Analysis Overview
SHA256
88093c75834d60df3b4b6f4df642bb28dc749f4bd562f587fa8f9e30e97d3c5c
Threat Level: Shows suspicious behavior
The file heavy.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Checks computer location settings
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
Detects Pyinstaller
Unsigned PE
Enumerates physical storage devices
Checks processor information in registry
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-09 01:06
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win11-20240508-en
Max time kernel
299s
Max time network
314s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe --port 50038 --websocket-port 50039
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50039 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemGrMiE
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50039 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemGrMiE
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2632.0.344324390\256067224" -parentBuildID 20240416150000 -prefsHandle 1760 -prefMapHandle 1752 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {51d2f183-d6c4-45ac-b714-7d4f60abb6cf} 2632 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2632.1.999448581\1169554507" -childID 1 -isForBrowser -prefsHandle 2796 -prefMapHandle 2548 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {3b7e5342-e707-460e-939b-4207c0bc37fc} 2632 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2632.2.1197624131\626537803" -childID 2 -isForBrowser -prefsHandle 3140 -prefMapHandle 3136 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {c1c48b6e-cfc2-42d2-827c-9d51fc3af2e6} 2632 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2632.3.1533140171\267367917" -childID 3 -isForBrowser -prefsHandle 3548 -prefMapHandle 3552 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {d937a45e-653d-4167-b395-24f353f7615d} 2632 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2632.4.516065441\1681691879" -childID 4 -isForBrowser -prefsHandle 3316 -prefMapHandle 3328 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {edc42077-aebf-484a-a9d7-9b717bdc02be} 2632 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2632.5.677590934\373915090" -childID 5 -isForBrowser -prefsHandle 3796 -prefMapHandle 3800 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {42729140-ac6e-4d09-892c-3af31c7ee09d} 2632 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2632.6.1043483231\1676796349" -childID 6 -isForBrowser -prefsHandle 4024 -prefMapHandle 4028 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {e9845949-f972-4754-83ad-db5a68dfd2aa} 2632 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe --port 50038 --websocket-port 50039
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50039 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50039 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="3700.0.228428300\1731305648" -parentBuildID 20240416150000 -prefsHandle 1712 -prefMapHandle 1704 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {efa06905-a778-462f-b99d-d678e9272609} 3700 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="3700.1.1449267184\544307482" -childID 1 -isForBrowser -prefsHandle 2816 -prefMapHandle 2288 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {0a99120e-96d2-4fd9-8f61-93ec395a80b1} 3700 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="3700.2.19616246\1921622560" -childID 2 -isForBrowser -prefsHandle 3088 -prefMapHandle 3084 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {f73d5d04-d039-478e-9725-525fae99b978} 3700 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="3700.3.94855428\400300372" -childID 3 -isForBrowser -prefsHandle 3160 -prefMapHandle 3496 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {6af90a6e-0ac6-40fb-83f5-b68a6951fc31} 3700 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="3700.4.809786609\1672146734" -childID 4 -isForBrowser -prefsHandle 3672 -prefMapHandle 3668 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {9151c658-d28a-4aa7-8718-136ae142c720} 3700 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="3700.5.2022996577\1351944594" -childID 5 -isForBrowser -prefsHandle 3768 -prefMapHandle 3772 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {cbcb93b4-e206-42a8-bb7c-15a2a5df1dfd} 3700 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="3700.6.1398350389\1761539535" -childID 6 -isForBrowser -prefsHandle 4028 -prefMapHandle 4024 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {173d8454-7193-451f-a8ad-714bd906f1e1} 3700 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="3700.7.1508046000\2082184606" -childID 7 -isForBrowser -prefsHandle 4620 -prefMapHandle 4616 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {9da2ac98-47d2-4fb9-88e0-24ae73fb853c} 3700 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="3700.8.1836813564\1476316798" -childID 8 -isForBrowser -prefsHandle 4952 -prefMapHandle 5020 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {7553a172-0121-4ff5-ae0a-cd938a692cfa} 3700 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe --port 50038 --websocket-port 50039
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50039 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilest8ecX
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50039 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilest8ecX
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2016.0.1612383804\2142003522" -parentBuildID 20240416150000 -prefsHandle 1708 -prefMapHandle 1700 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {07c7249e-9b2e-4e68-b46b-a05b2a209c6a} 2016 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2016.1.659777621\2102658760" -childID 1 -isForBrowser -prefsHandle 2880 -prefMapHandle 2464 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {e225ccc1-d2cc-4dd3-821d-8cf8191969a8} 2016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2016.2.1489373131\663780812" -childID 2 -isForBrowser -prefsHandle 2620 -prefMapHandle 2616 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {f3fc151b-7334-47c4-a408-0f129dd16030} 2016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2016.3.536890016\438562693" -childID 3 -isForBrowser -prefsHandle 3556 -prefMapHandle 3636 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {d9fd55bd-72e9-4ecc-8061-546d871001aa} 2016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2016.4.75309346\667494530" -childID 4 -isForBrowser -prefsHandle 3700 -prefMapHandle 3716 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {f33f442d-c709-40bd-8cd5-208f310cc9d9} 2016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2016.5.1241968036\1424647232" -childID 5 -isForBrowser -prefsHandle 4048 -prefMapHandle 4044 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {3f2668bf-065e-4a16-91ae-6071e9652c1e} 2016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="2016.6.75110959\450685150" -childID 6 -isForBrowser -prefsHandle 4156 -prefMapHandle 4160 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1272 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {e585090a-5f53-4145-a197-f2e427fd7c38} 2016 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe --port 50038 --websocket-port 50039
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50039 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileljRloS
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50039 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileljRloS
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.0.1436210224\892428046" -parentBuildID 20240416150000 -prefsHandle 1716 -prefMapHandle 1696 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {1244703a-074f-4a66-a9a5-4f5254627b4e} 4352 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.1.947392310\2102912414" -childID 1 -isForBrowser -prefsHandle 2664 -prefMapHandle 2872 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {7e22853b-8f7f-487f-bc16-6da869d227d0} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.2.1239519641\947282142" -childID 2 -isForBrowser -prefsHandle 3100 -prefMapHandle 3096 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {fa8f66ef-6465-4397-a2dd-b0848eec2978} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.3.211334951\686493831" -childID 3 -isForBrowser -prefsHandle 3440 -prefMapHandle 3204 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {35324b6d-3e4f-4029-9ea4-8c28af4cec9e} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.4.614173590\1966164659" -childID 4 -isForBrowser -prefsHandle 1792 -prefMapHandle 3784 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {1c31f6e2-9a22-49dd-9bf1-18e50440c24f} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.5.1992780615\2104169192" -childID 5 -isForBrowser -prefsHandle 3692 -prefMapHandle 3696 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {c7902e1b-76d3-4255-932b-f6e992513c52} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.6.1174125170\675220042" -childID 6 -isForBrowser -prefsHandle 4084 -prefMapHandle 4088 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {502ab6dc-c794-4899-a8ef-ed0798028e84} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4352.7.444112910\1092767445" -childID 7 -isForBrowser -prefsHandle 4488 -prefMapHandle 4484 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {81de0e9f-950c-4040-bada-0973a43c6fe4} 4352 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe --port 50038 --websocket-port 50039
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50039 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileX8MvVU
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50039 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileX8MvVU
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4844.0.1668053095\75139009" -parentBuildID 20240416150000 -prefsHandle 1708 -prefMapHandle 1700 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {4e389843-ea2e-47fc-9057-dea4b0fb0130} 4844 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4844.1.1731039702\412344463" -childID 1 -isForBrowser -prefsHandle 2308 -prefMapHandle 2336 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {a038c5d4-fff8-48ba-a536-0b8d23e943de} 4844 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4844.2.1446020304\1114354982" -childID 2 -isForBrowser -prefsHandle 3068 -prefMapHandle 3064 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {6a2f9230-0ff6-447f-8849-0811df388e79} 4844 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4844.3.1818774939\2000375024" -childID 3 -isForBrowser -prefsHandle 3068 -prefMapHandle 2992 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {ef01118a-ad36-499e-9999-ea3acd445a6e} 4844 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4844.4.1807342564\1863805066" -childID 4 -isForBrowser -prefsHandle 3848 -prefMapHandle 3844 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {037554ea-d1d6-4590-bfb8-16c0937da98d} 4844 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4844.5.690407078\816979722" -childID 5 -isForBrowser -prefsHandle 4008 -prefMapHandle 4004 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {0f075671-3ab8-4429-903a-ee315bdbb5fa} 4844 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4844.6.1149617255\1802978396" -childID 6 -isForBrowser -prefsHandle 4108 -prefMapHandle 4112 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {d6d3499c-9f27-4c4d-9b9f-082a6cdb4af3} 4844 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe" -contentproc --channel="4844.7.1376112253\806398405" -childID 7 -isForBrowser -prefsHandle 4524 -prefMapHandle 4048 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\browser" - {e670f721-51ec-4171-991f-4b5753e4d1d3} 4844 tab
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe --port 50038 --websocket-port 50039
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 147.135.65.134:443 | tcp | |
| N/A | 127.0.0.1:50141 | tcp | |
| N/A | 127.0.0.1:50143 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| DE | 195.122.183.170:9001 | tcp | |
| FR | 178.32.41.33:8080 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:50246 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50254 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:50602 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50610 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:51110 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51118 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:51443 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51451 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:51763 | tcp | |
| N/A | 127.0.0.1:51771 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50038 | tcp | |
| N/A | 127.0.0.1:50038 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI27642\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmptj20yf4f\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\_MEI27642\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/2632-472-0x000001C47D9D0000-0x000001C47D9E0000-memory.dmp
memory/1128-491-0x00007FFFB7AD0000-0x00007FFFB7AD1000-memory.dmp
memory/1128-490-0x00007FFFB5DF0000-0x00007FFFB5DF1000-memory.dmp
memory/2908-530-0x00000247B7830000-0x00000247B7861000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemGrMiE\prefs.js
| MD5 | 14140aa91c7d87c2e8239541f2d986f7 |
| SHA1 | b035c453843493e2bcf409911245b23ef8003b49 |
| SHA256 | 84d89cc5d9533363ac03c059f4c3bcb104baf0f419031544e7f3f690a64ba8c6 |
| SHA512 | 9bb5fcf165bbdc4c7aa746304b37e6a18d1317522598babead492501cc27ee3c70bf63ea7a60f0d6297c50f9caeb9b82a3be8d3ef94418bc458825cef5f99145 |
memory/2632-558-0x000001C406980000-0x000001C406990000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemGrMiE\extensions.json
| MD5 | 0fc3e0da3400727f962544ca13f2f37a |
| SHA1 | 0bfba81be227c2e533a3fe62a2a856a04f46fee5 |
| SHA256 | ad3505bbbbf50b4875c87456485a9e31222d9815064d8cfa2070c1f5b839c6c6 |
| SHA512 | ce62d0baf1d3e4d75f903995a95a7e00c7baa01fcbeb857b55160ca4b07f80712958fbdbafbb0ea22db99162a9f13de9137fa28acc343e97250f2696039d55fb |
memory/2632-599-0x000001C479350000-0x000001C4794C0000-memory.dmp
memory/3864-608-0x0000016E0AE00000-0x0000016E0AE31000-memory.dmp
