 -isForBrowser -prefsHandle 2300 -prefMapHandle 2296 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {4eb4b2c8-fa98-46c0-bf48-06dc469e1b8d} 4544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4544.3.1317274282\1510098294" -childID 3 -isForBrowser -prefsHandle 2272 -prefMapHandle 2088 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {485b9878-46b5-4b72-ab51-14fd4b92b148} 4544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4544.4.1642557679\910901428" -childID 4 -isForBrowser -prefsHandle 3508 -prefMapHandle 3488 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {18e1cf55-fadb-4ab0-9f15-48b73c473e1b} 4544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4544.5.1290308599\453559889" -childID 5 -isForBrowser -prefsHandle 3684 -prefMapHandle 3688 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {206db53a-7559-4c6e-995a-98831cd81bce} 4544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4544.6.1823071392\1315386694" -childID 6 -isForBrowser -prefsHandle 3936 -prefMapHandle 3932 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {7a21401e-e916-4a36-9ced-86a693866909} 4544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="4544.7.335648776\168466871" -childID 7 -isForBrowser -prefsHandle 4304 -prefMapHandle 3876 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1128 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {89357906-131a-44b9-b67e-be8ee5c77d84} 4544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe --port 50061 --websocket-port 50062
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMnj8jq
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMnj8jq
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3972.0.1789201312\628272542" -parentBuildID 20240416150000 -prefsHandle 1468 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {885c27d0-dcb0-4ecf-8111-4a02afd56621} 3972 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3972.1.1444145027\513373608" -childID 1 -isForBrowser -prefsHandle 2508 -prefMapHandle 2504 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {166ed597-0782-4b8c-8f33-c3d760c2c6cc} 3972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3972.2.771749268\443963341" -childID 2 -isForBrowser -prefsHandle 2952 -prefMapHandle 2948 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {3a6604b0-6809-4ed2-a3f7-35291d20bc85} 3972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3972.3.43263352\1051509805" -childID 3 -isForBrowser -prefsHandle 2784 -prefMapHandle 3076 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {fa91379e-60f5-4325-94f8-ed3a88b7996c} 3972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3972.4.1574974132\940867111" -childID 4 -isForBrowser -prefsHandle 3520 -prefMapHandle 3516 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {dbc3e208-f93a-43ac-94da-c865a586aa61} 3972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3972.5.534454119\159692837" -childID 5 -isForBrowser -prefsHandle 3680 -prefMapHandle 3676 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {e549fd5f-9020-43f3-bdc9-946705e6f661} 3972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3972.6.2104602493\372034917" -childID 6 -isForBrowser -prefsHandle 3820 -prefMapHandle 3824 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {108b2c35-1805-4636-9f53-3865863a3793} 3972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="3972.7.668716915\448025012" -childID 7 -isForBrowser -prefsHandle 3648 -prefMapHandle 4148 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {72964045-0829-4ca9-afbd-9dee39af9209} 3972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe --port 50061 --websocket-port 50062
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemej0Tr
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50062 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemej0Tr
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1144.0.1819659428\1946136170" -parentBuildID 20240416150000 -prefsHandle 1468 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {4740b0b1-c906-4a2c-9821-16feddcd36e1} 1144 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1144.1.1599113221\198277931" -childID 1 -isForBrowser -prefsHandle 2256 -prefMapHandle 2252 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {3ffdc405-a998-4464-8b76-7b4621d97469} 1144 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1144.2.1848008123\1722085084" -childID 2 -isForBrowser -prefsHandle 2964 -prefMapHandle 2960 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {24d60410-fb8c-4b4e-b52b-4da65a2d6aa9} 1144 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1144.3.626153118\152389056" -childID 3 -isForBrowser -prefsHandle 3260 -prefMapHandle 3264 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {027d81e3-28ae-4051-a2cc-b455118d9ad2} 1144 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1144.4.389780810\2028986884" -childID 4 -isForBrowser -prefsHandle 3160 -prefMapHandle 3548 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {55421a35-ba25-455d-8a13-48fda74119ae} 1144 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1144.5.355042720\142196638" -childID 5 -isForBrowser -prefsHandle 3656 -prefMapHandle 3556 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {500377b0-3435-481b-bc82-74b53fa96ca6} 1144 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1144.6.1549180501\520955112" -childID 6 -isForBrowser -prefsHandle 3944 -prefMapHandle 3940 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {7ad7c2b4-7fdb-4cd3-a7eb-950f1246b8c9} 1144 tab
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1144.7.347810171\2043097775" -childID 7 -isForBrowser -prefsHandle 4364 -prefMapHandle 4120 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\browser" - {a8238cb1-38c1-4401-a9ed-a2e6f0749ffc} 1144 tab
Network
| Country | Destination | Domain | Proto |
| DE | 173.249.8.113:443 | tcp | |
| CA | 74.116.186.120:443 | tcp | |
| US | 8.8.8.8:53 | 113.8.249.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.186.116.74.in-addr.arpa | udp |
| HU | 37.120.144.222:9001 | tcp | |
| US | 8.8.8.8:53 | 222.144.120.37.in-addr.arpa | udp |
| NL | 51.158.201.235:8080 | tcp | |
| US | 131.153.152.146:443 | tcp | |
| US | 8.8.8.8:53 | 235.201.158.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.152.153.131.in-addr.arpa | udp |
| N/A | 127.0.0.1:50164 | tcp | |
| N/A | 127.0.0.1:50168 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| CZ | 5.1.56.52:9001 | tcp | |
| N/A | 127.0.0.1:50260 | tcp | |
| N/A | 127.0.0.1:50268 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | udp | |
| IE | 52.111.236.23:443 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| N/A | 127.0.0.1:50588 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50596 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 209.143.182.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| N/A | 127.0.0.1:50905 | tcp | |
| N/A | 127.0.0.1:50913 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:51273 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51282 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| N/A | 127.0.0.1:50061 | tcp | |
| N/A | 127.0.0.1:51569 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51577 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI22762\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
\Users\Admin\AppData\Local\Temp\_MEI22762\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
\Users\Admin\AppData\Local\Temp\_MEI22762\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
\Users\Admin\AppData\Local\Temp\_MEI22762\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmp1jbb8z5x\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI22762\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67ae5J\prefs.js
| MD5 | 2321c1ca7bb81c9c2b2d08473829ac73 |
| SHA1 | 6e7952f791e1a9f6ef364408212df7bd2f94f11b |
| SHA256 | 0754c794ff63e8b08e278adf6c3d4e2236d96949cc6771a40530fc3a87412f2b |
| SHA512 | 254d1bd723cc7e57ef06dd4d05dd98e777fa9f6e3def7c1afc484cb087389b7fcb870c161080893104e28c7fd5ba0cfbdacd826d9e5b82114106a9526924d850 |
memory/4316-549-0x000001F2C3510000-0x000001F2C3520000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67ae5J\extensions.json
| MD5 | 23cc9f74c4e5dcce700c6c9c3e11b902 |
| SHA1 | 587925e4084e85966e1ddc8cc791637bca26b173 |
| SHA256 | cc0c502dfffdf823fe8e313cdc2651853ec7f2812d308db2658b7fc543e18f1a |
| SHA512 | 4a16c931d8346f13b84ac6f96bc927db1b5b835a1bddd267a8f5f40b81b5b39a15e477f81fe6c8d08c1029a9df1ac8fcf4ec3557c70bac712b359d4699752c78 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | cc332940665bc81911c54aada15c0377 |
| SHA1 | cf4fb181212dd027ed72d8b6469b15489ebaed2e |
| SHA256 | 183d7acc67e65a24a57042bbf408f13631d3ad64f5f592c32f35e7433dad15f7 |
| SHA512 | 75b79b31bb2d6cf7b3632437fef0b67f78fda9f3f47cbb7720d22207276b6e3a8b33cccd6861c78be78e7535341a6c89762963487baf009bed81985da692390f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67ae5J\prefs-1.js
| MD5 | 7485f9ff0f25988c29fd3c7a804e8c79 |
| SHA1 | 814b710bd04c600bf0d27b0acf8350b6352b457f |
| SHA256 | c81d5ce24522e8b5cf9287b88bb1d355109716e605f8d58c980a69a42fb7b16d |
| SHA512 | 5efb59e9f6a85ed6098cede98c2e9e87478224c7bbdab381b037a8a58baf01f7c54933beb834938dd9588fff39ae8053c6b69e5fd81d0783ffd116ccf2cbf03f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile67ae5J\prefs-1.js
| MD5 | aef1472bebbdc86f74bf0278a254ec6a |
| SHA1 | e8a68f273c839803c44befc5a7a289e81b355ac3 |
| SHA256 | 1ac5b2e94419853ea22a3d74ed9631b68df07a7b24c49c990996d37e00d0035b |
| SHA512 | 65fc27ecf7866e22db9be5906b9d0895130d3a729e9d2eff104583dae356a91137dd78e0e6896f1659aa927239375a0a66f943c4e4d92814d5ea3e4df9f1acff |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
memory/1736-827-0x00000183AED80000-0x00000183AED90000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\startupCache\webext.sc.lz4
| MD5 | e0c5374355450462cb94b135dd2a2357 |
| SHA1 | ed1dff80912ecec8ca0ac775f83f13d03ebe5592 |
| SHA256 | fb5a10d979947b9440fad7c95d2ec1843c4547bd7c6ced14ee89e59b193242c9 |
| SHA512 | a5593b2720fc7adcae03de399f8bf953963aab1d4d41b055b7da85ee4cb38fd23ff03c07aa641e75d8b2172a17b3d53aadc7d19465ed7576ea7ca66a9e26497d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
memory/1736-863-0x00000183A36E0000-0x00000183A3850000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\prefs-1.js
| MD5 | 6095e29045e09c5db4e0b8bcff3b4a3f |
| SHA1 | 293ac89afcd3e6498e0e5f6b38b4ebae63efb9d1 |
| SHA256 | f16d3c03a70e2bc1eb73fc6b7be763599264c6ef434d0766dd82a8b1f39cd554 |
| SHA512 | f9624fa9a9bc45ce6a90a496d25d8df94822068220ae673fe4c511ed24e1d50151da3bd02a1282eaf8793a237d8ea9e5422e0f0deab36aec6b4d7c45f1bf33f8 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\prefs-1.js
| MD5 | c26a865a58a89fec746c4c5489591cda |
| SHA1 | 669705c616dbfa3e423ac6eb9858f3960f26cace |
| SHA256 | 332bf3902ad9452f3b7280a6382ea8c7cf9735eef91c8a9cb442e3bf1a32a424 |
| SHA512 | a5d7e774c8edad3e3cc5f6f1bdc788b080dada95adac8c973411d892c30f886b8b5f95d68a5ac494ddcb1534b5bbad2bf6d08306942f3f19a4cac20983eb8fbe |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLTLQX4\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyeecIj\user.js
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyeecIj\prefs.js
| MD5 | 45739e9bd399eed0d6c3206ddef75d9b |
| SHA1 | b6b439b139cd825ba54e06d207385316c58521fb |
| SHA256 | 8a71c57990d269e4c690acaa455837c4fc1fe3d38f3550d5a88d552b543161f4 |
| SHA512 | 91576cff84df776c0df5f081d8e9fb75091343e89525051683a40e3dd44eb8ecf3ca57968a22a897cfbbe4cb0be7d071c9900510588b1f640ca8875f57f1cb1c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyeecIj\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileyeecIj\prefs-1.js
| MD5 | ad8173386f6a6c92fbb7256e3b5b452f |
| SHA1 | 6205e1198012eed0fae4ff2d6a890681c41177a7 |
| SHA256 | e50fda6cdf220d6a871d604775599d6f321a9fa17b9ad96b000cfa91164802ea |
| SHA512 | 32c6c2e907ed318fbfea71b96c14c44f5e63c0d229ac0f772d93590fcbc05fffaf08644edc83f510b6e73a1ce21bf8ad6046a9715b3ac4ae6e53a3b9cd20ceae |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKq6751\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
memory/4152-1381-0x000001B834750000-0x000001B834760000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKq6751\prefs.js
| MD5 | 128c5f517502bdfeb25e2e22208ef622 |
| SHA1 | 38e813bbd99aeaa4116d9e76f34fc4eb807ce969 |
| SHA256 | 6d0780cfa76b09119ca4ce8ea55afb79394e4b8b109ab540ffbed854061ceb69 |
| SHA512 | faccd4eb972a9bec134220b24a785c17cb06afe2ec934ad42f5c27222e76378cdbf50041f2f4900611225bda3e5b545a63651901a750d023d0eed733289c582f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKq6751\prefs.js
| MD5 | f94fea10801efe1af3198a5e7f57b9c4 |
| SHA1 | 1165f6c4b26bc7f93746e7229f06afec362b123a |
| SHA256 | 35921e33f9265f553230f5aa18f3c3082b0bb4d41eeaa56bcc2d64c63ff30c44 |
| SHA512 | 653105be8e87d831101113b5851c1fdfe9e94024564c008c2450295d6b870ca6a07332621afaa19f238da5ae2e0a139226824663f8c5ecfec6e9b7e03c74b90d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKq6751\prefs-1.js
| MD5 | edb3456d0f068ad93a0abc488002ff06 |
| SHA1 | 2db670bfd22cfad3b4a7c31c3b6e96369198309f |
| SHA256 | dfe94c349a6e17c14cee59de0c5587ee90a6a620643a0f70b24d47cced310225 |
| SHA512 | 1e7a2669c1ee229c77a98288aa54d95706f4be80ad986aaf46355a3582a3e98b23d6a7a8c970f8292d5db5817c0d1c80a971c41ceb604ffc681c6df9dacb97dc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKq6751\prefs-1.js
| MD5 | 601875fb6befe78413dfdeea0bccf2c5 |
| SHA1 | 88148e1c482877e90b0bcb25dfd42cc152b8c6f1 |
| SHA256 | 2361e1c0a793628768e0264d3a5f5716b93bc4a23c56b816217f993fdb0a5880 |
| SHA512 | be6cd641f1e92c7d46d87c71557e78be74dcd61075433307d8c8321e5693aac1e7c29ccdedefdf9913d18e0f5cb5ce060496643aff2a8caf06d058e9e339a1bf |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxj1JB\compatibility.ini
| MD5 | 864b16f9dac6bf1961f6f625ab01ec60 |
| SHA1 | 714f3798be4ff80a63dcdac60e1a70b20457ce0d |
| SHA256 | cff60f0afb5a4d9080845ffc54a1ad97bc8d25150fdc7493d22d05cd42d04f83 |
| SHA512 | 36096b194b918d84438e7a13a452a708f61e8dde8930d108044bc286f9935f6f73d8b98700cd061a7ecdda44fd82ee5ff1cb5e4d1734f82c62a7125291da7479 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxj1JB\WebDriverBiDiServer.json
| MD5 | 0f66c7fb32ee0c2ef28d1ed4c608b813 |
| SHA1 | 020b1dd4ea2080fbbb9e719e19ac136e0be7ea4f |
| SHA256 | 23f4d359c08838dd198554f33c8d9bb18b4ae30b43a5c738388519fda3478745 |
| SHA512 | 29adc3a7c7b4bc26ba924af49c4ee381419e7bdd469fc7d5181d4ad56d3d2389f3f3a09070ade57cbdc62a1c2ef04c5e66d5cd3808c726ab8ca9508a9aef0963 |
memory/4544-1657-0x000001F58CAD0000-0x000001F58CAE0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxj1JB\addonStartup.json.lz4
| MD5 | 29899bc502b40f9bf0f23b57890cbe41 |
| SHA1 | 1239d774330914502c175e17bd9f419180e23bcf |
| SHA256 | 8a2872db5cc6d9e552821bb128a2ef967c1e356464e6ef35945129e5c5a70aed |
| SHA512 | fd417a918b865de72391b1b48afe58e404419eef7b91e39bd774e39f82116acec7653defc8e8a80b797fd0187cdbef22e0fb517c78ab028d32e1d9726cbfe32e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxj1JB\prefs.js
| MD5 | b79528b81e2fbfb93d4166ca7ab31a49 |
| SHA1 | a20f12baf55abd42c4f2164333a93b226e199d39 |
| SHA256 | d047b9767d9bf0153cd9d9fb9b3b55351b5936a6e34f23fa411c570d53ac5b13 |
| SHA512 | 3139b277af8754032e0ceadc0d8919e3aa6147ead8c13cb67c09ed41ca145750cc5fabc82fc7f7a91ef77ecca08307bc5000daca1b1a66ecc7aef74a12f3050b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxj1JB\prefs.js
| MD5 | ea5511e5dee88a3309c7409e11923a0a |
| SHA1 | 1b8dab49091d0ef9a34d7ef75db2fddc849ab7b4 |
| SHA256 | b6da3a9c84ea17288279eb5845a4623cfbd17e00eebcdef4a089e07960fae852 |
| SHA512 | 344b1a12cfea11f39fb467ba7340c3d8c7ead851fc0961b181290f07d09b805c72e7654e9643daaba4ff65b056157d46e8fb3c56859e77fba8540f5a976d201b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxj1JB\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | b8c03c2990bccfe1636201baa8e8c790 |
| SHA1 | ea9f60645865c5501d045ac000531ffead1b6492 |
| SHA256 | 96aa8262c5c672000630841901683250562378f1608905e4374ad683d649063a |
| SHA512 | 7fea717affa2eaa1d95c97af7ca3cf85b3aa499ddb792e677edfffc3351df89694291d87429a47dde2649f669801d311a226190b50163cd80faf62d079190b91 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxj1JB\prefs-1.js
| MD5 | 5f6e7d7dee83cac0801adbc06f636f07 |
| SHA1 | b4c7c1d7cc8f6c72905c3c46652da447df2f5811 |
| SHA256 | f6ebc17a3a9efe8ce74a9050bd66220f31a262b9254ff0726a87dfe3b6e5c1c6 |
| SHA512 | a338b43172f8315a84ff3e2744dcd3d9f38d27b25b736217e2cadcd68e88b3e02b8c987fd4329a9f09d63a17ceac69b58be957c74232b015fc135ddc19a5d2e9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMnj8jq\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
memory/3972-1945-0x000001D08ACC0000-0x000001D08ACD0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMnj8jq\addonStartup.json.lz4
| MD5 | 7a53fb59a680b8b475f557f77bfe4f90 |
| SHA1 | e4af381645f9d3a6266d519f9895fb2bf2b7d614 |
| SHA256 | 1c4225b42de27f0f1df459eb63bd80ac8d27e264d20f2d6d55223c1247eaa0eb |
| SHA512 | 71d636aab99b4f6ab2a8e37ff6249d1061cadc23bf64018590bc89ace2af77f6ac161af6e27a564a30d4b41cc0510553608f52dd5ab3eea066c3ee65286ec933 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMnj8jq\prefs.js
| MD5 | 167d8d171bdd17829867b85c5f37100b |
| SHA1 | 8a7b3c86576ed260675e5193b0f1950819d8981d |
| SHA256 | 44045d0cd0630636459f28e083871f7649b70b3f333e1fc31288aa20e06cccea |
| SHA512 | 38c291676f2fc50ecef42693bf3e0661caf0fda3d3a8f241ce4ed45aad6879537c58f7f7f99ec8f9c7fd1fda62d5a15b01773eeeb8a0bea0b354c25efe047120 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMnj8jq\prefs-1.js
| MD5 | 39b6dc1fb6abcd240416c4ac6c08cd9d |
| SHA1 | a3fe8c0f935b2614576e59d1c316d2655e6997cd |
| SHA256 | 8771c8ff0e3f809ae361e7fd3a023550b3d063999ce6ce136e48f0a68add7e86 |
| SHA512 | 2b515485d85c78b18427291a58ed81a3d8bfc542d2c36734f07296db9d7bbc09cd2d6e3933adf22738f6c23a3e2cf251129d4eaea1ed2504708dbccd1c2b2405 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMnj8jq\prefs-1.js
| MD5 | c0692cf0a67874be290706a5eaecbfb0 |
| SHA1 | b127c246f3e072bc62f363038a8efd9b7c2fbd4e |
| SHA256 | e7805e88592d505b5fa4e95536300f0028b7adc2a3f4a0458c81831e4dd1865a |
| SHA512 | 127ef7f73c39f40633f7d28cea7d6a1ec4ad76c3f995b1e83faf36675d06a3511d2d6078381ee791739772ed780c6f86020105e2a9b679bb1566f2ccbb915134 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMnj8jq\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMnj8jq\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
memory/1144-2244-0x0000025C5D4D0000-0x0000025C5D4E0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemej0Tr\addonStartup.json.lz4
| MD5 | 6bbd87b65a6dfe01175e31c59753d539 |
| SHA1 | 546b5cfcde7451266493c73376783649e5aeca38 |
| SHA256 | 309f53c2ed19779cd7b8864d3f52ca89eba8e0b986dc6e9c8ae3073c7e3015a3 |
| SHA512 | c5fd6e01d5e94a31b7fd5bf277f513973ad83efa281c5a0599f17fb32f45b0101feb154f11005fd3b4f29f515ad4f74d9d3826fd3f620ffc8fa00e1fa7c98b6b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemej0Tr\prefs.js
| MD5 | d955ee22ef9ac93b84b3f16dbb7da22b |
| SHA1 | 4177ecf13ef8facf90eeb297514321f143ea9e74 |
| SHA256 | f9f008686017aeb0e2300427aba0299e8c406a814132f2447e7ec262a49a2786 |
| SHA512 | c066355f538455b06e2b60343c7ed85b396efc994b8f852972cdcbb393593e175a8ea57526e992f4cd15ee32a1458df7d9eec9e76e4f78ee1e148d3ae5b352c6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemej0Tr\prefs.js
| MD5 | 05abfdab0bab6c77bec8221ba71b6ead |
| SHA1 | 8e3b2ca9109d95bdbb862a318ede0997fd8b6a40 |
| SHA256 | 4a2db4066e8a0379271696ba3346a80cd83b19443bcdca04bd0309efe95084d0 |
| SHA512 | 55c04b97adede4db7bb0f0b60653c92d7262db83afcd851dd254f0350cee21c989fac90d10fa5322480c11d949eff6f79d580e059f0cea8dd02ddb571f6aa3c6 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win7-20231129-en
Max time kernel
298s
Max time network
308s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe --port 49452 --websocket-port 49453
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilea1Kseo
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilea1Kseo