memory/2096-609-0x000001A1A1F40000-0x000001A1A1F71000-memory.dmp
memory/1128-607-0x000001C87ACE0000-0x000001C87AD11000-memory.dmp
memory/4532-610-0x00000209BBEB0000-0x00000209BBEE1000-memory.dmp
memory/3644-611-0x0000024C9EED0000-0x0000024C9EF01000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemGrMiE\prefs-1.js
| MD5 | 90af5dfc7c58767861b1145378896f27 |
| SHA1 | 44d2cb0ca03d4a20914012563acbe23635acb880 |
| SHA256 | cd3666ab516a08cee2be2a9fde2d9fcd2c5dccb1ec17af596a6d0da8c3f15b01 |
| SHA512 | 4edc41d51099311e89cc77ba32983badf1794597b02402f4d8852f1e465bf572b5beffa8bf556e07ea6491cf7eb5ea42c11b9cd2569307712474446a4a38d263 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 425217429aed563951d202d0a7e91b9a |
| SHA1 | d14bc0c4e70c02e5c6436d89c191d67be7f24f11 |
| SHA256 | 4daf6a431ee5db553532be638c02b86d99ad39a08d27d125e96276b185cfd249 |
| SHA512 | b38d5480919d6701441e9489a94b63067eb7f015775cd92b7c0c8b0af66ec880b3959ac3fcd2e10d97587514b73ce55353fb5f1c7cf4ae03b3a50b7e26494ac9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilemGrMiE\prefs-1.js
| MD5 | 341551ef546eef39ecc61123c9333d93 |
| SHA1 | b1426a832f3d1e9d6eeac13250deab23990785e4 |
| SHA256 | 3d0d45a5e550da1a120799869a65112283747a60673a458af231943c312e3256 |
| SHA512 | b4c3ae9e68b663b95250b25686666de22011886a17b3490f062d18e4ad73b4771b8b3d7cbaa4f3d37a32965fb0145134e2fad0c0cb59e456a438d8e846d297c1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/4364-853-0x000001E1CBE10000-0x000001E1CBE41000-memory.dmp
memory/3700-880-0x000001FE82F40000-0x000001FE82F50000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY\startupCache\webext.sc.lz4
| MD5 | 9c90bf71a9c0f888cf5c1acde09535c2 |
| SHA1 | 1724d3760fbacf7ce80f08178b7819b97dac6fab |
| SHA256 | 1b09ea34dbea9486dd863b15d04bcc3780a7f51d81196abcbed9cd4cc164260a |
| SHA512 | 2cd8e34fc4a032231c2f988dfd6293af618d4433ffa0cd4b68fabb9b78dbfd110b63c58e3591fe156bc9221175ef2741a6a85571ee1bd1f91218db72cf94b096 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY\prefs-1.js
| MD5 | a8fa9ce077d198c42f022d7901916ad1 |
| SHA1 | 74c9b378067069eed160f7692eded011d4eaddcc |
| SHA256 | c209ba69e22090431d3f15969bf55d204fe08241184a09a24a8fe527132682fc |
| SHA512 | 50df1eff5251c5401125ed2048bc2af3c25a13dfe67ef3e7bb96503062a758e08c4c1e56d78de5ad9288819cfbe31c0de0091c105850e3df9897b2d7e57d6abd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY\prefs-1.js
| MD5 | 3b7cdc36336cdf30ceab0ca0291f7b4a |
| SHA1 | 7b2bb0d88ffda19669983e06f9127b4e469543d9 |
| SHA256 | 7a081bd6ca78b7a47e565f3b0e3f5fb08ac4d6d96b6b9db601646aca262b2e8c |
| SHA512 | 092154f3131d44c7b89587dd2da28be62b96e49685cb7fc73ffc671a0ac5987d540ea9607784f7fde0dc5fbe083a00f3241d0a1e3dc378a50bc7a0040eb14bf7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY\sessionCheckpoints.json.tmp
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY\prefs.js
| MD5 | f9fefbe074468d2f15891b7509adb756 |
| SHA1 | 7981a97990e66015bdde15a1871e33c452cd674b |
| SHA256 | 1cb05adfef2f9582a3fee7c44330d613024bce0fe2f38ee88bbd1e4671e50c0f |
| SHA512 | 0274aa25a80107a029feacdf7b25be171722b4043c7178c9c923c92c26cb54f6c984e068b02bc67c31aaaf7d530737426ea32b88b58fad7537a6bd005565f2ca |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilezMHLUY\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilest8ecX\user.js
| MD5 | bf72efaeca553bdb9b0f59a3073e66bc |
| SHA1 | 14e15da843de8a07abcf867f39c10cea307bc844 |
| SHA256 | 672b5e2f271dc8a02badfd51db41c36225d574c117ff1e196ace4fe60339f814 |
| SHA512 | c59e8a3140ab2f37c1c9ebb1832168c4aab83fb9777753e5965c9a45a62b6d5f5ffff77e9ec47d53c84f13c6d4fa65f62c089c15100e9e461befd06b53248ba7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilest8ecX\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilest8ecX\prefs-1.js
| MD5 | f32a2874c3c3c709c41c9a71220f8b57 |
| SHA1 | c3619d1c7e04e8524e9d8b8fbbaecfb09c9e5c42 |
| SHA256 | f1f6739c8f5ff1a6bd7ce76c89acd2ca7cb76764612f9ddde6e14f0afabeabe0 |
| SHA512 | 35f33dd4285e1b8a0c52722e6771e99bb19cff3bdfc766280825ede0397541bfe0ab913016382e4cb84f86f3282f554f23e1e071abb4051e1c3caf1bf9090b98 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilest8ecX\prefs-1.js
| MD5 | 6aae373a35636c5adb66b67be0c3c841 |
| SHA1 | 329397e2993abdd148735ca7b422364be411a40e |
| SHA256 | 8c147628684c76b8ce0c9a871f1c05cf0b809645b02eb71c655b0d513ed343e7 |
| SHA512 | e2c08feaed0792fbb74169ac31ac7b98f5fe47e061caa73c4b8d1ec9e6c7cf5df5d1a73d97477a570ce384093a789092265be89430fb6f6169706c113f52aa5a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilest8ecX\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileljRloS\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileljRloS\startupCache\scriptCache-new.bin
| MD5 | 0d5d9f976f2b8999d1f69a43d5729f9e |
| SHA1 | ecf2d12b273c6cfdd498f4674858c2500dddf215 |
| SHA256 | da05366754a599278da39a867c0fce40e2e312d95107a892ae9e19b365a09a9f |
| SHA512 | 209872150e0876abd3e926f71be715da5531eefc01d341e474c65251d928fa08659ddb7775aae08f476797d955ac218066dbb749ee4b7e988b1308225d8fa005 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileljRloS\prefs-1.js
| MD5 | bb912c86789160f259813c9752fc967e |
| SHA1 | 594b9858d4d312ae37eb223784b421f75870fc08 |
| SHA256 | 86983ad7705de2748c600ecd2438b30edb3ad6182e44727f73c3b289d459ba2b |
| SHA512 | 6777c01a49bcf244a937b93a23951b77a84709989e9178f0696a7b5cba71ddc3342b54eda2ba825fb4dca3863a88aa770f1d02fa433bc6803ffe480baeb156cd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileljRloS\prefs-1.js
| MD5 | 4f5d51a02057bc38c2531a5d7d909f52 |
| SHA1 | 6b80e06b8c60ee7d0d5727c17c3a288c86e6f675 |
| SHA256 | 545912c424abdeea9e8d7e5cd47aeeccede433dddf14818673052fdbd4442270 |
| SHA512 | a20887f986e718d4f8410590e1b14884777920bdf00fa96e10ee28ff703b58a94545d546ec6a6cd7e3748e340446b0aaf07bbe0e4e42074437c4e66488145cbc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileX8MvVU\compatibility.ini
| MD5 | 44090ce635d0c1ac65b4982625e8e55e |
| SHA1 | e2961646081240a6108ea41e3a247108b22be7f1 |
| SHA256 | 20cfdf39750ab808336c66fbb0fe39adcec250c4c9f5e8a7ed07d1682fce4913 |
| SHA512 | 96f099bf43ef793ea69cb65c842378ca09c6404ec1e42a5004095333ef2f2366a8ee785bf4235576e10f459ccb86f87d3e6e5a8c357354303d26ea1c2f76a97c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileX8MvVU\WebDriverBiDiServer.json
| MD5 | 03522078a67ea64d372770d3fb42798f |
| SHA1 | 4d4d2731e639bdde3ad2004e6d2db0af26281d6e |
| SHA256 | 9c9a62c6e0afe11592c5255489961825ef2bdb90978548965d850ae6f389a7f3 |
| SHA512 | b253566b300de855f54cf8b2cbaf7fb02948603f09f0c6a783ead968e3fd9f54d4aedfa9204e846f99498dbedc1a210a2807167d5089497b06d53ca7c3acfec3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileX8MvVU\prefs-1.js
| MD5 | 0a388c9c1de4e74e7a54436640619334 |
| SHA1 | d5804d2e563aacf547c99ba73e3852d66e8f6fc7 |
| SHA256 | 09cdd11f54cc23786d56e2cc1000271da90f008166f8939053a8af7e315ce3c4 |
| SHA512 | e464dd45b4e7b480a7c00823546e64a5fa7787e568ae7ba894effde1fd2bedf707134793aef566099eb46d81d01b04b1991cfa4576b32c43097be4063ca1d24e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileX8MvVU\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | b6809a9c91da147235a1181d9d6a6145 |
| SHA1 | 8796b7186ce86d5d0b3bd086ca249008d72eb969 |
| SHA256 | 637c61fd06108ca6fc6cf4fb01f5735bcc5a79ae2974a47f1abf587fd7ebc7c2 |
| SHA512 | 00cb86236dd990b89abe92ef365d951485cf6bf7ae14274dd051a6312cb262f30cd9a6026b761929fa4892df6ee4246816996eea408e01752c9b526cf1bfd935 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileX8MvVU\prefs-1.js
| MD5 | fa9f0ddb0e9c765624600af01fcdd582 |
| SHA1 | 5ab6e91c8f0c093f5d968abddf75c13afeb9503d |
| SHA256 | ce3598832eb9e70c605bdf7acd64f5e0f9ca4a1486b77e046ce1b850fdd3496e |
| SHA512 | f7208c1f3b946fbe9cceec5a33468ee8031bcbe69cbc8f3943ebd8915605c8081a46fe18d567c705516adb06e6cd4d0e8656d31cf24630960a5db14a61d2b0f0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileX8MvVU\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileX8MvVU\prefs-1.js
| MD5 | 41770aaebf5c9a041b42f20a5ee00ecb |
| SHA1 | 4c41e2fc4c4d8ccda0f94fbefba30a667074ffa2 |
| SHA256 | 53e36b8af99746e668ed3fa9e6733837acc869a98f68880f7de0cacd5ddf6cf0 |
| SHA512 | e5412c4e13b9fc92d3dc438a597c7f808ddfe4bb985cb44e271c04a8736d1b5391f07c3c1f50397a7433a7d7bd70968de2c608196341fdc1221f2a8b88f31ca5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileX8MvVU\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileX8MvVU\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win10-20240404-en
Max time kernel
301s
Max time network
307s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFkkBY8
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFkkBY8
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4764.0.1089484170\1464744514" -parentBuildID 20240416150000 -prefsHandle 1476 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {5ab745d5-7cf2-4be8-8452-f874505d3d41} 4764 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4764.1.2044347548\1564404529" -childID 1 -isForBrowser -prefsHandle 2536 -prefMapHandle 2520 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {789f4546-02d7-4f98-bece-83add0be0eef} 4764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4764.2.1977931501\1731610134" -childID 2 -isForBrowser -prefsHandle 2976 -prefMapHandle 2980 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {0277184a-b187-429a-b926-fce1fdfcfef0} 4764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4764.3.1463396537\760856691" -childID 3 -isForBrowser -prefsHandle 3476 -prefMapHandle 3500 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {40f8acef-60f7-464a-b9ac-0502610668ce} 4764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4764.4.1940453251\1100263415" -childID 4 -isForBrowser -prefsHandle 2160 -prefMapHandle 2128 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {4b397811-fd45-4c4a-95e7-c0ba3e772a90} 4764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4764.5.1723039720\1328759794" -childID 5 -isForBrowser -prefsHandle 3832 -prefMapHandle 3836 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {d1ab1857-979e-4011-a2be-cbfe39d2297b} 4764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4764.6.965766830\437692837" -childID 6 -isForBrowser -prefsHandle 3948 -prefMapHandle 3952 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {506826bc-a15d-44ee-b9de-0958922c75d7} 4764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4764.7.1670131212\969730371" -childID 7 -isForBrowser -prefsHandle 4292 -prefMapHandle 4296 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {b018dc24-9355-45ff-959a-cb29972bbd8b} 4764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4764.8.33004404\1735785605" -childID 8 -isForBrowser -prefsHandle 4380 -prefMapHandle 3952 -prefsLen 25412 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {43207ae9-9e40-4c41-a5e0-73305e3e76da} 4764 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebNOqHm
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebNOqHm
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1312.0.2144695995\729914125" -parentBuildID 20240416150000 -prefsHandle 1472 -prefMapHandle 1460 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {7d16b819-165f-4fcd-84f0-3536bb748510} 1312 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1312.1.1487886755\646285590" -childID 1 -isForBrowser -prefsHandle 2008 -prefMapHandle 2432 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {3fce7c2a-dc8a-49a3-8a5a-51faa5bd3343} 1312 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1312.2.823078084\198074065" -childID 2 -isForBrowser -prefsHandle 2964 -prefMapHandle 2960 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {9226496f-dcfc-45c5-a6d7-58fd59d631b4} 1312 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1312.3.1295370805\1643403642" -childID 3 -isForBrowser -prefsHandle 3208 -prefMapHandle 3292 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {f23091f2-93b0-4abb-b739-6f7e96b6e73f} 1312 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1312.4.487309900\91607409" -childID 4 -isForBrowser -prefsHandle 3608 -prefMapHandle 3604 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {0ed5efdd-546f-4581-b218-996fe83a5e19} 1312 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1312.5.524208069\150081455" -childID 5 -isForBrowser -prefsHandle 3824 -prefMapHandle 3820 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {9f45e88a-f3f7-48fc-a0a2-0e24a54cfb63} 1312 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1312.6.693191890\684532991" -childID 6 -isForBrowser -prefsHandle 3968 -prefMapHandle 3972 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {8c177706-f7ea-4f36-8a84-a117a7f70312} 1312 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegyQLWm
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegyQLWm
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1304.0.1210602088\1440117346" -parentBuildID 20240416150000 -prefsHandle 1468 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {784e303c-5623-4143-9aa6-b62b6f695968} 1304 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1304.1.236978033\653065239" -childID 1 -isForBrowser -prefsHandle 2284 -prefMapHandle 2188 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {41b4590b-54f5-4bd5-bd77-9258ad567a4b} 1304 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1304.2.1439427355\2011859029" -childID 2 -isForBrowser -prefsHandle 2956 -prefMapHandle 2952 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {e6045840-429e-4dd2-aa8b-752c899e6865} 1304 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1304.3.2049397170\980097322" -childID 3 -isForBrowser -prefsHandle 3064 -prefMapHandle 3060 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {8fd90651-bea8-4440-a5fb-fee89069162b} 1304 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1304.4.2131554219\1504428943" -childID 4 -isForBrowser -prefsHandle 3604 -prefMapHandle 3600 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {0430ef7b-9f4a-4c4a-bf71-685d7ae0f2fd} 1304 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1304.5.1808882123\1826546275" -childID 5 -isForBrowser -prefsHandle 3748 -prefMapHandle 3752 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {753e12ad-8ec1-4eb0-a0ca-5a03ade8d153} 1304 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1304.6.1836049744\1653859976" -childID 6 -isForBrowser -prefsHandle 3808 -prefMapHandle 3812 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {e47edcf2-2721-4336-ad4a-2f44d9a4fbe1} 1304 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1304.7.926163319\1513495007" -childID 7 -isForBrowser -prefsHandle 4376 -prefMapHandle 4180 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1096 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {3b543314-6446-43e7-a4e2-05b98104fa81} 1304 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1304.8.418073051\416777029" -parentBuildID 20240416150000 -prefsHandle 3128 -prefMapHandle 4348 -prefsLen 27558 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {5a427a5b-949b-4e94-ba4e-2e8fad09b0ab} 1304 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1304.9.1046771577\322775539" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 4188 -prefMapHandle 4220 -prefsLen 27558 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {ff1d7092-6673-45c1-a7ef-b2e660c5a01d} 1304 utility