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1956.0.505702160\881993995" -parentBuildID 20240416150000 -prefsHandle 1240 -prefMapHandle 1232 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {a6231d3a-7404-422f-8d09-efe8d5f50aaf} 1956 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1956.1.581758507\1996191177" -childID 1 -isForBrowser -prefsHandle 2040 -prefMapHandle 1568 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {8dec45d2-8a34-4cfb-89a1-3b7c9aa97244} 1956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1956.2.2017808889\1419894239" -childID 2 -isForBrowser -prefsHandle 2264 -prefMapHandle 2260 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {745f5715-8004-4f53-af52-122c843beadf} 1956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1956.3.83303094\1510440912" -childID 3 -isForBrowser -prefsHandle 2676 -prefMapHandle 2732 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {871ecd33-683a-4a20-93a9-7041b3eda67d} 1956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1956.4.2079125767\598748467" -childID 4 -isForBrowser -prefsHandle 2524 -prefMapHandle 2348 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {e6c0b1a1-c19f-4eee-a618-7d754fdf89d7} 1956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1956.5.1048045613\2143084663" -childID 5 -isForBrowser -prefsHandle 2960 -prefMapHandle 2964 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {db591161-a266-4f07-8242-9b3624830b74} 1956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1956.6.1917757854\1640133498" -childID 6 -isForBrowser -prefsHandle 3116 -prefMapHandle 3120 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {1afd6b83-22db-4fec-bda6-04b15f9c3ba1} 1956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1956.7.312135504\152745809" -childID 7 -isForBrowser -prefsHandle 2872 -prefMapHandle 2980 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 876 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {493778c1-cd41-45dd-a6b9-85c7de4da916} 1956 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe --port 49452 --websocket-port 49453
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1012.0.1997329006\1365087606" -parentBuildID 20240416150000 -prefsHandle 1208 -prefMapHandle 1188 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {ead24193-6e1e-4be7-addb-9e91c61850d8} 1012 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1012.1.1234632617\1152508236" -childID 1 -isForBrowser -prefsHandle 1868 -prefMapHandle 1820 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 660 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {61fed0ed-50c8-4541-88df-056a616aeacd} 1012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1012.2.942417610\1411331206" -childID 2 -isForBrowser -prefsHandle 2260 -prefMapHandle 1776 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 660 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {39e10d0b-aaca-4192-b568-b51f58ae8a61} 1012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1012.3.293002080\2019863392" -childID 3 -isForBrowser -prefsHandle 2768 -prefMapHandle 2556 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 660 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {e000d6db-bce2-4da4-8035-3d6b2c14f243} 1012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1012.4.382003742\245832607" -childID 4 -isForBrowser -prefsHandle 1088 -prefMapHandle 1084 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 660 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {95f22007-82b3-4a66-95c2-845bf4376395} 1012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1012.5.442435272\1411249422" -childID 5 -isForBrowser -prefsHandle 2964 -prefMapHandle 2968 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 660 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {f121284e-c3d1-4117-8e44-dfdfe7d35ef4} 1012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1012.6.1608368084\399056347" -childID 6 -isForBrowser -prefsHandle 3124 -prefMapHandle 3128 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 660 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {9667a411-2059-4284-9b21-4c67932c14f7} 1012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1012.7.1988435965\361591179" -childID 7 -isForBrowser -prefsHandle 3536 -prefMapHandle 3532 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 660 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {586de18f-aaa0-4963-88f3-841a169c0a61} 1012 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe --port 49452 --websocket-port 49453
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekLXxwU
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekLXxwU
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1892.0.903781675\1840957349" -parentBuildID 20240416150000 -prefsHandle 1212 -prefMapHandle 1192 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {e3b5000a-603f-46ea-b99b-8cbbd9752c6c} 1892 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1892.1.1491821000\1019251362" -childID 1 -isForBrowser -prefsHandle 2108 -prefMapHandle 2264 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {55d871e8-85d3-4fc2-863f-22bfb60d6eb9} 1892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1892.2.678603951\1480591700" -childID 2 -isForBrowser -prefsHandle 1792 -prefMapHandle 1964 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {afa4a69f-e63f-4621-b009-bc5653d8cb5b} 1892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1892.3.18047956\1793368542" -childID 3 -isForBrowser -prefsHandle 2416 -prefMapHandle 2452 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {98d7b449-7f6a-467b-8f61-93ae503b1f0c} 1892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1892.4.1179490602\86578070" -childID 4 -isForBrowser -prefsHandle 2644 -prefMapHandle 1084 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {9e4a391e-8ece-4b1d-baf1-04ab7de50d6c} 1892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1892.5.660552100\154955378" -childID 5 -isForBrowser -prefsHandle 2812 -prefMapHandle 2816 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {cc2b0b26-edf8-4af7-9645-c0c2b3946324} 1892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1892.6.1055937526\259026779" -childID 6 -isForBrowser -prefsHandle 2968 -prefMapHandle 2972 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {3628f7e1-8679-4be2-bbe3-04fe197b076a} 1892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1892.7.1967526521\636504062" -childID 7 -isForBrowser -prefsHandle 3448 -prefMapHandle 3444 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 860 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {0b6f08a8-f3f9-4967-aac4-d4b57d742333} 1892 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe --port 49452 --websocket-port 49453
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLHtiaU
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLHtiaU
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1456.0.1149448558\2107810808" -parentBuildID 20240416150000 -prefsHandle 1200 -prefMapHandle 1180 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {9551a092-d6c7-4f09-8a32-0cca753cf3ae} 1456 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1456.1.1699226388\124739440" -childID 1 -isForBrowser -prefsHandle 2004 -prefMapHandle 900 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {35517069-2d03-40fb-9dcb-30ed90df1c10} 1456 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1456.2.159097819\975510892" -childID 2 -isForBrowser -prefsHandle 2240 -prefMapHandle 2244 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {6ed42d4c-fd02-4ed0-add0-075f203840b0} 1456 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1456.3.1675269138\962941227" -childID 3 -isForBrowser -prefsHandle 2704 -prefMapHandle 2660 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {7830550c-8e42-4ff3-bf1b-8297145e7244} 1456 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1456.4.5325576\1328257250" -childID 4 -isForBrowser -prefsHandle 2848 -prefMapHandle 2844 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {49e41de1-310a-4d6e-b9f6-45a057507e42} 1456 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1456.5.1367001435\1728215774" -childID 5 -isForBrowser -prefsHandle 2968 -prefMapHandle 2972 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {792971c5-e6fc-486d-81fc-b891b0bbeba6} 1456 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1456.6.183312120\1086500646" -childID 6 -isForBrowser -prefsHandle 3028 -prefMapHandle 3036 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {88ee1fc6-6a6e-4665-9454-42bbb25d49ab} 1456 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="1456.7.815249012\1563742816" -childID 7 -isForBrowser -prefsHandle 3388 -prefMapHandle 3364 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 824 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {515dcee0-249c-41ed-a1c1-c753f5d48cef} 1456 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe --port 49452 --websocket-port 49453
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileko83R0
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileko83R0
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="340.0.114913726\1486908454" -parentBuildID 20240416150000 -prefsHandle 1212 -prefMapHandle 1204 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {b92b1282-d2cb-458c-8f0c-7a786aea23b7} 340 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="340.1.1683306929\545286261" -childID 1 -isForBrowser -prefsHandle 1896 -prefMapHandle 1836 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 800 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {3ccf067b-86d4-4f51-9ad3-b667b690666a} 340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="340.2.152733837\2084189907" -childID 2 -isForBrowser -prefsHandle 2340 -prefMapHandle 2336 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 800 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {d50cec44-0f48-44fc-88d9-b97e13aba40e} 340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="340.3.623694559\1265394941" -childID 3 -isForBrowser -prefsHandle 2676 -prefMapHandle 2680 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 800 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {2da81efb-0fd6-4bee-9e5f-b80dd6d809f3} 340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="340.4.734690620\2123653369" -childID 4 -isForBrowser -prefsHandle 2852 -prefMapHandle 2848 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 800 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {ffbddc30-1d4c-49f8-a004-c81aa32adcb1} 340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="340.5.1265165957\1647303820" -childID 5 -isForBrowser -prefsHandle 2972 -prefMapHandle 2976 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 800 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {3cbbf89f-a5d6-40bd-be77-1059d729fa00} 340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="340.6.855826008\1383229344" -childID 6 -isForBrowser -prefsHandle 3132 -prefMapHandle 3136 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 800 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {8881356d-931c-4568-8780-d24b139f8f8c} 340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="340.7.383576681\2011783857" -childID 7 -isForBrowser -prefsHandle 3488 -prefMapHandle 3484 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 800 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {f9e5c473-bd6e-4ed1-bd52-f8dee2163009} 340 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="340.8.2053407037\1714387810" -parentBuildID 20240416150000 -prefsHandle 3424 -prefMapHandle 3412 -prefsLen 27558 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {e93057f9-3b21-4bc1-9923-eb012c1e69ae} 340 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="340.9.1653124368\1215417965" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 7540 -prefMapHandle 3404 -prefsLen 27558 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {7ad4888c-46e3-4570-8efb-386899c05c72} 340 utility