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileis54DV
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileis54DV
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2544.0.1417959659\709220518" -parentBuildID 20240416150000 -prefsHandle 1468 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {042b7a23-c991-422f-b1e0-0049bd745bb3} 2544 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2544.1.1162263141\831151879" -childID 1 -isForBrowser -prefsHandle 2196 -prefMapHandle 2416 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {6d2394aa-98e9-43d2-97be-f93bcf8a51fb} 2544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2544.2.957072747\195324200" -childID 2 -isForBrowser -prefsHandle 2948 -prefMapHandle 2944 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {0092c486-3a09-4094-9d38-e195b57736f8} 2544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2544.3.275785797\685235576" -childID 3 -isForBrowser -prefsHandle 2996 -prefMapHandle 2992 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {44bc5d90-ec52-45e0-a9c9-dfa9cf9ac8e1} 2544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2544.4.1517755240\1504753883" -childID 4 -isForBrowser -prefsHandle 3636 -prefMapHandle 3632 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {51989160-de12-474a-8ce4-bf92d5791912} 2544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2544.5.1171385666\1974465986" -childID 5 -isForBrowser -prefsHandle 3748 -prefMapHandle 3752 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {1f0c4caf-2775-4933-8920-f2efa4ed4098} 2544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2544.6.388987528\903754955" -childID 6 -isForBrowser -prefsHandle 3936 -prefMapHandle 3940 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {fa3d4d3c-3812-4666-9bbe-a040b55504c5} 2544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="2544.7.917937031\2008652153" -childID 7 -isForBrowser -prefsHandle 4280 -prefMapHandle 2972 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1084 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {f44b0d27-40cf-452a-9928-70281d4f7988} 2544 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2wneIw
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2wneIw
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4084.0.365493943\1130407641" -parentBuildID 20240416150000 -prefsHandle 1476 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {8af3a662-8055-452b-b1d2-acfdee2064a7} 4084 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4084.1.681627296\558126350" -childID 1 -isForBrowser -prefsHandle 2260 -prefMapHandle 2292 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {9954b33e-2c3a-435a-a0cf-1e19db3407a6} 4084 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4084.2.1254338338\1306930435" -childID 2 -isForBrowser -prefsHandle 3048 -prefMapHandle 3052 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {b80f1bdd-ddfc-4ea1-b1d6-1885137837b3} 4084 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4084.3.2088246547\1869985495" -childID 3 -isForBrowser -prefsHandle 3260 -prefMapHandle 3244 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {7842204e-783d-47f7-94d9-ce95dcf6e9cd} 4084 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4084.4.1315850290\527808383" -childID 4 -isForBrowser -prefsHandle 1348 -prefMapHandle 2564 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {4ed91a44-e54c-42e4-91a7-8d47a619644e} 4084 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4084.5.945041426\279548488" -childID 5 -isForBrowser -prefsHandle 1360 -prefMapHandle 1356 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {dc6f9e51-5284-486b-b2b4-157fe2f5e66b} 4084 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4084.6.144642701\1122295923" -childID 6 -isForBrowser -prefsHandle 4052 -prefMapHandle 4048 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {da153ca0-68b3-41f4-82ce-598a55a540e0} 4084 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4084.7.1219067763\1192190450" -childID 7 -isForBrowser -prefsHandle 4320 -prefMapHandle 4324 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {1764dac6-60bf-4e91-8d4c-c34c19224ee7} 4084 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4084.8.2085136773\1021967111" -parentBuildID 20240416150000 -prefsHandle 4296 -prefMapHandle 2448 -prefsLen 27720 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {f22aef12-1010-4216-a2a6-a2a07b282970} 4084 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="4084.9.778316942\1880998980" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 8520 -prefMapHandle 8528 -prefsLen 27720 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {55c96445-8321-4dce-a675-e9477d055c45} 4084 utility
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe --port 50041 --websocket-port 50042
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMulD3x
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50042 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMulD3x
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1904.0.1683785839\166934362" -parentBuildID 20240416150000 -prefsHandle 1472 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {6f7b4caf-2d6a-4d2d-9caa-d2a1566ced75} 1904 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1904.1.2012121497\341587850" -childID 1 -isForBrowser -prefsHandle 2316 -prefMapHandle 2564 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {70c18b0e-aa85-4206-b22c-61af3e5b7803} 1904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1904.2.2132702327\1688791832" -childID 2 -isForBrowser -prefsHandle 3104 -prefMapHandle 3100 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {a80edb7a-c166-4ed7-89c4-2e45b3350722} 1904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1904.3.1839935313\314884236" -childID 3 -isForBrowser -prefsHandle 3380 -prefMapHandle 3384 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {f3fff981-745d-4308-89fc-214619d3814e} 1904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1904.4.1703654034\406075723" -childID 4 -isForBrowser -prefsHandle 3924 -prefMapHandle 3920 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {213c2377-7774-4e5e-ba5e-ab03b83bf66c} 1904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1904.5.2098277271\75758518" -childID 5 -isForBrowser -prefsHandle 3936 -prefMapHandle 3932 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {f913ce4b-1dfd-469e-be01-0b6e09c15754} 1904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1904.6.951364047\2089967252" -childID 6 -isForBrowser -prefsHandle 3924 -prefMapHandle 3920 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {361be1ac-0226-499b-822d-5ede288c77a8} 1904 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1904.7.661633222\614004411" -childID 7 -isForBrowser -prefsHandle 4348 -prefMapHandle 4352 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\browser" - {c1759a25-e756-49c4-8adc-f0acd13978af} 1904 tab
Network
| Country | Destination | Domain | Proto |
| CA | 158.69.205.92:9001 | tcp | |
| CA | 74.116.186.120:443 | tcp | |
| US | 8.8.8.8:53 | 92.205.69.158.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.186.116.74.in-addr.arpa | udp |
| DK | 87.61.100.125:9003 | tcp | |
| US | 135.148.100.84:443 | tcp | |
| US | 8.8.8.8:53 | 125.100.61.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.100.148.135.in-addr.arpa | udp |
| N/A | 127.0.0.1:50137 | tcp | |
| N/A | 127.0.0.1:50139 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50240 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50248 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50619 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50627 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50880 | tcp | |
| N/A | 127.0.0.1:50888 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:51220 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51228 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 90.16.208.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:51525 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51533 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 99.56.20.217.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:51906 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51914 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI14282\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
\Users\Admin\AppData\Local\Temp\_MEI14282\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
\Users\Admin\AppData\Local\Temp\_MEI14282\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
\Users\Admin\AppData\Local\Temp\_MEI14282\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
\Users\Admin\AppData\Local\Temp\_MEI14282\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
\Users\Admin\AppData\Local\Temp\_MEI14282\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\top-1m.csv
| MD5 | f2eb69ad23ae71cc9e9bc0a2c0bc0c35 |
| SHA1 | de05418d4823ac2c3ab706e384fb5d5c067be25b |
| SHA256 | e4e0792a85e611979e5e77a05456f263a3537a6b6f0b511a3d475a31910f3149 |
| SHA512 | 643f9b546758b00b2dd7af664b7800bf9981914d09719e0e374c9aff840d2b6679ac67c0a6de61bb2669b33c5ce8e3ff1363fff14a92b52af06b39e037284bfc |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | e4ed8f5ccef4b2d8f85e96e382a8a0fd |
| SHA1 | a916aefb67104d555eca01a7ee88964eb1aa2a7c |
| SHA256 | b60719dab2c1f3d172fb9e8b5970d0fa5bff367672b0c2fe1cc862a94b8ea9f2 |
| SHA512 | 0573e828f4e2bb5e3e60cb9157011dbbb36520febe377d75fd822543d8ecb0cd553fb2592e821a699ef160e2a5a33a4aea93d48e1798fc6c8e14e5e1c95c4de8 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 549e54a44c7326c30548c998a1d16424 |
| SHA1 | d4375f9ead356aff85d60375b08db168195d5089 |
| SHA256 | fb2df7a858dbfacbedb5ce100bc71dff2b1e1991b2d574c1d3d46701ceea5433 |
| SHA512 | 7325a6d2ed8cf43c4665f2cda3f4f9578de7a87cf70178eff7e927bb8b58f0dceff4b4bf6029593ff64fab052718cf2da8228275580071de2d0fb77fcb4bb897 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | dfa3a4ce64626cc3964d930ba7b9fdcf |
| SHA1 | 530ba947eb29f5e795c14025e3daab79b433a86e |
| SHA256 | e4ba330d49ad29b868f5716e4d137f2cc141aabae38f598832b616a596183472 |
| SHA512 | 1ec099138fbbdc0f01c25ee802467a3b994577a353fa995f4dc45182cca9b5703b98faa46da022af077f7dcb51a466775421e6bcac9d655d395a7f411061e0d3 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpg7b4yino\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
\Users\Admin\AppData\Local\Temp\_MEI14282\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI14282\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\tmpg7b4yino\webdriver-py-profilecopy\places.sqlite
| MD5 | b5c12d055da1a860c64e12fa500bf3df |
| SHA1 | a609d35d60c8fb3b95e1c6d8d632ab4abcb56577 |
| SHA256 | 0d2bcf89b48e95fe3b4a9b58e6cd24c1731559bd15f43cb3adb7421f67f00ee6 |
| SHA512 | 0c0c75e4048c51af99ca26f7eae072ca4d432b09802cab168c467ce1801603594046e1a873502546d76e7b573a182b47a145ef885a3b12c86cebce751a84a303 |
C:\Users\Admin\AppData\Local\Temp\_MEI14282\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFkkBY8\extensions.json
| MD5 | c5e679a91554bfc8e6c25a3dc8723f85 |
| SHA1 | 12e5cee4eb161c27e850b869b84e2a18e3315368 |
| SHA256 | df0a6d90b159d3c2d138b68f2d01a1dfb523e4a4c534ba7c6ab835fe86a1ae2a |
| SHA512 | 8c2be874f3f42519109fdd73145e1838d49192beb440ea6162a07b5630539dc6b666fa374a023e471f9e4924bfb4687de4beb90d27d289eb08483d29d39d338c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFkkBY8\prefs.js
| MD5 | 3dd428fcbaa322cd2ef22a1dc0d970f5 |
| SHA1 | 531c6a4f9527c71f4f934959c6ab085f68af4fb6 |
| SHA256 | 5e0495ba39f7b863de34ca49a4e6711c942b133a2d3054bc7b11b67df59aea89 |
| SHA512 | e2f9825888a33ac0d1a82a93c47b35e93055d9ba5deaee5e0703da4d64ef9bfe1f418908b0e83bce938cad808b8acbde782b3694c501824d44d7cccb366dd2d6 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFkkBY8\prefs.js
| MD5 | e746fbffebacdc215d62e775f2b8c2f5 |
| SHA1 | f4ffb92f3a27dcd3efff5cc4763792d19d02a862 |
| SHA256 | 019cea96c7f0d0088b1a45bc7291aa04bd841085048c547c91ea1c84a23e2154 |
| SHA512 | b78fe8c30b02b5cf5d7b6e0e4f06de9ab2500ddb2957c6fc0edffdee79831c30b235ffa5a224a26d266e63a835bec1449d3fe17d026c3dd73213061b59e708fa |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | f9c19f7e4478563ed60b3942a4017ef6 |
| SHA1 | 7094a37994f24166c3672ede7e485c50010264f4 |
| SHA256 | 632cc57b22218a30ae84f066a28ce56a0d03053656d1749afc802d51241b762b |
| SHA512 | 4569f05347b7da2dc45f54aa1b9cf38c7076c9b18b93c4ce6af23ab91111c07b7dcb9ad4d55b6fff4b3554cb03a2db83aa9866269a6e1c23d1c5138ce5b65b22 |
memory/4764-575-0x00000284664E0000-0x0000028466650000-memory.dmp
memory/4764-592-0x0000028472530000-0x0000028472540000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFkkBY8\prefs-1.js
| MD5 | f1fb4411c214a45f4e356195892e7290 |
| SHA1 | 784e1bc7cc01d4759fb4cc787cf856923fc05834 |
| SHA256 | d1a4ec9207b2b5b0e243915a899271c101fda4c86e3297a32f003c5442ed59fe |
| SHA512 | 227c17575ec24b075d6e7ea3297ec1489031e053601615ae03bb6416daf9701c71c304cce308c9e64437d9fb87ad225f226d18c8db0a61d24c8eb916b1e1b3c2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFkkBY8\prefs-1.js
| MD5 | 295f468861df9e52ddf71b470dde6642 |
| SHA1 | 8593344c3029c595b4848e33b06b511812274672 |
| SHA256 | 0e7c61c4fb91cc73c70548d5df1bfc292b8a0e4035282bdb5ff600a795c9b179 |
| SHA512 | 61d2670df9ae2bd11271495cae66b51aeb3645e6af5592a9fa1e3ccf71545d81f117dc0c4636cd7f736c12ca335ae7ba0410e5eac9dabaf8632a102a9c3e61d8 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebNOqHm\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebNOqHm\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/1312-842-0x000002222BCA0000-0x000002222BCB0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebNOqHm\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebNOqHm\startupCache\webext.sc.lz4
| MD5 | 1b799cc5b6cf681cfa54d37c8ce8cb06 |
| SHA1 | 2f0fae44eb2fe74542df923e37f0c7e23a74fd17 |
| SHA256 | ce654b3257aec215ee980682aa6a48628dac50252a09301efe8686ff3f406a03 |
| SHA512 | 10263e878623c9375095f150a83e5fe42fb5feccea139e107d37b2337f0c68c4f8a47952247d7e8517876a12dcd696202b8ecdf115577c0e416a489a280451d3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebNOqHm\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebNOqHm\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebNOqHm\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebNOqHm\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebNOqHm\prefs-1.js
| MD5 | 814916a34795c21860ffc9c72651a82a |
| SHA1 | 700aaf9e32a7d318859ae00542e97463be6a54d4 |
| SHA256 | be99da447fab63a9b04a2e75ff58465dead4ea327eb48d754783710388d9a4fe |
| SHA512 | f147b65363fbc582443f4308a9c62e9cf30f97a205c08a343ed40119b810037c4c618c89185d8919bc941a7cfc7ed15565202318cb79f8f7eeb02560b469b898 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilebNOqHm\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegyQLWm\user.js
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegyQLWm\prefs-1.js
| MD5 | 77059cd2b71fa311ec61ac696feb6466 |
| SHA1 | ad006dd5a561e5430ba448387c356fd7cbe5d9ff |
| SHA256 | c5ac07dc5fcf3056449b76afe2802cc8f3ee370076c99376cbd1a46b5474bd19 |
| SHA512 | 0119bc1ec64aef400fe43768207638a89ed2f22cbac68d14bad645abf40bdc468e257764e512a7a0577fe2b5d2121f53622ad981e05e62931764e0dd8aea8ad8 |
memory/1304-1145-0x000001EFC6700000-0x000001EFC6710000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegyQLWm\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegyQLWm\prefs-1.js
| MD5 | 2fe4ccaa62610c6ee168632f82ba55d2 |
| SHA1 | e8f35e18578fc38b8d77fe6d608bfd9c93901682 |
| SHA256 | 53f3a52d570b3ca57ed14b787bd5a993ec1ea3892eb7aa2bb9db0cc952b6c854 |
| SHA512 | fad6d60e0ba91f6355a0d341227968e7e504057248b3318e549235d16a7ec3b7ee08dcba45c492c1d03fb407b6dbe851e4532ea16e483cbb51894c64f79cbfb1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegyQLWm\sessionCheckpoints.json
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegyQLWm\prefs.js
| MD5 | 04c9645aa144cc7b0fdc15f30d1a6927 |
| SHA1 | bd2b265285ac3b78112334719c11300824ef6646 |
| SHA256 | 8c12ca283ed39ef9caa185e493aa738fd0adfb203d6b6cd4bb6aa171fa2d71ea |
| SHA512 | 1ebe90add40ca8c736039c48916102243e57653e5b98a02a7313e23e8b33a1ca9d0c955ee56b53822f48dd40f941dd521c88e58300a7ebc43a7ca5eb63279339 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegyQLWm\prefs-1.js
| MD5 | 93b0e81f5c7d50c78c8a8320523aa98d |
| SHA1 | ec99a7c5c0ef7cff5cf2a48a290357119add2a22 |
| SHA256 | b66bc34a056ede2265f38c8f5eec32a01e489301bcda90460302d8b6d9ecfd4c |
| SHA512 | f6258a1a1b19b5a543bd269cab6e026573c6b64f11d758b37c03e4c22afaa56f7a8a55a79dd1077df70ccb6f165c11e9deec30e2d3b55ecefc4dbf07e883fc0e |
memory/2544-1384-0x00000268ACB30000-0x00000268ACB40000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileis54DV\prefs.js
| MD5 | a798646c26564a05670ca528ea3781db |
| SHA1 | 806e19c5035cd9b1ce7655b1abe256c2aed40ee2 |
| SHA256 | 8e5aa82a79613c25e8604860b99bd98ce3fdd624cfc0468788f14a9eadf9f1bf |
| SHA512 | 5b9470fe8f18531dfda3e5793641b9f50b5ef7d72327f1f440a56bfd204b9dd6106cb5cc4347c2b3c27e78b72c11c12ebda4cdd66176533eacacea39df18c224 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileis54DV\prefs-1.js
| MD5 | bec9f0ef7ddf5c7dbb6b685f844fbec7 |
| SHA1 | 7807ab0d01e7a46310fc6622c9cb91c8a8a2abdc |
| SHA256 | 5468c1b56cb00350a682279d5ad0108efafa44796782f0598b091c64fefe508c |
| SHA512 | 0d89603d7cb362d7d9e5d589a321a9707d5ee3fb69c4f58041cade39f5f5ecb437dcec490a5d38b209c03116f369a708355ffedec4d53fbf868f8a4d468e61d6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileis54DV\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileis54DV\prefs-1.js
| MD5 | 8b9df583c2623021c014ac800cae350d |
| SHA1 | 6a4ffd264e5c22133fd1e6812a5b6e146f2648ce |
| SHA256 | 2355de9ca28fd6ae8a13f65122fcac9cfae7eb3eb21397aa966cfd6e79089705 |
| SHA512 | 612cb9a4f01059b5da3118eba0332ba82cc7539c9d7754d4ef16d8b5fc105b745126fa57aeffbdb93c4ef8ec1055bf50d91b4997accffb016747df42cf8c192e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileis54DV\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2wneIw\compatibility.ini
| MD5 | 4b2a5661e7386c01d3644bcf0add88fb |
| SHA1 | 87e40b39c2b05ca1dce3129cacadc08e1bd1bfb3 |
| SHA256 | 90f08e0eb5b427e4c9329cb9c7e953674993ffc1df401664e9790edb6e63422f |
| SHA512 | 52f396213526d279736818de53cf1f383b9c2c3fa103753d107729eedcd9ce398df6ccb2789e3d35d201a619bd29b9b7c2f7082d91101205862d03f1cbc89a1b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2wneIw\WebDriverBiDiServer.json
| MD5 | 664bf25ca745a78554701dae9cf12ff6 |
| SHA1 | 4b1450aa2e9d47d45e44b59ebb17176e6fd690fe |
| SHA256 | e3a5d63d3d67f61e58cffea8db997596659344bc6ccc52788605d8458f808cca |
| SHA512 | ad2378b86cacb84a24a89bbd82fffe996c748cdc9d9eced788a158d2e5c0063cdb7388fb388a864eca81d0eea10f65a31a886747b8392eeaba46ada525880191 |
memory/4084-1662-0x000001F105DF0000-0x000001F105E00000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2wneIw\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | e25d620172fae26d6373133c1a025ee5 |
| SHA1 | 9581715690a7ba968d748aa31be0efb77676fcf6 |
| SHA256 | 6ed314482d498545588241e8f14a2b82878b945843096c7cc4fdd70a8298af0d |
| SHA512 | d763466f594a9822b2580fd4321c689e766c9e6f95702dbcdd00721cecbc343aed14f26e20a56cf093fb9bd859c3c058e5bf92c4bd8408608f15820ad5cf6b54 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2wneIw\prefs-1.js
| MD5 | ddc097663b3323d1b8100791fe30c29b |
| SHA1 | 0b6a3d3dadf4f619b53b66e9e19f2ef1390b0612 |
| SHA256 | 7a3d051a4089ae7d8eb6dcb2a46b0a2333f8ef85eec6306d371e1d73f62ea5c2 |
| SHA512 | abb4c563941c90045094c569e413f3c6d1b12afe541c970ba138144b92a6997eed4581a8c5d4d7fde486f304f929b49a527932c4450dd03de01a0a60636710eb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2wneIw\prefs-1.js
| MD5 | 2d0ca44ef441d477001056386c841f3d |
| SHA1 | b0a15f0e85a8cc6d1801899467aacc6f2780ce89 |
| SHA256 | 4431d84635990e7722eb5b69b82133725978e498c9d341ed60e2e12e9a68320a |
| SHA512 | 6c6f68e57bece69282a752ff7923e436d65fb9575d190552fd9019a0fb165294b1ae326ae99e0cd30ae21a1ad8764999187bd87017e82a3147a813f796c13f0c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2wneIw\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile2wneIw\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMulD3x\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMulD3x\prefs-1.js
| MD5 | 39120d313f1892a51875d56a5c3bdb9f |
| SHA1 | 77b205629b263b33213096162293e8c1e1b474cf |
| SHA256 | e717363429dd114e46ea1711222176b0cd1675dc9582fec2a07747d0149e1616 |
| SHA512 | aa233404ca804110c4a7286331a44ff694e078ac2ae5ce69417a40dc23e6c31d5386e74e051c04cf52a85d5fdf9a1605c8c90c005095c2064afa63152bef2bce |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMulD3x\prefs-1.js
| MD5 | 7b958f8924732f083dd894fc83bfd5c4 |
| SHA1 | 4248fc9e1f2e87e0b4c699f18cd3fe8ebce46f7e |
| SHA256 | 779e76949124cdf7e7f2315ef2ac633b085bc220257e3f26bf01ca7baa4f5eaf |
| SHA512 | a3c980b0a3528b46df9b567c6ff822bdeb1136cefa59b47733a2620a8577822ceac9a9d3eee2e11d91b656244c8ddf62e831c88a3a301311c1b334b247b3d272 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:16
Platform
win10-20240404-en
Max time kernel
154s
Max time network
319s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI43722\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43722\geckodriver.exe --port 50065 --websocket-port 50066
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50066 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilery6aqV
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50066 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilery6aqV
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.0.1000112502\1440510044" -parentBuildID 20240416150000 -prefsHandle 1472 -prefMapHandle 1460 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {c7ecb4d7-7ef2-4661-9407-f7bedb5ff234} 4704 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.1.892354504\1227724900" -childID 1 -isForBrowser -prefsHandle 3116 -prefMapHandle 3092 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {5e68c5fa-5d9f-4b81-aefa-23b180179078} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.2.1222245922\1911455286" -childID 2 -isForBrowser -prefsHandle 3428 -prefMapHandle 3424 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {6d32f7ca-9fe7-4f6b-8cea-bef2d09207cb} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.3.1540399883\58626172" -childID 3 -isForBrowser -prefsHandle 2328 -prefMapHandle 2720 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {2b9ba263-c605-41cf-ac82-f439b13e5196} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.4.664922750\2142497335" -childID 4 -isForBrowser -prefsHandle 3492 -prefMapHandle 3496 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {7f522a95-da05-4d62-9a08-ca8e953ecd8a} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.5.741529901\1600466639" -childID 5 -isForBrowser -prefsHandle 3616 -prefMapHandle 2940 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {5ec14906-21b6-4986-9cea-4dc5c0144dc7} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.6.1977840786\80106382" -childID 6 -isForBrowser -prefsHandle 2808 -prefMapHandle 3588 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {dda3e7f8-23e5-4866-91de-2c2fcffe6f8e} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.7.432212709\328883118" -childID 7 -isForBrowser -prefsHandle 4200 -prefMapHandle 3544 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {3b7b01a3-aec7-4623-b1e7-5aa98d9d2c20} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4704.8.418531133\1330526910" -childID 8 -isForBrowser -prefsHandle 4444 -prefMapHandle 4164 -prefsLen 25580 -prefMapSize 245849 -jsInitHandle 1064 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {b8db90a6-c53e-4620-ae3e-da8d516fa8c5} 4704 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43722\geckodriver.exe --port 50065 --websocket-port 50066
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50066 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50066 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4404.0.714235884\1767714646" -parentBuildID 20240416150000 -prefsHandle 1504 -prefMapHandle 1496 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {4688a178-6a1f-40ab-810b-f85c78642dd9} 4404 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4404.1.1446702327\2075829323" -childID 1 -isForBrowser -prefsHandle 2092 -prefMapHandle 2324 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {aeb9bc8c-1057-47db-b906-e801a9d787af} 4404 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4404.2.92987053\539325513" -childID 2 -isForBrowser -prefsHandle 2468 -prefMapHandle 2464 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {081f7ada-a95d-43b4-af3b-7040de5bbab1} 4404 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4404.3.196992059\349750719" -childID 3 -isForBrowser -prefsHandle 3132 -prefMapHandle 3288 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {b49cff77-e573-4818-b0ef-ea7331f921dc} 4404 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4404.4.752660905\1659155508" -childID 4 -isForBrowser -prefsHandle 3656 -prefMapHandle 3652 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {ea9672ae-e2e7-454d-9842-6bfe3a6ccb90} 4404 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4404.5.1917825793\1643263501" -childID 5 -isForBrowser -prefsHandle 3812 -prefMapHandle 3816 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {46a0b285-5bb4-4bfd-b4aa-f48c83d89ba5} 4404 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4404.6.521714821\492698853" -childID 6 -isForBrowser -prefsHandle 4068 -prefMapHandle 4064 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {e237f5a4-fe9b-40cd-8065-44e06fc2d0dd} 4404 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4404.7.1724320043\900948929" -childID 7 -isForBrowser -prefsHandle 4268 -prefMapHandle 4272 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1072 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {1aba90c4-050b-4c34-9542-cb770a323cf0} 4404 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43722\geckodriver.exe --port 50065 --websocket-port 50066
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50066 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile09OcxY
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50066 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile09OcxY
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1248.0.44807791\963409262" -parentBuildID 20240416150000 -prefsHandle 1504 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {f0f26a26-291b-4807-b348-79ce9d2d5b04} 1248 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1248.1.580151093\1982136450" -childID 1 -isForBrowser -prefsHandle 2452 -prefMapHandle 2624 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {a3bac41a-29d8-4001-a49a-90a9725c4def} 1248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1248.2.468428942\1924504194" -childID 2 -isForBrowser -prefsHandle 3044 -prefMapHandle 3040 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {6c646749-8c5c-44b7-949a-62266cf997ba} 1248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1248.3.1105703235\1892801503" -childID 3 -isForBrowser -prefsHandle 2460 -prefMapHandle 2328 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {6180f086-f7a8-496b-894a-ae30e7319dfd} 1248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1248.4.1270478582\469859242" -childID 4 -isForBrowser -prefsHandle 3648 -prefMapHandle 3644 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {b469d9db-910f-44bf-aef4-a2175ab31ecb} 1248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1248.5.643704191\191373314" -childID 5 -isForBrowser -prefsHandle 3804 -prefMapHandle 3808 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {39aa2be9-9e20-4b60-be1e-05333216d4c5} 1248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1248.6.1623208160\1623845562" -childID 6 -isForBrowser -prefsHandle 3980 -prefMapHandle 3984 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {6eb05683-d0df-4c12-9a4f-2d5dd6cd6f72} 1248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1248.7.1206133614\122674536" -childID 7 -isForBrowser -prefsHandle 3644 -prefMapHandle 4368 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {36e49c1a-4594-4f71-b30c-dc4a9b897f4c} 1248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43722\geckodriver.exe --port 50065 --websocket-port 50066