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe --port 49452 --websocket-port 49453
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileIoVaW4
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49453 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileIoVaW4
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2496.0.1468618073\1178439553" -parentBuildID 20240416150000 -prefsHandle 1240 -prefMapHandle 1220 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {9c0cdf37-7064-4472-90df-7f4ccac5d9e5} 2496 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2496.1.693733552\1158728087" -childID 1 -isForBrowser -prefsHandle 1996 -prefMapHandle 2072 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 840 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {0dbd3979-a6cd-469b-9242-baed9cf1414d} 2496 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2496.2.1029179337\1567072669" -childID 2 -isForBrowser -prefsHandle 2168 -prefMapHandle 2180 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 840 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {345bee4c-a65f-4e78-8f75-ebe9db21919c} 2496 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2496.3.902539686\1208371847" -childID 3 -isForBrowser -prefsHandle 2684 -prefMapHandle 2688 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 840 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {c904facc-ed23-4c32-8dbe-e5cc1c747f19} 2496 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2496.4.363534120\1935215807" -childID 4 -isForBrowser -prefsHandle 896 -prefMapHandle 876 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 840 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {936989d6-40d9-4c9f-a0d5-709989983347} 2496 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2496.5.981077771\1536154989" -childID 5 -isForBrowser -prefsHandle 2928 -prefMapHandle 2932 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 840 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {c6f433cd-e8ca-490e-8a57-e8f87e5f2b3c} 2496 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\firefox.exe" -contentproc --channel="2496.6.949098163\1116326416" -childID 6 -isForBrowser -prefsHandle 3032 -prefMapHandle 3036 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 840 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\browser" - {b7e9a8fc-1f08-4bd6-8b30-84edf80ecb9a} 2496 tab
Network
| Country | Destination | Domain | Proto |
| MD | 146.19.213.120:443 | tcp | |
| DE | 5.9.121.207:443 | tcp | |
| N/A | 127.0.0.1:49556 | tcp | |
| N/A | 127.0.0.1:49558 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49650 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49685 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| LT | 91.244.197.76:9002 | tcp | |
| CZ | 87.236.199.239:444 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:50200 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50235 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:50773 | tcp | |
| N/A | 127.0.0.1:50808 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:51289 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51324 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:51814 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51849 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:49452 | tcp | |
| N/A | 127.0.0.1:52465 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52500 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI23762\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
\Users\Admin\AppData\Local\Temp\_MEI23762\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
\Users\Admin\AppData\Local\Temp\_MEI23762\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpmfn8dfk3\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI23762\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilea1Kseo\extensions.json
| MD5 | 03bfe64a97f4cc030219d2c19363e7ae |
| SHA1 | f781005702e0bb1094b6ac826fffe3a8572ffedb |
| SHA256 | 593e18a005880db99b1cd1c88cd7571711ebdf12ed9c284f6a5839b2c123f98b |
| SHA512 | 49618c416b54174bd2cfb178ea0942a0dab5eee858c5de1f133a0858477afecb51fcf88c8212921c8cb4cd296baebe922cbbfc72eaf45f0f3781aed364673743 |
memory/1956-689-0x000000000C290000-0x000000000C2A0000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 356247688e99c0cbe19a5533e0b335c2 |
| SHA1 | a76a271cf69cce95f049c1a01e6f70a0e92a019b |
| SHA256 | 0717ca4a78c7c71620be8dd1f0361b2c50de1694d9f50cc5825c747de6e0be05 |
| SHA512 | de6a9b1bbb65925b013629859ffa3e18c52ff675467be7c738966cbd1247e900559a984c447cd2c597a4138235bb2d841cc2de00aec0e37c806e41efc683c7cb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilea1Kseo\prefs-1.js
| MD5 | ea0072f60a310d82e50f006570fb2d4a |
| SHA1 | e0cc04d789bfab9ace5dca1cccc3a3dee114ca45 |
| SHA256 | 259e3f82a869b9a27feb8f8f152941cbe0f780de54ea54ced023508a6cc07fea |
| SHA512 | 990ebe389cd29432ddc495ff64c15e9dc53a2ab3d18203492a2772e44189116b15f85600592fd7b64c5b365b697731a4c94f1e002fedf00ced4d33db62d5b517 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilea1Kseo\prefs-1.js
| MD5 | 1f94825c89c036b3511900a8a0f8bb91 |
| SHA1 | b386dc78c86e5303cb9d8212ae533dd834f631ea |
| SHA256 | d89ff29a0c774d31ce168307813c071b82b72b14030184af5f434f577d22cb8d |
| SHA512 | 9513aa1aea857538864f24433616a3391507832bdbcb7cb0f44967fb09e1dc20de875696b76dafdfe6fd116dd397635a6774d8dcfa5af45f94ac8ac479efdc6c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilea1Kseo\prefs.js
| MD5 | 7411eb3e549740bffa68b93286cbae26 |
| SHA1 | ec61b719a7ceae57d5a4b1d3f8b9038211b0352a |
| SHA256 | 239ee0611e90370b69a0bac68b5ef1b47e7e561e504b165a2bf5f173169cfa31 |
| SHA512 | dd3b6feccb567f3d6c29cae676bba9461d745bd1f84dc52a7cf2c2fc5f84da672ce7d18781ca6b6f22bf4f7fdbd238cc5ac2119319dc710ef93812bfba52f398 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilea1Kseo\prefs-1.js
| MD5 | ee4b49ef19970de8cae17f4ea7026d32 |
| SHA1 | eca72c5f73bbbd958aebcb070bb36e45effcd531 |
| SHA256 | c6e4360253ff18977d89a51bf18661cebec4e068010efa1c453dbfd316acb075 |
| SHA512 | 1f20406af011b2a89cea27adae51980dc2bb0bb5f7f469d64e6bc26811c6bd36b9ee19d63a3f36ff717771f073aa8060549d33c9ec0062b25d3fe2eac22465ac |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/1012-1176-0x0000000003090000-0x00000000030A0000-memory.dmp
memory/1012-1175-0x0000000003090000-0x00000000030A0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\prefs.js
| MD5 | e75c256ec7631f0215f111aafbafca2a |
| SHA1 | e3f00225731eaafe23e430bfb4494633c9aa68b9 |
| SHA256 | ff04f7c05ee1a6161c6c7b3029d04be0bd7c02057e5cf53faca4b61b25ae31e7 |
| SHA512 | 600e5394475526bc5c93a252292c8604ca7f4b9b15deb55ee017d8ad7ed84e36d2b8dcc56e02f4771f4380c82c6166512e714c95b80b2d1a30ce2fe601d86f71 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\prefs-1.js
| MD5 | f65908380653fbca31b2d922bb02b233 |
| SHA1 | 2847007c81ce5d57a0ad2b6a2be6ea8e64c6769a |
| SHA256 | 07bdde36d892df595dd8914e9a14b3d8e3d53b9de9c96c2876121af56d5fd9cd |
| SHA512 | 467630ec1b3de6ec58202be601ab909f60c8fb8bc261d3816e4f7e4cdad7bce5f457b93134fec53487238df425403731ea608ff11858df41fcbecc735be96772 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\startupCache\webext.sc.lz4
| MD5 | b8376d2762fed1babfff2ea565af1f0a |
| SHA1 | 879cada79a8c99934914868f386d4dce2b47dcca |
| SHA256 | e04effc6e6ace1085b5cc38c53d874d32fa904ec190c834dc569108025ee45ee |
| SHA512 | a16a6d8d7984320f231398d0c06f2825234c3b51dffe3b5d1061f19e82a3eeab9a79dfd25b18377ea8d0b39b726b4cb389532d1e4ad056f14aed048a2374d551 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilej6N2fk\prefs-1.js
| MD5 | 2c01ea45b1b60926cb8865af43e041ed |
| SHA1 | d7b313bc3b32bdbf2722b3e9043f6f7ef902e267 |
| SHA256 | 35ac22e210d1e2d8eb1728e85a07c94c5accd18e8a3a2299c64cd2c2d1e948b2 |
| SHA512 | 49e56fe334f68f845e26edc326f19bfc8d18fc5144e2e6b9b3510b00d40f86e57ef6c3a282890c48bc4cfde9dc1250d59fc9c3a6162891dc145ef5473c12faa7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekLXxwU\user.js
| MD5 | 342c1657c3cfbc30d78847a34141fd9f |
| SHA1 | 6a97ea70a7a1d7562d18f42e179571ebca84f814 |
| SHA256 | c7aead1b89dbcfc3c5b6a365276682dd397fee1652d8a10a34228ed5de21531f |
| SHA512 | 42cc5484090b9a4059f8c82f56d3a8db94f2a00fd3032979533ff87bc328370a1b88cbc64bde8dd13b8aaa728f47631188feeea8e06d5b46416ebeac2358ec02 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekLXxwU\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekLXxwU\prefs-1.js
| MD5 | b674a6d6f6fb1070fb9d5612f0dc5cfe |
| SHA1 | e85bbe2a1b3416a0a4e1dd357e457b3f0817661e |
| SHA256 | 8b74fea24f7f9344e4f1d1e8479535dd2575b661fab82783c42cf34e711eb850 |
| SHA512 | 3059cec0a6fc4c56b18b068fa44016f2c0ca0a377d1b72bcf83fed3fb5ffdb3ad574ed36fc82b7ec694f88c7e393387b7d2c2df98ff83a51e08efc2c6804c5df |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekLXxwU\prefs-1.js