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50066 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilera2dhp
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50066 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilera2dhp
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4616.0.1067388916\377419123" -parentBuildID 20240416150000 -prefsHandle 1492 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {5192e617-98aa-4e50-9b35-e7526154b70b} 4616 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4616.1.22480362\821323194" -childID 1 -isForBrowser -prefsHandle 2912 -prefMapHandle 2768 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {b15b9fcd-a9af-4571-8a3b-26af045ac616} 4616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4616.2.706571666\2028923355" -childID 2 -isForBrowser -prefsHandle 2512 -prefMapHandle 2488 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {44ac7166-8b8a-4f07-88ea-7b39d0277f58} 4616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4616.3.2000738595\908422906" -childID 3 -isForBrowser -prefsHandle 3400 -prefMapHandle 3396 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {dc5cd4b2-9964-4b25-aa3c-956a88389f5f} 4616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4616.4.561187428\876357943" -childID 4 -isForBrowser -prefsHandle 3660 -prefMapHandle 3140 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {6a465927-f231-401e-ba67-870d9be81c36} 4616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4616.5.985837373\1476642057" -childID 5 -isForBrowser -prefsHandle 3800 -prefMapHandle 3804 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {2292da48-6b04-4be4-b5d9-dd3ff04b9ce3} 4616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4616.6.164863997\1414410940" -childID 6 -isForBrowser -prefsHandle 3432 -prefMapHandle 3524 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {3f16c8c9-89c9-4931-898f-6bbfc6bca957} 4616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4616.7.758552908\884731532" -childID 7 -isForBrowser -prefsHandle 4432 -prefMapHandle 4428 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1068 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {e131bdac-5029-4e57-ba6f-b21f08c9f664} 4616 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4616.8.40093355\782900976" -parentBuildID 20240416150000 -prefsHandle 8476 -prefMapHandle 8480 -prefsLen 27407 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {ed146bed-3ebf-4fdd-b44d-ad83630a9286} 4616 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI43722\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI43722\geckodriver.exe --port 50065 --websocket-port 50066
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50066 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileoK1No0
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50066 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileoK1No0
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="3992.0.1907171231\1553684185" -parentBuildID 20240416150000 -prefsHandle 1488 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {468ce3df-8cc6-409d-a0a7-09fed05561f2} 3992 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="3992.1.126991062\827133477" -childID 1 -isForBrowser -prefsHandle 2492 -prefMapHandle 2644 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {d697f03e-c753-4061-ac1f-124b47a0de47} 3992 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="3992.2.1090039427\519620266" -childID 2 -isForBrowser -prefsHandle 2568 -prefMapHandle 2492 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {07fd9f8b-8016-4dcc-9ee4-97693c98a3b8} 3992 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="3992.3.1152733579\692168255" -childID 3 -isForBrowser -prefsHandle 2944 -prefMapHandle 3308 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {a4bfb8be-4be4-4c5d-99c8-edd12eadbc10} 3992 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="3992.4.452076168\1357600504" -childID 4 -isForBrowser -prefsHandle 3188 -prefMapHandle 3204 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {bc87c0ae-3329-4d34-95bd-fc3afc808051} 3992 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="3992.5.351715731\417951128" -childID 5 -isForBrowser -prefsHandle 3748 -prefMapHandle 3812 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {c750767b-cc3d-475d-8f89-f1102044fb1f} 3992 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="3992.6.135054006\823888092" -childID 6 -isForBrowser -prefsHandle 3928 -prefMapHandle 3932 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {ae052722-e83a-4ee9-bea3-2fd9d7ef6cdb} 3992 tab
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe" -contentproc --channel="3992.7.664937125\500731769" -childID 7 -isForBrowser -prefsHandle 4344 -prefMapHandle 4348 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\browser" - {9ae7d01a-a944-4b62-8cae-3f617d513ae0} 3992 tab
Network
| Country | Destination | Domain | Proto |
| DE | 92.60.36.153:9001 | tcp | |
| US | 8.8.8.8:53 | 153.36.60.92.in-addr.arpa | udp |
| LU | 104.244.75.74:443 | tcp | |
| US | 8.8.8.8:53 | 74.75.244.104.in-addr.arpa | udp |
| MY | 61.4.102.51:9001 | tcp | |
| US | 8.8.8.8:53 | 51.102.4.61.in-addr.arpa | udp |
| US | 209.58.145.210:443 | tcp | |
| FI | 95.216.12.30:8000 | tcp | |
| US | 8.8.8.8:53 | 30.12.216.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.145.58.209.in-addr.arpa | udp |
| N/A | 127.0.0.1:50168 | tcp | |
| N/A | 127.0.0.1:50171 | tcp | |
| N/A | 127.0.0.1:50065 | tcp | |
| N/A | 127.0.0.1:50065 | tcp | |
| N/A | 127.0.0.1:50264 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50278 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50065 | tcp | |
| N/A | 127.0.0.1:50065 | tcp | |
| N/A | 127.0.0.1:50065 | tcp | |
| N/A | 127.0.0.1:50649 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50657 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI43722\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
\Users\Admin\AppData\Local\Temp\_MEI43722\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
\Users\Admin\AppData\Local\Temp\_MEI43722\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI43722\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
\Users\Admin\AppData\Local\Temp\_MEI43722\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmp2t4an1wa\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI43722\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilery6aqV\prefs-1.js
| MD5 | f14330761c9d99b872d9543ece64eac5 |
| SHA1 | d0d41f8f441c9cc09cc8959d00ca18ce7db16288 |
| SHA256 | f338c668f049d4ccc06e73973a535c28db188b538104c2946aa8d1cd9dcd408b |
| SHA512 | 66d7ddb1a640d7505e7a3d175e3de3e569bfd09aa2912c6e2debbca0c8f856311aceececcb920e9c8763715bfcd2d414fa92902ac4e81daace7f5050b5d20fab |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilery6aqV\extensions.json
| MD5 | b81dfb5fde34fdcc6233f0459252956f |
| SHA1 | cc4cbcb1703c9458096a4dc284ae68d2f24792e3 |
| SHA256 | 2a559a4efb723112e334993f59806dcdf37752ba1b72d8ed73591b2928c736e9 |
| SHA512 | 17c321306174e62f7712eb0e934c5aa978901046ce3b921443d3df0c6fc0ba1a0fcffafc3822843a97ac661bfc86cba662fbe55c918b1679b242e54b84838be9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilery6aqV\prefs.js
| MD5 | 12901d432c306c7c95a9dc388f6f4b7f |
| SHA1 | ab37f69fe72a19fdde035c20b8edd0809e0ba2bc |
| SHA256 | cd15a8b2baede1cdc42f3411da2e36330fc4d2313032ea7741c8c1f589756489 |
| SHA512 | d9e98728f19bd92512b638be5c13c6bbf7d8137c659c38ca4e1ca71d6bc61ace62791eff8967fb14bda46841d9b093f00242125af01aa4336495ef2a6ef6a73d |
memory/4704-589-0x000001EA05FE0000-0x000001EA06150000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilery6aqV\prefs-1.js
| MD5 | 755657ff6161c20dbac56457c5af8217 |
| SHA1 | d55163fdd9043ad75197dc214e234964975d5818 |
| SHA256 | 35fda8dbb7208a4354ee04274790093c99a2b5dc048a9fd7cfef05ff94e3e473 |
| SHA512 | 773ee41aea57646d3084ac0250d5268ec51cea02711d8c97a1e22d42b4b72a3c297b98b3ecf848f866359762a527f7636f74935e149142b62f1aa4906b349802 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilery6aqV\prefs-1.js
| MD5 | 073bff58c6774602a7135b295458a462 |
| SHA1 | 5db49e321b2c560af8c75728e6b66e2bd66a9b9d |
| SHA256 | 5fe57a018f63b1eb51488b8ea489833cc352ee86d1ebf72f343a96e7928e9952 |
| SHA512 | 9e729781ca340af6379878b96c26efd26050e63bf9e6842fb5acde74d9b1a74330576db27ad8dceee14202f0469f06ae75350111c6b66f5288323ceef6c364f9 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 4f0e32de1a51b68489e9b0191174300f |
| SHA1 | 685d0460cd447165a1cc4179520cf1ba99201dec |
| SHA256 | 18ac3db13dbb554a3791875dea8e8ac11da26c6b85cdd0ed8d70c30e204e7665 |
| SHA512 | 2a7b08e108b5ac8781468b33810c58f740feab13c2e78cfb01cc7fd55d34b36c05a17c621a90d793c4bc2bc72f3b9ae2dc83a3c6c630d86522bf716ae5966590 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
memory/4404-871-0x000001C8EB5C0000-0x000001C8EB5D0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp\prefs.js
| MD5 | ff03ad088fcd69e39bbcf3fc359a00ad |
| SHA1 | 6126e52d0a53345b9b85bd141bf9d8f8b44bb70c |
| SHA256 | 1b599c5a94c07fb0e1ca71fd035d726644a4a69f4c7ad6608a3fa9db9114f704 |
| SHA512 | 5ad926fee5bf5abe7f1678730fd35fb30076cd03787f34518be5abbd87778305ccfe7087e545de13c97dc68dfa816d51ad771675d4a65cb4842dbb29347c89f7 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp\prefs-1.js
| MD5 | 6efcf49df7a9004e0eac9635ebbf7353 |
| SHA1 | 8cc9240043cf4a1d0f868aef01db80f7c7332652 |
| SHA256 | db4c1ea8eb357c144eb36d1d1764f0790983a4f6fc776fed90c62fc30ea29f1b |
| SHA512 | 600296cf2ebb9bc5896f5b821e230d847b97f4ff70af6019199c9b6f6ecd0e496a3023467f67f843287a65d670253862e5a5489fe1942a126f76b4026da5a297 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp\startupCache\webext.sc.lz4
| MD5 | 0e2ffb0f54c7536957fb7e5ac35b8b5d |
| SHA1 | 0c19a5d7970a67209df799be8ce7c82fec3afeb9 |
| SHA256 | 8046350f59a175395e7cb9ece65378d11d6528b21ecf61a340c75b8ee83ab786 |
| SHA512 | e5901ecbcf67647478fa7804045a609918a288a4126d6c06b12fc33335ea8875c43760b8b58f61eb082dd20415e94c1888c57815698c68fc1a49396ff07c0e98 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp\prefs-1.js
| MD5 | 4b387e8f449e203f3f7625d3a87e4e4d |
| SHA1 | 2ad91c043a12e8d9061a9a4e1a01486489289c48 |
| SHA256 | d3c37ccb4f57f5e6237ba7ed1df5a1ef6ea855a56392e9bdab7684304574b12f |
| SHA512 | aa786dedf5f8cdcfbad04c917518cc93f51377acbaa711e096cb660fe8820d0480e316eeea22bd7d7486cd5a671b7f763a606ab59186e3aa15f9a431601a94d5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileRPkByp\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile09OcxY\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
memory/1248-1155-0x0000020F44C80000-0x0000020F44C90000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile09OcxY\prefs.js
| MD5 | f6ad8d7b93a44094357295cc90edca3a |
| SHA1 | 8d7a21d58a728652b70200c8d75fca4c61af9b7f |
| SHA256 | 52f2d5530ce0494afebd4a778b28463d6d39d017ec9d14bdf03b15d8143a09a5 |
| SHA512 | a8b2e53194e1740bbd34868d71d000f853cea99aeaabd227669984b112ee926ac32b2aa1a90b220ebba45266bb0678dbbcff250cb6d63c44ee0675b8d23e5b61 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile09OcxY\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile09OcxY\prefs.js
| MD5 | 16a188876f9573a2875b2daa19ce0bf0 |
| SHA1 | 26a6ee4e95884a297834616984159a9ba041b65c |
| SHA256 | efbd96578a76a36f4fa15beb76e025f78cbb1f232a1fa811ef75f24b3f9f375c |
| SHA512 | aaf1a3e5e3046eb0f6fcb9f9727a79b7587ecc2b05eda976b1368980110eb414d69ec0da7fb4a939e0d0c42e2098eb1acb57352d701c6f2fd331be9d1f87db4f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile09OcxY\prefs-1.js
| MD5 | e39941944c7d3f3d41c186245ea1a398 |
| SHA1 | 1c20b68005696077d97fbdb63a9e900e503e5be9 |
| SHA256 | 6a2ea5560911df9eb15b1d72f1a7eb3ecb83dd6b25af8b0c7ca7a0e5de62bbf2 |
| SHA512 | d98e204cd6a818fce7eb53b8aaf8a1726c91db28bc68d93ac78d4b5ddb16bcfe9acbf8bfb9b1714c10eb6b4604ab5d0121712c5649b4d843cd7c987667ba2102 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile09OcxY\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile09OcxY\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilera2dhp\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilera2dhp\prefs-1.js
| MD5 | 377076e42242fc94da5dc2ad2544e0f3 |
| SHA1 | e105cc56655857eb9b80186f0081163815c0cfd5 |
| SHA256 | 3a86c3cc9543a4a13be47e8ad737c91b0b29be89686f231363f4d7af1ba3ea4f |
| SHA512 | f771fd4f0f421de5cf62e85d4428140a683e2b6623db945548549b1f98e41afffe8429793f10abd874baa359b442910c681a9bfcc402794b3cb28e34dd87fc56 |
memory/4616-1445-0x000002A5154D0000-0x000002A5154E0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilera2dhp\prefs-1.js
| MD5 | 3e7eb89af7ec125d1c82fc7f86fee8a9 |
| SHA1 | 956f0623625e47e745f8edd7722540301a409d29 |
| SHA256 | 77c374edcd22ac5368ebf75d181b7d379f4eeff60398a7a6be3a67c7c5934e84 |
| SHA512 | bd75d472ba270f8155b8d392cd8eefb62897ab9fb6cfd579013c34bb4b3fa9e6e1c7904a01fd1b8f8d9f3e0a9c2988fb4b3659b023df8ae052b0b89a5b2cadae |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilera2dhp\prefs-1.js
| MD5 | a0477655e28ff70e00a1e040451a64d6 |
| SHA1 | 882daffb1414177facf775eed24b765cfeb9fd1e |
| SHA256 | 22dc602d4bccbd8c10368062c276cb77ad8746631482d106ba5f4a34aeb122ee |