| MD5 | 880b9fbe8e48fda93a12632c150dd9c2 |
| SHA1 | 41e160ebfc906b27d36a0f6e2ecb09d658964846 |
| SHA256 | 5269185eb280a885feebb6daae678a84b42232830a57c94cc7008f9b59100211 |
| SHA512 | fb6f13732dccab570c7aaa84364070036416b3b6c5a5d4c5c74fa4cc91661cbd19f3d0637d37e218e4001e01587187e4a70ba21b664cd07620107fcbf50115fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilekLXxwU\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLHtiaU\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLHtiaU\prefs.js
| MD5 | 87d5aabde1c97adb307d42de79e0de45 |
| SHA1 | 2eb2c9465dd5ac494bc07a0de50b41934c2380b1 |
| SHA256 | e9a786eb749031f88be69c5bc87dcd02d875add028a71d28640a4f396819eb1e |
| SHA512 | c6875be949e7bda923f10100e26c699349a6cc1fb624953f4f79b0c9ff5778a4f3bd1d5a71ca485512f5aba559831366951e8fe9005556ec70734de8a3c5ef62 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLHtiaU\prefs-1.js
| MD5 | 09adb1e35cc3893ab5150b0f54016182 |
| SHA1 | f431ff6ba737cfe7b94d9642025f66e56f6bb957 |
| SHA256 | 07f96fbc7ab393c37c3e0786bda58660eb414a5faa9cd8e6b8e44da918852899 |
| SHA512 | 77477204ad787a01fc654a18dd85e6fbf3348bc6095713e997d937017ac41fb40bbcd5a5a29ccd7547a8278e48ff971d6b4d7af56be6c4f19f31f57abdeee394 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLHtiaU\prefs-1.js
| MD5 | c186c1cc4faccb36e57cf988263e4dd1 |
| SHA1 | 622182f3d6c94af205d6509a0f08aeb3754c43cc |
| SHA256 | fdabcdabe400e1486f644c77c0506f7b79003a4736e5347e2d3a078c31913093 |
| SHA512 | 76a6bcf017a9e6216a5d1de4f75e9a8187e8e377e2a7dc6ed47fe2e17eb69a999210645bf8809462df24ec5a3cfbe0cd995681883499b052c9a9bc06891d57e7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLHtiaU\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileko83R0\compatibility.ini
| MD5 | b8b9a519ca59c9873ccc750de409f5db |
| SHA1 | dadf8d40f0869bed96c53b92c3d10971452034c8 |
| SHA256 | 8a6cb16e0eefa8e63634671be2080782f77b23cb0d902c7c1cfc8ea39cac0ced |
| SHA512 | b6901a1ce8108d1976a665cd484d6b3e8cf6d2fb1f7cd915c68af708f651fcca1aef599a58db97833138a2e64c9897aa64b8575ceffd6fa1d0176633569b0187 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileko83R0\WebDriverBiDiServer.json
| MD5 | 8a3761b311c6e2d9a3c07e0ab38f6592 |
| SHA1 | 33e824f54b384593d562592bd94e4c55c381cf55 |
| SHA256 | a29cf5c0c33d3f7efce73290d718df37a90459619064f404d029acb36ee528b2 |
| SHA512 | 88fc9fdf537603c74d0a678a5699d120940deb549760051d53cea8265d7660fecaf2d7e09a083eda2f7cd189d400b144297853dea9f5cd96bb1e0bade3ddc352 |
memory/340-2646-0x000000000A6D0000-0x000000000A6E0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileko83R0\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | e7320c6fe6b5963c6fcdd59005d82282 |
| SHA1 | 9091b21086135dd131412d7a227f49213f4f6f3c |
| SHA256 | bbef5134f969c3d702d97593b144e8fbf439e79bfbcc0460838597ac6de9355c |
| SHA512 | ed24544e7fe92827366e4cc6da59ef9404dac53431253c2e462aabc2918801b204afe87833b65db6272adf48db40f2017c05ba24d569ab11181c28b5fdaf421c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileko83R0\prefs-1.js
| MD5 | d76d70c87a9faae2086fc12b02cf1dc8 |
| SHA1 | fa36a18748b29c18f014da818e6203588c26e13a |
| SHA256 | 909dc1cb15e35558ce892caf14999da0ed3903296f15efa8971e7c6e9f23acdf |
| SHA512 | 6f2d221fee86f21a9d121841e0e2019842d0bb429c22e0d5cf6268906b0a9a9f36633a536f7ebf415051054cdc8fce4de38f581a480c4f51ad35058069a0f2f7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileko83R0\prefs-1.js
| MD5 | 6c6510d34c21121fea9c20b826575be7 |
| SHA1 | cd9f033540092cfb51e76ee42a30fc2b5ecbae93 |
| SHA256 | 8fd37eb4911a341bd7fdd92c4bda82830b8d60b643a3763311c02de51f9cebd7 |
| SHA512 | b0070f925648a9dc76a896abdd583e1ed1de4c5f2dd5fff7929abfc848af63558170d19e0b0a9851815224adf003082d5597f7a2e99514d64a5682e5539017e3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileko83R0\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileko83R0\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileIoVaW4\prefs.js
| MD5 | 1a1cde93b5b10177c30ed9f029d2310a |
| SHA1 | fdc7fc7ffccdb49338caf3c10a524129a999d9f6 |
| SHA256 | fd50cb9e159c0ad3a3802c27614cddc1fd6b60b196634be3d085ef6d364635b7 |
| SHA512 | 5eb021eaaf1691ae0e25d4bd45c6b77dd8ff0dfdc7f7f3b83c1c1d4f97ce384dcf179f25cc279020e15b836cabc836e04055efa97f1a6baa92e8f837d04bab04 |
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win10v2004-20240508-en
Max time kernel
299s
Max time network
308s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI46602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI46602\geckodriver.exe --port 60122 --websocket-port 60123
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 60123 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileu7X6N3
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 60123 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileu7X6N3
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2008.0.1715323410\1748860665" -parentBuildID 20240416150000 -prefsHandle 1688 -prefMapHandle 1680 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {25121cbc-04b7-4ea9-a9b4-ef5be3eae40a} 2008 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2008.1.661816560\506305768" -childID 1 -isForBrowser -prefsHandle 1264 -prefMapHandle 2304 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {e71bae89-2f02-4b2c-aad3-17d36a88b0e0} 2008 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2008.2.1127481671\678777788" -childID 2 -isForBrowser -prefsHandle 3212 -prefMapHandle 3208 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {01d3ef48-f1a3-4625-9890-cb568dfaffda} 2008 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2008.3.1861004611\43725583" -childID 3 -isForBrowser -prefsHandle 2636 -prefMapHandle 3388 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {e7588d3d-1112-46f8-bf93-0e551205c9a8} 2008 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2008.4.1209570808\911029561" -childID 4 -isForBrowser -prefsHandle 3788 -prefMapHandle 3792 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {419ce23a-0792-4cfe-be37-e1049df295a0} 2008 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2008.5.1078563319\675338758" -childID 5 -isForBrowser -prefsHandle 3932 -prefMapHandle 3936 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {508be198-7026-4e79-b96b-8e2125ef050c} 2008 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="2008.6.1534849374\1399696719" -childID 6 -isForBrowser -prefsHandle 4148 -prefMapHandle 4152 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1232 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {1426c7e3-0ff6-4948-a596-44b0283d09f8} 2008 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI46602\geckodriver.exe --port 60122 --websocket-port 60123
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 60123 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 60123 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1388.0.344864516\2104006323" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {4f1d7cbf-0767-4571-ab8d-124f50df141d} 1388 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1388.1.825227423\166494160" -childID 1 -isForBrowser -prefsHandle 2676 -prefMapHandle 2672 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {4f004ed3-4f78-4e68-a299-036c13c379b9} 1388 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1388.2.1631854958\485942196" -childID 2 -isForBrowser -prefsHandle 3208 -prefMapHandle 3204 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {a5d024a6-1237-4e59-a912-fd875f7b047e} 1388 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1388.3.1974614751\658759510" -childID 3 -isForBrowser -prefsHandle 3508 -prefMapHandle 3220 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {1e2c9ea8-4a78-4455-8305-d7bc7254aa6d} 1388 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1388.4.900728072\1129684229" -childID 4 -isForBrowser -prefsHandle 3916 -prefMapHandle 3920 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {85d25b5c-0962-4791-8729-8972e31041d3} 1388 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1388.5.1327294841\1043451813" -childID 5 -isForBrowser -prefsHandle 3220 -prefMapHandle 3224 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {106d26df-2c59-42f8-aeb0-17aa0988f3ad} 1388 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1388.6.1141956976\641887375" -childID 6 -isForBrowser -prefsHandle 4168 -prefMapHandle 4172 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {270564a3-ec1f-4208-995b-80e311e6c7d7} 1388 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI46602\geckodriver.exe --port 60122 --websocket-port 60123
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 60123 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMT2VBs
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 60123 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMT2VBs
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.0.1563833811\1919952084" -parentBuildID 20240416150000 -prefsHandle 1680 -prefMapHandle 1672 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {e2c04c47-c45f-403e-965b-cbcccc6159af} 4520 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.1.1370794330\738104874" -childID 1 -isForBrowser -prefsHandle 1452 -prefMapHandle 2684 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {78d985b4-52bc-4f78-b034-b89d92a4f392} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.2.648407678\725585130" -childID 2 -isForBrowser -prefsHandle 3056 -prefMapHandle 3004 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {496d5ccf-bd9e-45e5-9ed3-325da14b4ca9} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.3.45418791\280987410" -childID 3 -isForBrowser -prefsHandle 3840 -prefMapHandle 3844 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {d11a3f4d-2723-4cf9-873d-d5cf38a918ea} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.4.2051883242\1884560828" -childID 4 -isForBrowser -prefsHandle 4012 -prefMapHandle 4008 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {fd8cb336-0e37-4610-8597-823b263b35cb} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.5.159773699\166155870" -childID 5 -isForBrowser -prefsHandle 3188 -prefMapHandle 3180 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {f7299f7b-4371-4473-b0dc-7405cfb12f19} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.6.1498356313\581744565" -childID 6 -isForBrowser -prefsHandle 4192 -prefMapHandle 3960 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {c70dd23b-5b06-43be-9f0a-8f97acd3fc84} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="4520.7.2073131847\583260758" -childID 7 -isForBrowser -prefsHandle 4436 -prefMapHandle 4440 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {0d578800-d781-4926-a2de-4a6be9a9b207} 4520 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI46602\geckodriver.exe --port 60122 --websocket-port 60123