| SHA512 | b18dee8a94d475caf975538d37b8848aaf7aeac5db1875fb0c91187c7668402d368f4afe1b7c3da6ebac8e6f4620a727f4dcd428ee94aa01d07f2f3dea556709 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilera2dhp\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileoK1No0\compatibility.ini
| MD5 | 7321df56b858ea376f439394cce8d9d9 |
| SHA1 | 1bc3e59f423d68c93f3aa780b61d70da39dc021c |
| SHA256 | 5756f4a5835abfa84d5d951db4bd39b6ba2d3f4513c28fbec36cc6ef1160fed3 |
| SHA512 | 580bcc4e0563b04fc67b789abcc9dbbbab03acffe44a1bb578fcd42c4e96bdcab6653edd371f32a19db2716067f9afc9ea3904a88975dce32293d080161de472 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileoK1No0\WebDriverBiDiServer.json
| MD5 | 81cbdbaf00b7276e30a62c219285a851 |
| SHA1 | 8c3ed54981f6c503a2f20b04f578dbd015ded4b9 |
| SHA256 | 6a6c86b03ac288c7208bf9c8f6e7a298362a9c4680f473c1601b9cf9f59c4d61 |
| SHA512 | 9373a83f2e89af78f15734ee941f9faf8ca79faf4b607c55079e8fc510e38570afcac5c83a1d806dfb7f82554889e11aab57130aba95555c9db2f90cb4762032 |
memory/3992-1723-0x000001689A4E0000-0x000001689A4F0000-memory.dmp
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win7-20240419-en
Max time kernel
300s
Max time network
312s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe --port 49468 --websocket-port 49469
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiW7UzB
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiW7UzB
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.0.157093655\27264242" -parentBuildID 20240416150000 -prefsHandle 1196 -prefMapHandle 1188 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {468dc7ed-0938-4de9-96fa-d95bd52ba5f9} 2944 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.1.1885634531\2009248767" -childID 1 -isForBrowser -prefsHandle 2032 -prefMapHandle 2028 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {f09e356a-4643-4e55-936f-314fe7f629cd} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.2.660271617\2126883267" -childID 2 -isForBrowser -prefsHandle 2200 -prefMapHandle 2124 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {8ecfc214-e872-4fd8-8c43-59e7008a38e3} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.3.560469632\1168322045" -childID 3 -isForBrowser -prefsHandle 2428 -prefMapHandle 984 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {844aa6ce-88f5-45ea-8dde-6684e1f064f3} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.4.790052162\412999014" -childID 4 -isForBrowser -prefsHandle 2820 -prefMapHandle 2816 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {d0a9276e-4ad6-454c-a0c2-dfd703d13d28} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.5.1484311466\381740220" -childID 5 -isForBrowser -prefsHandle 2960 -prefMapHandle 2864 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {4a537a6c-294e-4d40-9476-97d49e343e10} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="2944.6.1128979439\388501438" -childID 6 -isForBrowser -prefsHandle 3104 -prefMapHandle 3108 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 904 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {5d928730-eed7-47a8-8e2b-1ab879781acd} 2944 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe --port 49468 --websocket-port 49469
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuxUcaL
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuxUcaL
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1620.0.874396095\1729584087" -parentBuildID 20240416150000 -prefsHandle 1216 -prefMapHandle 1208 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {cd6d4b9b-06f2-4e17-9280-b33bd870cc8f} 1620 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1620.1.1538697545\2084489973" -childID 1 -isForBrowser -prefsHandle 1836 -prefMapHandle 2000 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 896 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {98557686-e826-4bdb-8adc-6b0e722dc6b5} 1620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1620.2.1203811010\479055070" -childID 2 -isForBrowser -prefsHandle 2232 -prefMapHandle 1108 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 896 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {3365ee76-2406-41c3-84d7-968e1af43896} 1620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1620.3.248527884\1346188236" -childID 3 -isForBrowser -prefsHandle 2660 -prefMapHandle 2268 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 896 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {dba8c6cb-cedf-40bd-8747-9fcaaa2f99c2} 1620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1620.4.1508342113\1794197131" -childID 4 -isForBrowser -prefsHandle 1084 -prefMapHandle 1080 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 896 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {21b567f0-7c1a-4b89-baa4-3ef897f27f63} 1620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1620.5.1183139471\766085400" -childID 5 -isForBrowser -prefsHandle 2932 -prefMapHandle 2936 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 896 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {7261ac4a-abfc-42aa-87f3-dea5a09c9094} 1620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1620.6.156020316\1617410920" -childID 6 -isForBrowser -prefsHandle 3088 -prefMapHandle 3092 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 896 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {26f75ac6-6c9b-4daf-b094-d7366f153e32} 1620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe --port 49468 --websocket-port 49469
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecg5ETm
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecg5ETm
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.0.1202294770\842604780" -parentBuildID 20240416150000 -prefsHandle 1212 -prefMapHandle 1204 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {e0cbb96f-6f88-460f-9228-6ce84ffd2c60} 916 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.1.1225160491\206118810" -childID 1 -isForBrowser -prefsHandle 1984 -prefMapHandle 2020 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 768 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {70570839-b82b-41cc-8e8b-7839ac7e8216} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.2.1281133535\638706157" -childID 2 -isForBrowser -prefsHandle 2212 -prefMapHandle 2260 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 768 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {0100b0fe-085b-4d32-8e9c-02d87d5cd7a3} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.3.1122968453\1149510024" -childID 3 -isForBrowser -prefsHandle 2428 -prefMapHandle 2032 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 768 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {2a6e7f14-1e07-4919-a203-5fc00c2d88b9} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.4.664776087\1700880809" -childID 4 -isForBrowser -prefsHandle 1092 -prefMapHandle 2792 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 768 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {7ff50feb-f560-429e-b491-ca26659ee3b9} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.5.1111784165\107821886" -childID 5 -isForBrowser -prefsHandle 2936 -prefMapHandle 2940 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 768 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {398f447b-435e-4c97-9f8a-37325f69c0b8} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.6.271536072\1922560807" -childID 6 -isForBrowser -prefsHandle 3108 -prefMapHandle 3112 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 768 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {cd2c9af6-d6bf-4972-a1be-500338552599} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.7.426644914\1484701620" -childID 7 -isForBrowser -prefsHandle 2780 -prefMapHandle 3368 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 768 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {b9280749-6f6c-461e-a651-3b4b6e14cdb2} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe --port 49468 --websocket-port 49469
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevRarwK
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevRarwK
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1528.0.1274360452\392412541" -parentBuildID 20240416150000 -prefsHandle 1216 -prefMapHandle 1208 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {b9bc613a-86b1-4ddd-a036-56a9b4066795} 1528 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1528.1.2084678658\77676408" -childID 1 -isForBrowser -prefsHandle 2096 -prefMapHandle 2104 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {bdca4bc4-ff86-4c58-b6d5-ccb0607e2d5c} 1528 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1528.2.380348698\1503649840" -childID 2 -isForBrowser -prefsHandle 2336 -prefMapHandle 2332 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {e6450b86-e280-482f-92c8-dc6b784608cd} 1528 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1528.3.1313607728\646344982" -childID 3 -isForBrowser -prefsHandle 2656 -prefMapHandle 2660 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {d33ad280-8c85-4537-b188-c970bb6ebe80} 1528 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1528.4.723780562\1350861560" -childID 4 -isForBrowser -prefsHandle 2824 -prefMapHandle 2820 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {03ee0917-0346-4ccc-b4d7-ee72647bbef2} 1528 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1528.5.1288293444\1873037717" -childID 5 -isForBrowser -prefsHandle 2944 -prefMapHandle 2948 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {e70b8fad-f4dc-4155-b35d-5fb51968485f} 1528 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1528.6.1690142047\1920268941" -childID 6 -isForBrowser -prefsHandle 3096 -prefMapHandle 3100 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {7fc14f6b-ae38-4176-8656-f7297d9dfb5d} 1528 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="1528.7.1219959848\967549777" -childID 7 -isForBrowser -prefsHandle 3396 -prefMapHandle 3384 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 788 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {4e949d4d-d157-485c-b158-8af66c86dd4f} 1528 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe --port 49468 --websocket-port 49469
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexR0bWA
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexR0bWA
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="920.0.760942044\513119616" -parentBuildID 20240416150000 -prefsHandle 1212 -prefMapHandle 1204 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {6f3cf477-1b3b-4214-82b0-a6082366c5dc} 920 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="920.1.550512830\189301851" -childID 1 -isForBrowser -prefsHandle 1704 -prefMapHandle 1832 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {b20a4069-4573-4902-b3e3-793e68890680} 920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="920.2.196540872\551692323" -childID 2 -isForBrowser -prefsHandle 2364 -prefMapHandle 2368 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {3c1e7ea2-1a94-424d-a780-585161f255f3} 920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="920.3.1942893255\1690296457" -childID 3 -isForBrowser -prefsHandle 2360 -prefMapHandle 2332 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {1860d227-bee9-4760-988f-11affb67712a} 920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="920.4.1454214916\2053915676" -childID 4 -isForBrowser -prefsHandle 1084 -prefMapHandle 1080 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {3efaa718-625f-4df3-bbcb-5a89bd4edab2} 920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="920.5.260737816\799077242" -childID 5 -isForBrowser -prefsHandle 2932 -prefMapHandle 2936 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {84001ade-1b2b-4fd2-b17b-1bd72c5bc7e1} 920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="920.6.219103297\1101600900" -childID 6 -isForBrowser -prefsHandle 3088 -prefMapHandle 3092 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {f18bc45c-0bad-4f28-b4ef-b0dcb6ff6465} 920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="920.7.2025205954\2114301020" -childID 7 -isForBrowser -prefsHandle 3488 -prefMapHandle 2980 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 884 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {1c0cf8e5-d573-47c3-b054-889b78c63579} 920 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="920.8.1760288800\711539773" -parentBuildID 20240416150000 -prefsHandle 1656 -prefMapHandle 1964 -prefsLen 27407 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {1501b294-f678-4ad7-bcba-91c7a8541761} 920 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="920.9.778618646\499636976" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 1664 -prefMapHandle 1672 -prefsLen 27407 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {59ff400a-f975-4e44-b24b-a79b3529bbe8} 920 utility
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe --port 49468 --websocket-port 49469
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWbtL07
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWbtL07
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.0.1504366597\236303458" -parentBuildID 20240416150000 -prefsHandle 1244 -prefMapHandle 1236 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {75cc8223-9d9e-4750-9451-680dac192af4} 916 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.1.1953863110\929972870" -childID 1 -isForBrowser -prefsHandle 2044 -prefMapHandle 2088 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {82f36e39-5cc5-4531-aead-f70df2c51244} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.2.15936624\1149352577" -childID 2 -isForBrowser -prefsHandle 2308 -prefMapHandle 2416 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {6c626bb4-f672-493f-941a-b3a16bb8b31f} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.3.1213608740\247904863" -childID 3 -isForBrowser -prefsHandle 2348 -prefMapHandle 2404 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {4b395b94-4cce-40ef-8fb7-d486200c0840} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.4.1589290000\2143907465" -childID 4 -isForBrowser -prefsHandle 1076 -prefMapHandle 1072 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {89023cfb-cf3e-4f5f-a739-5d747b793612} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.5.696097685\1155507798" -childID 5 -isForBrowser -prefsHandle 2960 -prefMapHandle 2964 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {1ff4c5e5-779b-4aea-a1cc-14133d7f0eb0} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.6.1088478794\465848567" -childID 6 -isForBrowser -prefsHandle 1072 -prefMapHandle 3124 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {1a3f2311-f9c7-48d9-8686-49e09defe3ab} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="916.7.664715536\1878762513" -childID 7 -isForBrowser -prefsHandle 3500 -prefMapHandle 3504 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 868 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {c23ac7bc-5ba6-404b-b545-d07977ebba30} 916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe --port 49468 --websocket-port 49469
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofiledXswGg
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofiledXswGg
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="3044.0.516531371\10924740" -parentBuildID 20240416150000 -prefsHandle 1252 -prefMapHandle 1244 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {cef25c8f-73b4-4c4f-a668-d5e5b1bfd596} 3044 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="3044.1.887124623\1895317756" -childID 1 -isForBrowser -prefsHandle 2064 -prefMapHandle 1992 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 896 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {6451faeb-25e8-4f15-8f09-3dadda6cda38} 3044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="3044.2.676861934\283779606" -childID 2 -isForBrowser -prefsHandle 2440 -prefMapHandle 2376 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 896 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {2cc16fb8-ef61-4f2f-b132-9d2dc4b2d10c} 3044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="3044.3.245197240\891926268" -childID 3 -isForBrowser -prefsHandle 2712 -prefMapHandle 2716 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 896 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {ae084398-f451-4d65-9fab-b51d6309ccda} 3044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="3044.4.1772404887\314883790" -childID 4 -isForBrowser -prefsHandle 2820 -prefMapHandle 2816 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 896 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {f5795eea-3336-4249-a72c-0e23cc80a6d3} 3044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="3044.5.1579213851\325329077" -childID 5 -isForBrowser -prefsHandle 2940 -prefMapHandle 2944 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 896 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {5dd6767e-ab1d-4829-999c-b83cf17812c6} 3044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\firefox.exe" -contentproc --channel="3044.6.1314895318\1611417753" -childID 6 -isForBrowser -prefsHandle 3100 -prefMapHandle 3104 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 896 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\browser" - {16139406-95b7-465b-b7bd-765ac1939f0c} 3044 tab
Network
| Country | Destination | Domain | Proto |
| SE | 95.215.45.138:443 | tcp | |
| FR | 45.13.104.185:9001 | tcp | |
| FR | 137.74.164.213:9001 | tcp | |
| DE | 162.55.84.59:9001 | tcp | |
| N/A | 127.0.0.1:49513 | tcp | |
| N/A | 127.0.0.1:49519 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49676 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49711 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| FR | 178.33.36.64:8080 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:50182 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50217 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:50625 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50660 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:51156 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51191 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:51679 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51714 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:52272 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52307 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:52813 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52848 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI17402\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
\Users\Admin\AppData\Local\Temp\_MEI17402\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
\Users\Admin\AppData\Local\Temp\_MEI17402\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpl_erffk1\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI17402\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiW7UzB\extensions.json
| MD5 | 13c9ad91792a21c759c198ed3dab7316 |
| SHA1 | a9efab02f65daa914bf967e3c28ed55e634822da |
| SHA256 | a2d9f8a38970d0eda50510cd6f9c97e564eb7ae3d535caec836b7c4207691d8d |
| SHA512 | 5d147ea66e76338e627a664e333b8969749c6b37c91d2fa5a11e87d4b1144f35d7f1cc6b5ba960b9324f36ca33851bbb82bec72b23df8dc54615ff1ae3a6a251 |
memory/2944-667-0x000000000BA20000-0x000000000BA30000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiW7UzB\prefs.js
| MD5 | 91a9f49dc6d9e3da0d11d4fb707225af |
| SHA1 | 4d656ad09507758c7a085f9e088a542788e1ba7d |
| SHA256 | 4e5729d1e523912f03510429fd979838febefde002765ba569d5bc9af09f9bf1 |
| SHA512 | 1463a2d60e9bc55ecf8aa4174d610297e6549e01ae96544b567805ff1971a78b665abb347748b1b14d38e516580691939da16bd0810a69f37f02eeda80d2bf7c |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 4ff9642f52583bc350c02059a7c14d0f |
| SHA1 | a5fef571e4bdeb432716dedfd63158bdb2436efe |
| SHA256 | 98e4991e11845767a74208dc892148d22e32d30856aac756a586e6f01720ff5d |
| SHA512 | 0834cac44315adec41daf3dbebf6494a07e00d1206a86cdb8e917c638cf81491759b70f5f2c463ed9b8a5676b1903c8c72c0707633ebe5671247b4abf56e457b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiW7UzB\prefs.js
| MD5 | 65b519aae29f353df8956cf770c72dce |
| SHA1 | e0715e71a204c96fd2e8281163d8665e01e52d19 |
| SHA256 | bc4add1f5861c89d892719c3ecbd1d7ff56c675003191863b6ecb0f35de1ad08 |
| SHA512 | 005e35d9d0368173688db536806f795894d14ce4ec13734f0e7215b8a0a9e6ac52f5210c5bfd6eb34e07a4bcdc4c594917e102aa5629ac22478d94c6406e2322 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileiW7UzB\prefs-1.js
| MD5 | 308f72619822d2165fa5d7aa95bea13a |
| SHA1 | 55dd7c7a19d5267b91f21681465be7743665c45a |
| SHA256 | 8cb896a24a6d21fd348c31d27e06624882433eb1bb786848d16b9d2942a4af63 |
| SHA512 | fdc739b684f354fb8f2a20ed34c56f30797253e4a4282af8598242cc0f370ea483cf29a309ee81dcd6a99c5a89cbfa912f3987e4f6503be61648ce2442a6e808 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuxUcaL\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuxUcaL\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuxUcaL\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuxUcaL\startupCache\webext.sc.lz4
| MD5 | 362c3268b9870f0295e83afe500ffd7d |
| SHA1 | fedad1d4e6a017789fccd72ef78613e3a43758bb |
| SHA256 | e845f2bbf37e69ab707aa5ea7540d6142215aa9559580ef4ee8826cdc551c74b |
| SHA512 | 928c5f7af896953ffaf66e00f556499c31c3a70261db257abdd8cfa9ed0c2b7e6510f4dc5cc1664c00206acd49803fe0e85333cd3766642e6c0f637851886649 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuxUcaL\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuxUcaL\prefs-1.js
| MD5 | 38d1a45ba079e65c838991f95ed39496 |
| SHA1 | 075363b2b5dd120b81d1c5d83f870af6791c52c4 |
| SHA256 | d82d20d64aa7e23e2f84bccc724469cf5f9c683940db6b554eb4f3d97abedff8 |
| SHA512 | da6b860079b99270bcee89a36d12d9eb002574d62a88ef7e4fb27c34db0eeca225d30c05b12ed24e2a79bf23b62f2399cfa4c209cecdc948718c4f3cc86445bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuxUcaL\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuxUcaL\sessionCheckpoints.json.tmp
| MD5 | c543c589f3219b3a444ae60b83e2b08e |
| SHA1 | e259a2fced0248129e02dffb6e0f01c4b33783d8 |
| SHA256 | 65f9611478b292ef0f493dfe7c2443e2d4e32f7f1999ad4fb71bfd5949503d27 |
| SHA512 | ff2083db0cc99bfaf0f2e10dea6ba6812e1cf32021d826a222948dd8b207dc592cda88c6ecba499ab50e6bf9eba75b0d53110492445b7babeeaa2b12512b01a1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuxUcaL\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuxUcaL\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecg5ETm\user.js
| MD5 | f0ffdcbb298131b561dc0ba711ee5043 |
| SHA1 | 360d240f3eea96d437ffc9b7be91adeeb60815e2 |
| SHA256 | 6ac4fd52bf3c261d3c062291e7371ebcbaaab9a4b78a4ef89b35c476d1346687 |
| SHA512 | 5667cea94a74744fbded9645aef5a33c321ef57e28f3cd759d0d5782a2beb251ecab6d756f7029bd47ca811fc1473ec5bc31b7a802d5599478033b105def2b77 |
memory/916-1603-0x00000000035F0000-0x0000000003600000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecg5ETm\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecg5ETm\prefs-1.js
| MD5 | 3ff9ed57e40ce3819589d3f67e6649be |
| SHA1 | d21d4b9fcd8fde0b74a3a3cc936536ffa2d4b888 |
| SHA256 | 01e445a666ba68629493c2663700612cdd7f3db4a8c6bd04a4a7129368da318f |
| SHA512 | 61e738e1bad8090a695616556bdd708ef0293c6a079f049f84f558f7a0538014d1cd542ab009804934e7f93a23b2688efe8fbb92430958e22a91b4b403236d25 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecg5ETm\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecg5ETm\prefs-1.js
| MD5 | 90f301a94170458d9c9c6e732b419a75 |
| SHA1 | 5742d3a03535427dc6468b9b1b076af9ce6423fb |
| SHA256 | 97ab2d65253aad699d0f5ac6cdb10c54f1315044df1a24af00a4884959fee79d |
| SHA512 | 049a3f2e8d29c6803cbaf7a5999a6c65bf21698bfe396c53a18f2439a0f59a665e8ac8106345c12f0175375970ad0c8c6b88a0f0a0852f266c037ff6c64159c8 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevRarwK\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevRarwK\prefs.js
| MD5 | 5cf82673e1d68b6c363bcd6978c3ae22 |
| SHA1 | 0fb90665ca0a769615d7ea1cc1101444131c0498 |
| SHA256 | c4c996b3ccbbb9ad3072b47bbc8f7aeef896d5b2504116c53719549a9fd675de |
| SHA512 | 3b0e780d06184ded7da467cd479f833c0e2c236e57a02e0ba3fbd8c478bd6e2ad47beb134f4e2dfc7a9089050cfe116fab9cf33550382c4341675a15c81a3c28 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevRarwK\prefs-1.js
| MD5 | 6c807d9161e4f63def04bf4f428cf13d |
| SHA1 | 46f3281d1100b144f73e5079fa5f1c654a91e25b |
| SHA256 | 5c77c7f672706636383918d6daa1e6f3a7f2b61f84ededdbd32aace93174dc84 |
| SHA512 | 7e26a22eb83993a5abed60b327ef60902955fb1fbc4291bcf44180727b3ddce03be1fae3924d16350dcffe13057428491dca8eb6384d80a5c89a2cbf15ee0f61 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilevRarwK\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexR0bWA\compatibility.ini
| MD5 | 7c46c8299cc4f8781be38593f6df4bd3 |
| SHA1 | a4201efdaa39939cb15d3eb54cfa2e7a8b416952 |
| SHA256 | e1fb0d935dfdfb40ac0c36cd55198ba424db5c6cfc5ca8968e02e1bd4f388be9 |
| SHA512 | e06b5e19eb722a4d27e5f82489e4f21b243a182364097b7c866ab753ec593b55f90af5a2f99e078a085fb52bab555c74472708ac56d831989d7f0ae4b31957b3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexR0bWA\WebDriverBiDiServer.json
| MD5 | f89966ec9ce917366d5784f887aa862a |
| SHA1 | a045128ca2bbf70282f2c357add7d1a87aa243e5 |
| SHA256 | ac45c0721e0b1b30884b847b46ba04a5e1b4dfab7ca1b37c4bcf62b3582620ef |
| SHA512 | 1d24f8fb64a76f34d706c23f41e88e7f9b8a281c926cccdb41c21c61ae893f2ab22218a10aa6d4b958426915ce8389870ede2c51c51ce8ab4f32d7cdd161d4de |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexR0bWA\startupCache\scriptCache-new.bin
| MD5 | d7c83dfff8be98d3c2da38be05dce821 |
| SHA1 | ba0f16bc6ad99ee65d67f55ca02750c2c7eebb8c |
| SHA256 | a71b9746fc192e2fa55ce1e528dc8df390ad4d1826692467047ca54f12ecc968 |
| SHA512 | 159a8863bf10888807ca3193c8518888134de5127a6251c64cbe9db974da428e927a8ce000ffda0c4871a06490c710101cd18a911cdbd54cdb277b90da06f707 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexR0bWA\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 175a4c2102e02d54335533ea4f395ea0 |
| SHA1 | 32015863fc3b3efa38f36a3f6ae046e379a0fc63 |
| SHA256 | 298f55e4bb4b3349d82d3cbc4d108bea58467e6bdb3a900f4619b1b7f080cb4a |
| SHA512 | f1e5e9536d468f13dc1e5e486bfdf7f26c8bffd2e09949ac637feb520383d28e10246f8d3a399249d05309f382815d706bc75b31a7e4dc7247548fadf7a2824b |
memory/920-2698-0x0000000008340000-0x0000000008350000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexR0bWA\prefs-1.js
| MD5 | 29ed5eff377c196e0fe4a6ccda5b1417 |
| SHA1 | c2545853ada6145adb4a26ba78b8e9c6d54cf203 |
| SHA256 | 27af15f668ad6f9b59257909b358156a1f774ebd52d7584df28c47e7a398f6e4 |
| SHA512 | fbcae56c8dd421e879b579a27c58b280edfc5a54bd662c05e2c79edcb4d1f79bd7c4614a38cd766628dc7bd02c04f0c16b678cb3a084fbbea6aaabb31a6206c5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexR0bWA\prefs-1.js
| MD5 | edfa572474c9d36d3998295b4611f7ef |
| SHA1 | 856ba1f3de2ac02d310b2ddf93a0479215a34b2d |
| SHA256 | f5848f1c6ef6534af2aa210897a14320a4babee82b63e9df308abe164fdadaff |
| SHA512 | bb8747290ca4db9938a475613891ce6106b8549311153335570cee3e7af012d71f67ea800342c7a456d93a28a15849e544d04c7de5e0d5906c9a7e12b47f0c73 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexR0bWA\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexR0bWA\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexR0bWA\prefs-1.js
| MD5 | dad10f76cba37e4b391d990eb68a11cf |
| SHA1 | 58f44e42ea88c660d9a5cd90e0f83e4c663ceff1 |
| SHA256 | c77438bdfc942f9c717ced302471b535f8d58fbc0492b57a118118e9eb70afbc |
| SHA512 | 958e2586a147d8fe33e3055223f2c5a5d0904e1d4052ffd0e8cc8a7742af25c19a3666a7db8f53217879010ee6e6a6080be8108bf8c0349a32c3ef9d3740b789 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWbtL07\prefs-1.js
| MD5 | 06cc0b5cd11e69641de186236ce8ff2f |
| SHA1 | 67fea38357b955d1118fd0cd38e3455121bd0e54 |
| SHA256 | 5f4890202029755dac9eeb4f25f859a134d2b8442da95ddc8ca795f8ba641fe7 |
| SHA512 | 597d1ca3a72d7d04f4d03fb31935c2ee191c800178f796b551e2f7272d2725df43d3ea2fd7ca17f7d00408947575076d9d6b1be6eae629815e339d73fb9dd440 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileWbtL07\prefs-1.js
| MD5 | 2a4ba3337625f16d2347100fc3acbd98 |
| SHA1 | ee6845e9e803361f14043c0c40eba560bbc90ca9 |
| SHA256 | b1e0d4729c0ffa2250da452e1d9d8f1b57e7b674ba804f0ede9dc8e3e21335f2 |