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 60123 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLllQYJ
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 60123 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLllQYJ
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1360.0.119291835\945181047" -parentBuildID 20240416150000 -prefsHandle 1668 -prefMapHandle 1660 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {6f5f2968-131d-4f1f-a947-4d1c0e9a0dfa} 1360 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1360.1.1534193768\2112574971" -childID 1 -isForBrowser -prefsHandle 2644 -prefMapHandle 2640 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {1a5a2132-05ca-4382-b614-602f8ff83229} 1360 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1360.2.1378734142\1745832149" -childID 2 -isForBrowser -prefsHandle 3192 -prefMapHandle 3188 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {a2ce27c3-5753-4153-9980-0b4908fa0866} 1360 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1360.3.143147664\24421408" -childID 3 -isForBrowser -prefsHandle 3084 -prefMapHandle 3508 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {48665c2e-6849-4126-92c0-005033ce38a7} 1360 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1360.4.1417943603\1705866236" -childID 4 -isForBrowser -prefsHandle 3776 -prefMapHandle 3772 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {f1276455-e2dd-4246-aacc-a5429e242d6b} 1360 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1360.5.1126044964\149035219" -childID 5 -isForBrowser -prefsHandle 3084 -prefMapHandle 3508 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {42a57ffe-fbbe-4e90-ae20-ce29290cb412} 1360 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1360.6.1052489341\203504063" -childID 6 -isForBrowser -prefsHandle 4080 -prefMapHandle 3320 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {01ef0b66-edfe-4772-a9b2-9dd255f6a374} 1360 tab
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe" -contentproc --channel="1360.7.1567246594\488013546" -childID 7 -isForBrowser -prefsHandle 3244 -prefMapHandle 4588 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1280 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\browser" - {845420de-b2c8-4e83-baa3-47d33c303e28} 1360 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 172.245.23.98:8080 | tcp | |
| US | 8.8.8.8:53 | 98.23.245.172.in-addr.arpa | udp |
| N/A | 127.0.0.1:60225 | tcp | |
| N/A | 127.0.0.1:60227 | tcp | |
| MD | 146.19.213.120:443 | tcp | |
| N/A | 127.0.0.1:60122 | tcp | |
| US | 8.8.8.8:53 | 120.213.19.146.in-addr.arpa | udp |
| N/A | 127.0.0.1:60122 | tcp | |
| N/A | 127.0.0.1:60321 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:60329 | tcp | |
| DE | 46.228.199.128:9001 | tcp | |
| DK | 185.109.91.126:9001 | tcp | |
| US | 8.8.8.8:53 | 126.91.109.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.199.228.46.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:60122 | tcp | |
| N/A | 127.0.0.1:60122 | tcp | |
| N/A | 127.0.0.1:60122 | tcp | |
| N/A | 127.0.0.1:60644 | tcp | |
| N/A | 127.0.0.1:60652 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:60122 | tcp | |
| N/A | 127.0.0.1:60122 | tcp | |
| N/A | 127.0.0.1:60122 | tcp | |
| N/A | 127.0.0.1:60958 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:60966 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:60122 | tcp | |
| N/A | 127.0.0.1:60122 | tcp | |
| N/A | 127.0.0.1:60122 | tcp | |
| N/A | 127.0.0.1:61304 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:61312 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI46602\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpttyypnyi\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI46602\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/2008-465-0x0000020E016E0000-0x0000020E016F0000-memory.dmp
memory/2116-484-0x00007FF9C42B0000-0x00007FF9C42B1000-memory.dmp
memory/2116-485-0x00007FF9C4490000-0x00007FF9C4491000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileu7X6N3\extensions.json
| MD5 | 58ea372a19a8a9e96004e8b7fc0ab739 |
| SHA1 | 0a01c7df0505b52d886078d2d52648983605d724 |
| SHA256 | 4e08678bb0527739fa9cbd56d7b7060f171969965c1f43977fae1d1646999c1b |
| SHA512 | 2bfb40610b7dc8b66f252bfcae3b97190bd75c44c107742437c9543ddd9009227e0fc12289c9bd18ee74dc2b825a2db709c71c161a48873c780ee57ee588bfd2 |
memory/2008-547-0x0000020E089B0000-0x0000020E089C0000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileu7X6N3\prefs-1.js
| MD5 | 40e9f7ddeb92c5e297f6e640e1fa622c |
| SHA1 | 1255fa3e438b19fb0b9d811ea525005f7380bdb8 |
| SHA256 | c8fceea476f70cd29a82435e3493af4878adf1305ffae4e01bc0064cf9e6c7bc |
| SHA512 | 08ed03d01ba6deed049854df89a57b763a1a710c0213008bc11583f1adb293b1f1443a073fac4f82693b99812a83984903e3222ab9708a8af808f51ab9d03c73 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileu7X6N3\prefs-1.js
| MD5 | 0d451eded52354e6da50fb18030ee79b |
| SHA1 | ec366c5dd6826a6027f2f9ada35cbb8de56a832b |
| SHA256 | a79f0d5bfddc36009aae171689f237c1981d91f43ed0cb8d0bcb8c0363664b33 |
| SHA512 | 5513dabf7f83e45040fdc7dad067fe90b728c6685c7af6e81786a0ca8c54640450a23957d89771783b791e03d94b0307688212e048e9ea48c0ffcd680c96f490 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 0266fe32ad47c0c66918703a2f96aa16 |
| SHA1 | 78f8aa036457a7a06717a06b902fe480564dd2c8 |
| SHA256 | f232aa6c6e018c280aac487d4ac204b9961ad2f12597a87708832a20a5ef2416 |
| SHA512 | 7f1986c79254465c01295f59a193f114120da594a5ed66c5d26a5287e6a51b4fb778a33c3ab4750ccbe1525785b19f371062f2a16dad839df8f428c85c1bfdfa |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv\prefs-1.js
| MD5 | f96e6acf78e949467c8d65b606c4a4de |
| SHA1 | 6de065bfaa9eca981619e234dcf0409cf4ca9957 |
| SHA256 | 97af4c7c843b76b336df7c57660d746c9d5361a3aa9e3ccd495ac87583928b1f |
| SHA512 | 424022fa69f8609914ae59e405715cd7ff166fb1cf0d486434040bb94d02eb5d7ff09c7e1cc483ff1d795555905ceb17f7cf517804305a8dd9115a4ff83e39b5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/1388-788-0x000001731EDD0000-0x000001731EDE0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv\startupCache\webext.sc.lz4
| MD5 | ae988ba15c44a5534f5625e9a0d49796 |
| SHA1 | c17d6714b78230950e368934916c53187bea2855 |
| SHA256 | 3a5b9e8136944c8e1728aa2c7940b3816133c1a35fd5455c9e1d8771943d695a |
| SHA512 | 25f40394b8bfc228747b6250c19b6926b8d2c58a5457496e39110b0c3d87ee5f5a6d4b8eafa7d556b2c73a04d6652114d0e7eaf7ba874f2bff479ba72bf29a4c |
memory/1388-876-0x00000173152F0000-0x0000017315460000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv\prefs-1.js
| MD5 | 309dcb26416b6d5dbf827790d6932a66 |
| SHA1 | ed594bffca65cdbc31b76f76592f2b76f0ab3c55 |
| SHA256 | 31f11f7aa808bac8b2ef97f92f762aa5f626f22a9388a41024b94c77a301b785 |
| SHA512 | 39b96a2d203e415edb0edcfb6956c636277f681514a25ed5aecde82b40a5cddd5ebcda1f17d0ad31cec8a150b7979ee6f21813b943de80804eb473ef57670e8d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv\prefs-1.js
| MD5 | 5968a43825b7bdce661267e3587a3257 |
| SHA1 | db298f942fb31d8bb9c29ffda97103531d412fc8 |
| SHA256 | 3ed43ca60e9fcdfebb24b60f36046ccd1dd75689cb574ede2ef74fc742aa39e7 |
| SHA512 | b184e83c3f80fcb5efba2e91abe2d4aab6ca1791526349d6039b187cc4f48770a8cce02174970a5d821c7bef6e53ed4f0f839311964bdff2fdf5dec3d36f078d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZ4R2Jv\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMT2VBs\user.js
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMT2VBs\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
memory/4520-1113-0x000001FDB1C40000-0x000001FDB1C50000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMT2VBs\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMT2VBs\prefs-1.js
| MD5 | f9b49cd2fae726d7532aae4f6dd84573 |
| SHA1 | dee283f18c09af5437f7c1e92040c7b3c5e30e43 |
| SHA256 | be744cb615058ee6f917b9b558053ccf4e7dad8955429877268f165d566c5117 |
| SHA512 | 29f8ea077cda2e84a9c12977b5934bc510417ca87f4b4c2b141ccb5dd815958454a05990a439e6c79f7469a82aad66a4b3d5cbc1753e2bae7dc6f12f47085026 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMT2VBs\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLllQYJ\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLllQYJ\prefs-1.js
| MD5 | 210e5216f6434a4a48f5408ea22f1977 |
| SHA1 | 36c4fd9f1f97bca2f69ae876a7ae40e9dc55d1e1 |
| SHA256 | 2049d83b241748c7a0a431a9751954ebd5b6d3e0a5cdfac29478b8ef295d66a2 |
| SHA512 | 57e66d4f48a610faf67c4fb5e82ca0828a23db92031a2add2415bcd2a855462e7b3f8629ce620cf18783ab59c630a6388086f039217967c1dbce21a6ade6d626 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLllQYJ\prefs-1.js
| MD5 | d96075e2b458e11a5f1ccd9438c5bfc0 |
| SHA1 | 58780501adaa4e8e78bc80e769fdf4a605a0013d |
| SHA256 | 93f52a221a5b7dcd9939331f7711464e7fdb7a45f431f3c745cec5bd0e157c54 |
| SHA512 | b5bcc5a88701ad04f4751916022b07db39b65bca528f7ef0fc1c43a6e11cf56c4c4f94d2e72f42114e210ec2750d4bebf67284720398e0ad50528dab59653dd1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLllQYJ\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win11-20240426-en
Max time kernel
299s
Max time network
307s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3938118698-2964058152-2337880935-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3938118698-2964058152-2337880935-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3938118698-2964058152-2337880935-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3938118698-2964058152-2337880935-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3938118698-2964058152-2337880935-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI44162\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44162\geckodriver.exe --port 50017 --websocket-port 50018