| SHA512 | 982a2df22945bb9278a534cdc6ead70b74b270f3dcfbe6538f599f6c1797e72d917eac99e274d5c12f69d77fbab969c0fc881bdf3566802cb7d2e24b6f5e2e97 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofiledXswGg\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win10v2004-20240508-en
Max time kernel
300s
Max time network
310s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI29282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI29282\geckodriver.exe --port 65047 --websocket-port 65048
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 65048 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecykUHl
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 65048 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecykUHl
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3492.0.114328159\1372285889" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {68d44a73-33af-484a-905c-e0c18701ece6} 3492 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3492.1.890992918\2105247900" -childID 1 -isForBrowser -prefsHandle 2484 -prefMapHandle 2924 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {0aa0bbdf-99a0-48c1-a972-c1bed1780d06} 3492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3492.2.2087034130\1207048436" -childID 2 -isForBrowser -prefsHandle 3100 -prefMapHandle 3108 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {c93f6a4b-791b-40aa-a967-bd8672de0c5b} 3492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3492.3.158886379\42141938" -childID 3 -isForBrowser -prefsHandle 3504 -prefMapHandle 3232 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {01420e7d-edf1-48d6-b9f3-6ac68b8698cf} 3492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3492.4.424798254\184464956" -childID 4 -isForBrowser -prefsHandle 3992 -prefMapHandle 4016 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {025aea1a-28b1-4495-bc6b-91fff1080605} 3492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3492.5.867466179\600035662" -childID 5 -isForBrowser -prefsHandle 3416 -prefMapHandle 3224 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {8cb2c693-ff18-4678-abf5-bde10a89b6b7} 3492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="3492.6.2121018351\86642338" -childID 6 -isForBrowser -prefsHandle 4244 -prefMapHandle 4248 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1180 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {58dd5fd8-cb68-460c-aacf-ffddd0343f61} 3492 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI29282\geckodriver.exe --port 65047 --websocket-port 65048
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 65048 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 65048 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="212.0.218621848\902755294" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1640 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {0035dce6-9bce-4a2d-abe3-73d16684902c} 212 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="212.1.924147391\533170129" -childID 1 -isForBrowser -prefsHandle 2748 -prefMapHandle 2744 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {1054fdaa-0d18-425d-913e-e6be5c7dd0ea} 212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="212.2.223804852\861788587" -childID 2 -isForBrowser -prefsHandle 3200 -prefMapHandle 3196 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {8abe36a5-b00d-4a8f-ae54-fcc1721b25c5} 212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="212.3.868311507\614018616" -childID 3 -isForBrowser -prefsHandle 3352 -prefMapHandle 3340 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {805e792b-760a-4427-91f2-22383cc48a9c} 212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="212.4.333888067\799013410" -childID 4 -isForBrowser -prefsHandle 3312 -prefMapHandle 2604 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {a2a436d8-2527-4b54-949b-586b1a14530b} 212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="212.5.1291539771\1077591487" -childID 5 -isForBrowser -prefsHandle 4216 -prefMapHandle 4212 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {15f3bd51-debb-4a45-8dd2-9a9182e154d5} 212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="212.6.781008593\540463083" -childID 6 -isForBrowser -prefsHandle 4320 -prefMapHandle 4324 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {b29b0562-e069-4eef-aabd-ee16867bf21a} 212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="212.7.2030199201\1637493858" -childID 7 -isForBrowser -prefsHandle 4776 -prefMapHandle 4780 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {97aa0614-d62b-4598-9020-69952c3e97dc} 212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI29282\geckodriver.exe --port 65047 --websocket-port 65048
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 65048 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQnTOtq
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 65048 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQnTOtq
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.0.1240747524\1364395397" -parentBuildID 20240416150000 -prefsHandle 1660 -prefMapHandle 1652 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {4d4519a8-da7f-406f-8e28-6e71f87dd629} 1936 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.1.585851869\711587552" -childID 1 -isForBrowser -prefsHandle 2652 -prefMapHandle 2648 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {202fd975-afee-41c0-80d9-ae304ec6110f} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.2.1150688304\1232378654" -childID 2 -isForBrowser -prefsHandle 3208 -prefMapHandle 3204 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {c65fc970-09db-4a97-8877-a60fb3d78320} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.3.869394218\1893255429" -childID 3 -isForBrowser -prefsHandle 3252 -prefMapHandle 3256 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {f79a69df-0db8-44b3-874b-37bdc9ffee0e} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.4.1377429005\675330264" -childID 4 -isForBrowser -prefsHandle 3888 -prefMapHandle 3892 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {d064db46-cfe9-4628-aa6a-d40465530761} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.5.597814326\607808246" -childID 5 -isForBrowser -prefsHandle 4056 -prefMapHandle 3968 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {8fecaccf-10bf-4aa4-bb00-6de5b07e9cf5} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.6.608630122\198894969" -childID 6 -isForBrowser -prefsHandle 4172 -prefMapHandle 4176 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {4d666cee-3f5f-4590-aded-5179a73cc5dd} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.7.1433499379\88438099" -childID 7 -isForBrowser -prefsHandle 4404 -prefMapHandle 4192 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {5bc1b090-0c7c-49bc-8b34-f75a2330fb17} 1936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe" -contentproc --channel="1936.8.1848685700\640987215" -childID 8 -isForBrowser -prefsHandle 4792 -prefMapHandle 4796 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1324 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\browser" - {9f0d1549-0a76-4ddd-a09d-56867dc8e7ae} 1936 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 199.195.251.119:9000 | tcp | |
| US | 8.8.8.8:53 | 119.251.195.199.in-addr.arpa | udp |
| N/A | 127.0.0.1:65099 | tcp | |
| N/A | 127.0.0.1:65101 | tcp | |
| N/A | 127.0.0.1:65047 | tcp | |
| DE | 188.40.255.114:65002 | tcp | |
| IT | 213.109.192.61:443 | tcp | |
| N/A | 127.0.0.1:65047 | tcp | |
| US | 8.8.8.8:53 | 114.255.40.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.192.109.213.in-addr.arpa | udp |
| N/A | 127.0.0.1:65255 | tcp | |
| N/A | 127.0.0.1:65263 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 15.204.226.3:443 | tcp | |
| US | 8.8.8.8:53 | 3.226.204.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:65047 | tcp | |
| N/A | 127.0.0.1:65047 | tcp | |
| N/A | 127.0.0.1:65047 | tcp | |
| N/A | 127.0.0.1:49254 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49262 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 90.16.208.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:65047 | tcp | |
| N/A | 127.0.0.1:65047 | tcp | |
| N/A | 127.0.0.1:65047 | tcp | |
| N/A | 127.0.0.1:49663 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49678 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI29282\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmply2mikpa\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 80e882ce8268212cf4db9fbe44f95336 |
| SHA1 | 85abc152168a20d8db2c6501aa43a97ea72efc8c |
| SHA256 | 32c7fa19bdf922f35368bbda1fd91b30fae89f7e8615c8224901e4e3454ee937 |
| SHA512 | eb6fc2086c0c5b1e2207c675e49713961246559ade42f65f5e1d51e6139e503eacceaa57542664f7161dc320df0403d90bc85e499aa2d0f09c4a3d4236920cd5 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/4832-493-0x00007FFB9F530000-0x00007FFB9F531000-memory.dmp
memory/4832-492-0x00007FFB9E950000-0x00007FFB9E951000-memory.dmp
memory/3160-539-0x0000025C8B0D0000-0x0000025C8B100000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecykUHl\extensions.json
| MD5 | 747f35733d0a82f933c7ed55657737a3 |
| SHA1 | 3c25b3df7c65d1a57a7c78f2e2982506d854249d |
| SHA256 | 85047c24a134f04290c0ac46ac6555878279d9aa18c90fbe5c7ea8168bf698bb |
| SHA512 | be95ea42cdbfbe50fd6fddd5964de0a0f0153ca3cf7bf8d18bbee5465b1ee4fdfbe4f333a03391b31edd54e4f63fc4c4ce7323cefe62ccdd62912df2da254e38 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecykUHl\prefs.js
| MD5 | ccde6c0e1655562ad3e08e37f73dc743 |
| SHA1 | 9c43fb135f39abd9e60e2dbea0951c5dd3a434df |
| SHA256 | 553a905cd6e0cbfe0450648348feb0d469959b7a6acc6b090d4d6af0f41df6d9 |
| SHA512 | 9571778decb4458fac2198d1e8fd02cd72a3d829cce55f13f62d4633fcb7042298f50917be60be10d29b2006eb544535f3bdef0de2d460988eea17caeea6ddce |
memory/4832-605-0x0000025FBDC70000-0x0000025FBDCA0000-memory.dmp
memory/1624-612-0x000002CFD55C0000-0x000002CFD55F0000-memory.dmp
memory/952-615-0x00000237BD000000-0x00000237BD030000-memory.dmp
memory/3732-614-0x00000282FB700000-0x00000282FB730000-memory.dmp
memory/1840-613-0x000002DF87190000-0x000002DF871C0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecykUHl\prefs.js
| MD5 | f5dad381a52a840a900e391bede28dfa |
| SHA1 | d2979d3dd59caa1191e457fe532ef78799a2b0a9 |
| SHA256 | 101f44f604813a8f78c07075538838235d31671d348dda9335f6e62a5c3f5de0 |
| SHA512 | 3dbe1a4858e339d22916b040e393b8748351c70a74001ce79f1781581c85241f84ce9c8c4307053a8f958d39307d409dc1f22ce8bf4931204179bfe41cd9d517 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilecykUHl\prefs-1.js
| MD5 | 95363f70c5521e79c7b56cc877b5c381 |
| SHA1 | 97d9293ae1d66ad2693e1aef6485504278726e15 |
| SHA256 | 2098e55b1c32ddf5282caab7e44dc75d6411ce85d949a519bc8e8ab9279e90a3 |
| SHA512 | 9baad8b140970adabbb9ff802fc81a25b36f85f84ef2d1877c293940ddb52b05a32bc9f17eb6ca15980852d24e575d7932cd81184568520a6c2e46dc619ef25d |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 35aacb7e5d17eda61b55d6ad230b25b5 |
| SHA1 | 2e616e480e98f70c19c40bd343f65794a9ab9f40 |
| SHA256 | c591f31ded57538ad35cbcbfffdf2faf3913fd78398a5b8be7623c5859c3d937 |
| SHA512 | 8dafbe434a29e9a68340219f0ce3f09f543590d163ceafe90bb1315abf7e7ec42ff1c1a9bdf282c7c8802fdc50cbd7ece374f8496eb44291bc5d85779f9bbb25 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/4388-877-0x0000025478050000-0x0000025478080000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi\prefs.js
| MD5 | 7a63910cfe8b74ca627fd92455957a73 |
| SHA1 | 0522e8989be4c3a68eb9e0da822934a20833e2dd |
| SHA256 | b8d42ccb261a0d42a1c6c0b23bbe504578703a63a9378f9488083abccd2fe27d |
| SHA512 | 5f62f0568f781a6cf639ebf0c6c1d0822af62c8cd8e9d2070f5768d318b7f776236024a06c5faec695173cf10448ebe4343f42a1d02cad5ab471197333c8ce09 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi\prefs-1.js
| MD5 | 81058df75aee760da9a45290090c75d2 |
| SHA1 | 9357a298a682af31a027b9286a77c563ec88286d |
| SHA256 | dd0823304b5ecba91823fad907e45a86b6cee5b69ae13ff07d7a442dfe997267 |
| SHA512 | ff1bc18b4664682193e8768f727d379204845ca06e375f350e809f155a1f96faea1f2a0488b0c37ac8329c3e2c34f5db5a4b955674281d3a19386ea7866d7424 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi\startupCache\webext.sc.lz4
| MD5 | 1b799cc5b6cf681cfa54d37c8ce8cb06 |
| SHA1 | 2f0fae44eb2fe74542df923e37f0c7e23a74fd17 |
| SHA256 | ce654b3257aec215ee980682aa6a48628dac50252a09301efe8686ff3f406a03 |
| SHA512 | 10263e878623c9375095f150a83e5fe42fb5feccea139e107d37b2337f0c68c4f8a47952247d7e8517876a12dcd696202b8ecdf115577c0e416a489a280451d3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi\prefs-1.js
| MD5 | b1139d1989833d2a8dcc1b95f46ef0fd |
| SHA1 | 9ca3167d7d8127d9828b004ad2d63e0f11def26b |
| SHA256 | c8f9d44a985391f381989506f8c2cf744e94f7fad8e7f0e5dfd98a5395a48821 |
| SHA512 | c0eb65ca70070465ec724432b00b43e58fa2cb816b8a106201ece0781af70bb71b01ae069d1e444251847ef4b8a9d40dc2d9ab72f021dd3f9748eeba9a5ea0a5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi\sessionCheckpoints.json.tmp
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMGk8oi\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQnTOtq\user.js
| MD5 | ccf00fca0fde89da1207a2d66491b545 |
| SHA1 | 4d67b3f6e61c9faa3220c9eb982f1ce105b7c365 |
| SHA256 | c09e7385c69bb595a21ad0ea19dad939dbd14a202941e524aac9c88b97919405 |
| SHA512 | bb7598966101208f663d3b134b1cbb9a069362d6e7596cdf349d904684f69b7551a3ed521e49a1c8ca4302108b30aba60d81d09bdfb2dd597b1a5d607b5978c0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQnTOtq\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQnTOtq\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQnTOtq\prefs-1.js
| MD5 | 09c440ffb6f3bf02e4d14ad296264b4b |
| SHA1 | e339865f8b0fb2a66560f57f72bf547124a934eb |
| SHA256 | c1162ac0be55307d1609dcf8dbb53d70149dbb33fc0b3823e5d871ec9892c3de |
| SHA512 | 87d5cfc19e11da8875ed5c22e91cc462da8b382e3eb7f3aea9dc8a96a836a211a5f923ac9a9a6eff027897baa9666a7ff8174792dab1bb9f831933897e7372bd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQnTOtq\prefs-1.js
| MD5 | 8e34d9160ce5dbf2f92ed176385f3988 |
| SHA1 | d075f8b46936712e683f926c51d704cfc968a8a8 |
| SHA256 | 3a4c5a3badad6baf46a4c9184b6537875998786f2551bbe849f61e6676d7ac70 |
| SHA512 | 668413dc81911cbd4e49ee2083b93cb12ce19b995f9b3ba8fe01cf9d7b17f5c73aa1a4d739f0dc98b84270b55b5869f28a9183e427c12269a247223d40ceeaf5 |