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50018 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqHXMd5
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50018 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqHXMd5
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4296.0.1141820340\385051044" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {510354f9-3d63-46a9-9e38-5ceb053d8d16} 4296 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4296.1.526371475\8511907" -childID 1 -isForBrowser -prefsHandle 2792 -prefMapHandle 2788 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1368 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {8d6a4577-cb7c-4a8f-b136-329d46ae3997} 4296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4296.2.1676041190\1271531579" -childID 2 -isForBrowser -prefsHandle 3020 -prefMapHandle 2576 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1368 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {522f91cf-1578-40f0-a154-d709ece1b135} 4296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4296.3.1964212074\1720955592" -childID 3 -isForBrowser -prefsHandle 3244 -prefMapHandle 3356 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1368 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {0bacf8d9-dd1a-4829-91e0-88ca4045608f} 4296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4296.4.1969987373\1666895856" -childID 4 -isForBrowser -prefsHandle 3192 -prefMapHandle 3388 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1368 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {46c2421d-485d-4c6c-afd7-c521084d4590} 4296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4296.5.1265457627\1368118117" -childID 5 -isForBrowser -prefsHandle 3836 -prefMapHandle 3840 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1368 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {b3c974cc-9bf3-44ca-9dae-89c3283a21e4} 4296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4296.6.527911764\1315946916" -childID 6 -isForBrowser -prefsHandle 4020 -prefMapHandle 4024 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1368 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {d055db8e-666a-4564-8045-56fda456b18b} 4296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4296.7.1288852014\1638618444" -childID 7 -isForBrowser -prefsHandle 2472 -prefMapHandle 2480 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1368 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {5be91836-de96-4a40-aa7f-6ac6f63c41de} 4296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44162\geckodriver.exe --port 50017 --websocket-port 50018
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50018 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50018 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4864.0.758375019\426253029" -parentBuildID 20240416150000 -prefsHandle 1672 -prefMapHandle 1660 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {a1f48fae-1803-4b16-a52f-cc95bb54f071} 4864 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4864.1.1703678834\1723215782" -childID 1 -isForBrowser -prefsHandle 2904 -prefMapHandle 3000 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {acee0ba8-c697-4ede-a230-117074699d4b} 4864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4864.2.1368960462\898893760" -childID 2 -isForBrowser -prefsHandle 2300 -prefMapHandle 2404 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {4e49afc3-ff12-41d6-9a85-1a1e76765262} 4864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4864.3.901373220\1540895422" -childID 3 -isForBrowser -prefsHandle 3324 -prefMapHandle 2232 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {02838065-f455-4024-befa-75fc097bd5b3} 4864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4864.4.429377240\985886165" -childID 4 -isForBrowser -prefsHandle 3852 -prefMapHandle 3860 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {fa9550e1-3179-4f0c-bdff-4c05463af4fc} 4864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4864.5.363782158\1614004939" -childID 5 -isForBrowser -prefsHandle 2432 -prefMapHandle 4220 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {ee11bb10-6736-483e-8728-0fb78444ea03} 4864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4864.6.1269466588\436731768" -childID 6 -isForBrowser -prefsHandle 4296 -prefMapHandle 4160 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {49e8b95a-e5f1-4995-a962-8618a71d675f} 4864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="4864.7.1049647975\1740479440" -childID 7 -isForBrowser -prefsHandle 4372 -prefMapHandle 4376 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1360 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {570f2df8-e63d-45c1-ab18-680519193449} 4864 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44162\geckodriver.exe --port 50017 --websocket-port 50018
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50018 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTchjDP
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50018 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTchjDP
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="884.0.350339963\268893661" -parentBuildID 20240416150000 -prefsHandle 1708 -prefMapHandle 1688 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {96dbe0c1-816d-4b8b-8a2c-6ee2516bd00c} 884 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="884.1.1119969761\1564036398" -childID 1 -isForBrowser -prefsHandle 2628 -prefMapHandle 2624 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {07e467a3-d826-4431-a796-058c53b4d56d} 884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="884.2.1376196340\423127339" -childID 2 -isForBrowser -prefsHandle 3092 -prefMapHandle 3088 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {a0e050d3-915d-4096-8ba5-a715843fad7e} 884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="884.3.1118037179\1505070485" -childID 3 -isForBrowser -prefsHandle 3208 -prefMapHandle 3196 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {c5c3bb57-45d1-482a-9c3c-63293e5491c2} 884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="884.4.589683684\309554525" -childID 4 -isForBrowser -prefsHandle 3716 -prefMapHandle 3196 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {70d50dde-6ebb-46b2-9493-1fade94b6789} 884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="884.5.66552339\374776427" -childID 5 -isForBrowser -prefsHandle 3940 -prefMapHandle 3936 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {fb924848-9523-4b94-a600-a035207fd330} 884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="884.6.1590865066\177578505" -childID 6 -isForBrowser -prefsHandle 4036 -prefMapHandle 4040 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {d3a5f027-d39e-46c2-84bf-b3965a725911} 884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="884.7.807189170\1665271266" -childID 7 -isForBrowser -prefsHandle 4548 -prefMapHandle 4544 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {330e23b7-7094-4744-9b3b-c157b79b4c3d} 884 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44162\geckodriver.exe --port 50017 --websocket-port 50018
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50018 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSysbXn
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50018 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSysbXn
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3464.0.66170139\820914029" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {f19ab5ee-13d2-4319-be07-9c42cbb364c4} 3464 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3464.1.775797743\572752662" -childID 1 -isForBrowser -prefsHandle 2868 -prefMapHandle 2428 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {247c7cbd-d05f-4c1a-af94-a109c43ca6a3} 3464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3464.2.453858395\74049178" -childID 2 -isForBrowser -prefsHandle 2456 -prefMapHandle 2292 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {596b47ca-9150-4c34-be27-ab1c9c21602b} 3464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3464.3.1214410642\491519992" -childID 3 -isForBrowser -prefsHandle 3580 -prefMapHandle 3584 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {3fd65b9b-3d89-43a6-b49c-1d6776d69ce5} 3464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3464.4.1059687103\1730270418" -childID 4 -isForBrowser -prefsHandle 1540 -prefMapHandle 3560 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {a92ea773-a089-4613-a9b4-f4622f59fdd8} 3464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3464.5.1345117900\591196615" -childID 5 -isForBrowser -prefsHandle 3828 -prefMapHandle 3832 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {ab9bb814-0369-4da1-a863-eafa8c019280} 3464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3464.6.460546786\1799313272" -childID 6 -isForBrowser -prefsHandle 3880 -prefMapHandle 3888 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {a7fb2e39-27d7-4ced-987c-8bcbddd8cf68} 3464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3464.7.1124619757\1792066133" -childID 7 -isForBrowser -prefsHandle 4572 -prefMapHandle 4576 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {df9348a3-772f-40eb-920f-14f00bae3226} 3464 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44162\geckodriver.exe --port 50017 --websocket-port 50018
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50018 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFgcE9e
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50018 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFgcE9e
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3988.0.2080418415\303369846" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {40b6f189-02e3-4bcd-9b7b-81409495e268} 3988 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3988.1.586798741\1080610351" -childID 1 -isForBrowser -prefsHandle 2620 -prefMapHandle 2720 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {e0b83602-deb4-46a4-ac87-126615ab7161} 3988 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3988.2.857126335\1734258113" -childID 2 -isForBrowser -prefsHandle 2412 -prefMapHandle 2480 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {47e44124-ebdf-4ddc-b7ef-2ffa1db795e6} 3988 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3988.3.1348263558\1531051412" -childID 3 -isForBrowser -prefsHandle 3476 -prefMapHandle 3456 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {bd3c1613-e737-4bfb-956a-7526d63d53e3} 3988 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3988.4.655126306\257966275" -childID 4 -isForBrowser -prefsHandle 3152 -prefMapHandle 3140 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {80c16d2b-b175-42ec-9bc9-9c16531aa7c8} 3988 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3988.5.1871955085\2095128821" -childID 5 -isForBrowser -prefsHandle 3860 -prefMapHandle 3856 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {dbb47b88-fd70-4191-b14c-3bb63cc53a7c} 3988 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe" -contentproc --channel="3988.6.1679076787\343000673" -childID 6 -isForBrowser -prefsHandle 4056 -prefMapHandle 4060 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\browser" - {37803b60-648b-46a6-8fc8-a2eba9406af7} 3988 tab
Network
| Country | Destination | Domain | Proto |
| LU | 104.244.75.74:443 | tcp | |
| US | 8.8.8.8:53 | 74.75.244.104.in-addr.arpa | udp |
| NL | 188.213.94.245:9001 | tcp | |
| FR | 51.159.34.131:47168 | tcp | |
| US | 8.8.8.8:53 | 245.94.213.188.in-addr.arpa | udp |
| N/A | 127.0.0.1:50069 | tcp | |
| N/A | 127.0.0.1:50116 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50225 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50233 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50605 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50613 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50934 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50942 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:51268 | tcp | |
| N/A | 127.0.0.1:51276 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:50017 | tcp | |
| N/A | 127.0.0.1:51614 | tcp | |
| N/A | 127.0.0.1:51622 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI44162\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpbfok91rv\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\_MEI44162\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/4232-491-0x00007FFB44C30000-0x00007FFB44C31000-memory.dmp
memory/4232-490-0x00007FFB43EB0000-0x00007FFB43EB1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqHXMd5\prefs.js
| MD5 | a3b4252d87ef4d930010226c25360f56 |
| SHA1 | 19c2d4bd61a3f689e0f82df339694d37f553764a |
| SHA256 | 148d92fcdc8712a0d3f6685b8c4b48a128ae650eac3c476125475d040b471316 |
| SHA512 | 2e2ef4baf1fe850b190985b045d7d3ecfe6fe9f5c9fc9b7491abb67d4f3e4fd8473fbe34c7f7a31c5200cd3c6041aad3240aa2f1f69d6baf32ce6ffab8444cf7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqHXMd5\extensions.json
| MD5 | 4bbdb73034336e59215db8372cbee9e9 |
| SHA1 | 67862936fd2d08cfe3e4a61d99f7312b781bf383 |
| SHA256 | d67032cfe5c5236994869d4244949f8ea062a49dd2becd2a8e3b9dbb3c9c2047 |
| SHA512 | caa348ee8a6d930254409cb227122a3bc8cff87624ab528221130ba2ce16d6e63fe7bfbc127a4c1331c4d018b78010f7da25eccd6df3588d48a1ff96b0c1dd9c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqHXMd5\prefs-1.js
| MD5 | 9bb59a516d471686a8bb5ce0ad11ca5b |
| SHA1 | 9618e078bf46ed0bb94fbbefbba7230bbf11cab9 |
| SHA256 | 1ba5c26ec4b4888e6aac7b8d176c7b5b8f47b47381bb14e8274b4484ce057774 |
| SHA512 | 20e1270dd325804f025150609df638afe2264e608033a2af15ec2d1e9ab6596b3885c123647773cc20e1cd709430971743638fe94773396deaf024e0516cbc04 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqHXMd5\prefs-1.js
| MD5 | 15f26db90281b7710515ebc89626985d |
| SHA1 | bcdf1b60b48e0ab721beb1088cb97b58f96375ae |
| SHA256 | d4ceb389b94cceef3e9f826c18a354171ebdb7f57d23fc02a71b4a23f8c8ebda |
| SHA512 | 366826744359f303d219c18abb3f607a30a3469a70251df504abbabdf7c8378f64883922cae35305a2562d3b1cb5f6dd10378795a820dceaaf06cef0e9664363 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | fb4394ecb29cbdc476dca937870ff6a8 |
| SHA1 | 68e124f3d5e67c19e4e24a54fa349673be8757f1 |
| SHA256 | 72b59ec424736be86198adeeb0a7a5d3909c564e66c13a45e97c0dd7bb602f36 |
| SHA512 | c927b730591b826bb91e40eb084f5e6291523e6be5f4a29589fc6831dab1bb57bccc0c05162ab3833c401f3c3c0d5ce604535067006c1fa2f18b105585232bfb |
memory/4864-812-0x0000019D4D890000-0x0000019D4D8A0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B\prefs.js
| MD5 | 57ed29d770413de37c75e62cb11f5ff2 |
| SHA1 | dac45d137c97a6529585621859eb03f2434cc7c4 |
| SHA256 | 2839263429414f3653c28f61c8ed2c53aa61438d8977d6d5087c6099917a8086 |
| SHA512 | 5229d9da04e77d005b8952f0e18568b4f39ba5103a9e6178347afe8d06fc02081c4c2bbc0d7a3158fb917c96dcb42183c9e312e63a7ebc4137fe79d120391260 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B\startupCache\webext.sc.lz4
| MD5 | 218ae028ede948b9d9f46894c1c0449e |
| SHA1 | 586d4be21f848e392d73f575d54eb43a5512e15b |
| SHA256 | f19d70b9f2539a0b3076488825fed5bcffa87871335f8d1588aa47dba27a368d |
| SHA512 | 2fb5fb787ed9e30631ebf02833512d3e3af540de06759bee5ec8addfab316ce419100a3c5c3d9b513283929c26261fa81f831343d2271eba0a7b8ecc3ba659e6 |
memory/4864-903-0x0000019D54B50000-0x0000019D54B60000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B\prefs-1.js
| MD5 | eb32e2b5c5ec521f005be93ff1360f5c |
| SHA1 | 2a1607d8e7c7d9c610c96e957e4fb748c3df6033 |
| SHA256 | f90363ca0eeea637f89d4aaf6b9c3754f64e9c85fb44ad097a5ca8b691493c16 |
| SHA512 | 3b839e3fe5d587e8f80eeb9d6e5e366a60c2233125b8a814af541fbd26561b65a214bb737e13f9ffa4097c19cba09eea3a7f81143f4314042d1c0952bde0ce25 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileZYKK9B\prefs-1.js
| MD5 | 688609766fd97d6a23d91e12e2149d2c |
| SHA1 | 63b8cca755b44e681ebe202550fdfdfad14d4672 |
| SHA256 | 4da2f39b4b51660681588f8d70e4b17799af399f1009679dae90b4ef61ac341d |
| SHA512 | 3b8140b3da8b21d2865da78c48ee435d6aa997423d9161432540bf01e7780f9137f9f215451657e93c7ba15e52471156c905fa2985779794cdb3a557dee7c8a1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTchjDP\user.js
| MD5 | c7dc6755173a80c047011b04987b67f1 |
| SHA1 | d1b10b1c2b607a772550e0179c070e648b512e87 |
| SHA256 | 1f0bfecf7f64c99e5525adcf28e0bc6cc8f5866f1b57a8126fc92fd9b422dd6b |
| SHA512 | 90fe85e9310e9b99a2524dcf7d0ac74c854ebd8985ba588e66a29764446af60e14a5a9dd614efce5ce0e1a83ded724fb1312a08283440d7d8367ebcd5479880e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTchjDP\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTchjDP\prefs-1.js
| MD5 | daf8ef638898d4551f59b3a407b81154 |
| SHA1 | 50700ee91be88d80112ae63efac8632c9203341a |
| SHA256 | a5002837b5a65b9540bc6ced1423e3163db3f8b19e6b65bb44e58832ae91eb79 |
| SHA512 | db001d3f0762e0289fe68af1e26119c176482ef4399a9f671ed4578c8730af25fa36d971bbdf03e21b9782bc92648a9a1c7fa2ed4c4e9daf5cf6042dd6a2146d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTchjDP\prefs-1.js
| MD5 | ad748030b2510e48587c36ad5118da70 |
| SHA1 | f2785e6df7d1c0c2ef1192e2546bb6c1509d2de4 |
| SHA256 | 3bf23d5fa16c4c80118e86aeb443e08b96dbaaa31a08df8b1afc9c8f8c994dd5 |
| SHA512 | dcca98923f38253be4e1126c70cadbe3451acabac7171d5bb3ded98dda48f17db43fe9545a0d5e8599cde9e8e2a07b3a31136b3c2b01b5139d470717a6e7de9a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileTchjDP\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSysbXn\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSysbXn\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
memory/3464-1527-0x0000017ACCF50000-0x0000017ACD0C0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSysbXn\prefs-1.js
| MD5 | cd3de02eb389173f8c39436158b1432b |
| SHA1 | 7f0240df06c73d7a7692b97542b477dfc0921540 |
| SHA256 | 1ad82389c715020d7bceb24f723c67f83db372add1fe8ae65943c76b1b50be77 |
| SHA512 | b8fa667ce30a7313a5019ad301f81c50b7098e74e126c1b4e7b1ab216fe34ba4ebd50f026729419d999ced79b451d5f03b3e999be0602e8feaa29cd90dfd4c58 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileSysbXn\prefs-1.js
| MD5 | dd7ebf749af5399e45f4cf1bc1185904 |
| SHA1 | 59322551b87fb848dd97b34114f233cbfc25bd16 |
| SHA256 | 684bea48c9f1201f6757f31adcb393dd4591289f3fd31b4b4f980fb2050b0756 |
| SHA512 | 42d2b1f47b4405dd2a89b78dcb8e0176246fbd5cdb65a366c969886e02db224e9a0ac9bdd5f19695ed6b19bc43e1fe83e2d141c0f3189fbf8794b21dcefd9d5d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFgcE9e\compatibility.ini
| MD5 | 08ae180700f9679a06a8cf5486854219 |
| SHA1 | 5b667485293e6d61c6c6a3ddaa60871e3197b5a3 |
| SHA256 | 80f4403213a37c1a66b083f29d6a378ee4c113369a6418f1a9a2d6b45c91545e |
| SHA512 | dfb039b6ffc64a2b795b922e17e6a7c42caf5ec75f9455b2b802c3f60fc3f06484775f3a58325c04286d62a2797a3415ac7a14c793340f96ba2b502b36f5f691 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFgcE9e\WebDriverBiDiServer.json
| MD5 | faedef1fa13eb9b65f0f8bc3471fff0e |
| SHA1 | b781a11fbc1c8041d3aed514bcf4d4eead4d6770 |
| SHA256 | 00b587155e1151f15f45cbd3d16bce774a55042dfbf4319748ec14ce61cacf60 |
| SHA512 | 3e8b736c641d11782a202b70b1ad01a1ae7026735a610b93fb32aa86be45fc588527f7cdfc2b7bfdefd65c7a3ac955e036755336bbe900ddbe7eaca695aa3341 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFgcE9e\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 7532e4adce8b1808a84de61c998fd3d3 |
| SHA1 | 73d9d1be94a2f6941a68d27c8e91d879eeef3818 |
| SHA256 | 7745952ffe6a3fef634ec864894c45a3e25a736ae7ad0483eac53d182bed9b07 |
| SHA512 | bb8bdfb91978f3b69dfa79275a27ad3579ac300f5b62648a755d1eeb7b80e94e6d6edd81dc5225956412c20732aeb8707b57cc7e4f20c991af00e1ba515b06b0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFgcE9e\prefs-1.js
| MD5 | a020b7365eb087236c398394cbb3a08f |
| SHA1 | be2c41cb993dc88a2caa29c439cde069570e1c4c |
| SHA256 | d8d2eb3cf220c172224d1d4b12b7e81f9298d2c7d12a16487ee168f7e10de884 |
| SHA512 | 277ed4b1ca64994214182ee402eb6a4c2dfbb0812b6f38c93c77f9719b22f440e685f7a52bf2dd40483b57e6f52f7f14050c924d51b8bfbf275ac4e1d478f497 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFgcE9e\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFgcE9e\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |