Analysis Overview
SHA256
88093c75834d60df3b4b6f4df642bb28dc749f4bd562f587fa8f9e30e97d3c5c
Threat Level: Shows suspicious behavior
The file heavy.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Executes dropped EXE
Checks computer location settings
Loads dropped DLL
Checks whether UAC is enabled
Detects Pyinstaller
Unsigned PE
Enumerates physical storage devices
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Checks processor information in registry
Modifies registry class
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-09 01:06
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win7-20240508-en
Max time kernel
300s
Max time network
308s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI24162\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI24162\geckodriver.exe --port 49468 --websocket-port 49469
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVUkcXH
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVUkcXH
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2296.0.411931329\1418728031" -parentBuildID 20240416150000 -prefsHandle 1200 -prefMapHandle 1192 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {41f9dd28-4f09-4a5f-a001-9841d0181557} 2296 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2296.1.1437832137\430564121" -childID 1 -isForBrowser -prefsHandle 1808 -prefMapHandle 1952 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {23bc054e-f888-43e4-b81f-8cb0e4630d61} 2296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2296.2.290090316\1919333328" -childID 2 -isForBrowser -prefsHandle 2356 -prefMapHandle 2352 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {a725401d-eda4-470e-9395-6b414e8cbdcc} 2296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2296.3.91533322\35425520" -childID 3 -isForBrowser -prefsHandle 2540 -prefMapHandle 2544 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {2e541d1c-6d36-462c-8588-8c4416a27912} 2296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2296.4.753859695\1242800813" -childID 4 -isForBrowser -prefsHandle 2804 -prefMapHandle 2668 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {dbcd08c2-1d05-4cd3-b5cb-a9ed20cf9ec0} 2296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2296.5.862841062\859916692" -childID 5 -isForBrowser -prefsHandle 2908 -prefMapHandle 2912 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {517aaf39-7a73-4ba4-b3e3-ac884f3f5a8c} 2296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2296.6.946475476\1468883178" -childID 6 -isForBrowser -prefsHandle 3060 -prefMapHandle 3064 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 872 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {b6973fbc-b1b0-4998-899c-5d5c5694d1f9} 2296 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI24162\geckodriver.exe --port 49468 --websocket-port 49469
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1824.0.134927456\1691459709" -parentBuildID 20240416150000 -prefsHandle 1220 -prefMapHandle 1212 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {f823c2ee-7587-42ab-a038-c2cb9efd4a89} 1824 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1824.1.2129585689\2123402147" -childID 1 -isForBrowser -prefsHandle 864 -prefMapHandle 960 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {6f227aa8-b28f-4e64-a233-233eccb15411} 1824 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1824.2.1067962280\511283721" -childID 2 -isForBrowser -prefsHandle 2220 -prefMapHandle 2252 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {4388400a-a207-49fc-b562-c1b652115295} 1824 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1824.3.184824276\1075195685" -childID 3 -isForBrowser -prefsHandle 2592 -prefMapHandle 2392 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {7c58e5b0-235b-4d1b-8fac-a97806ba9e77} 1824 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1824.4.393246161\918614064" -childID 4 -isForBrowser -prefsHandle 2180 -prefMapHandle 2712 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {1e0af2d7-a9a3-4a86-9009-bdd05b1f08b1} 1824 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1824.5.1618584940\134354293" -childID 5 -isForBrowser -prefsHandle 2928 -prefMapHandle 2932 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {fca4c6fb-faff-49b9-a3cc-7efdabb1caa2} 1824 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="1824.6.1612466130\1700083422" -childID 6 -isForBrowser -prefsHandle 3100 -prefMapHandle 3104 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {399e88a8-e23d-459c-a6f3-98179a3b0ff1} 1824 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI24162\geckodriver.exe --port 49468 --websocket-port 49469
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehXx9Bg
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehXx9Bg
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2248.0.49337953\1118927371" -parentBuildID 20240416150000 -prefsHandle 1220 -prefMapHandle 1212 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {9d74adee-d4e7-4907-900c-41abe5b9eca4} 2248 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2248.1.396302647\638839873" -childID 1 -isForBrowser -prefsHandle 2184 -prefMapHandle 2172 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {9901fb4c-7fc9-40a5-852a-425583b1c4a7} 2248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2248.2.1739799081\429230189" -childID 2 -isForBrowser -prefsHandle 2248 -prefMapHandle 2064 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {b428d07f-305b-4259-94f6-8e2fe962e0ac} 2248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2248.3.2055099040\454649761" -childID 3 -isForBrowser -prefsHandle 2496 -prefMapHandle 2148 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {8ba29f15-2f48-49c0-82e7-9a714518fdb8} 2248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2248.4.1943296032\1379000515" -childID 4 -isForBrowser -prefsHandle 2732 -prefMapHandle 2736 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {12e23e59-16eb-4242-a08d-45aaa6c17d11} 2248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2248.5.1120771107\721483303" -childID 5 -isForBrowser -prefsHandle 2880 -prefMapHandle 2884 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {d3776d79-6516-4bd2-9769-acecd7351c98} 2248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2248.6.347734422\1654238505" -childID 6 -isForBrowser -prefsHandle 3024 -prefMapHandle 3028 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {1c0943cf-a692-48b2-83fb-0713a02a1ffb} 2248 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI24162\geckodriver.exe --port 49468 --websocket-port 49469
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqSOBeY
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 49469 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileqSOBeY
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2440.0.332239367\1709987362" -parentBuildID 20240416150000 -prefsHandle 1220 -prefMapHandle 1212 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {fa096204-25bc-4967-b416-a380f650bab4} 2440 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2440.1.1251717256\1697747323" -childID 1 -isForBrowser -prefsHandle 1804 -prefMapHandle 1868 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {cb2ce7f9-d92f-4abe-9575-6ec4964f9b4f} 2440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2440.2.532510055\1684734796" -childID 2 -isForBrowser -prefsHandle 2304 -prefMapHandle 2240 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {bbb2260c-d21a-414e-a6db-8a90b4501530} 2440 tab
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\firefox.exe" -contentproc --channel="2440.3.1971277366\2118753963" -childID 3 -isForBrowser -prefsHandle 1632 -prefMapHandle 2264 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\browser" - {e25adfb4-e970-4e25-8971-db11c76356c7} 2440 tab
Network
| Country | Destination | Domain | Proto |
| DE | 79.201.239.54:24192 | tcp | |
| N/A | 127.0.0.1:49474 | tcp | |
| N/A | 127.0.0.1:49479 | tcp | |
| US | 199.249.230.159:443 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| LU | 107.189.31.232:9000 | tcp | |
| FI | 185.103.110.65:9007 | tcp | |
| DE | 194.36.147.51:9001 | tcp | |
| N/A | 127.0.0.1:49666 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49702 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:50171 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50206 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:50646 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50681 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:49468 | tcp | |
| N/A | 127.0.0.1:51104 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51139 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI24162\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
\Users\Admin\AppData\Local\Temp\_MEI24162\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
\Users\Admin\AppData\Local\Temp\_MEI24162\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpxar3zuyf\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI24162\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVUkcXH\extensions.json
| MD5 | 97c08dc2bc7d9c4164ae472ad6752947 |
| SHA1 | 1c1f5e1d0d61c710e79017df5aa85bd8f0bafb1e |
| SHA256 | 1906285ce6dfc6b3afa55bc442822cac892aabaa85a4e011da62bf0914405197 |
| SHA512 | 65de7d7aedaef6c11ed7d1e476d890e23b1aa9a07b93d66c25fcff010d8d4bc358f958de08750e6c752a4951a6a1a737d498c177997038eab909a0e43746cd75 |
memory/2296-698-0x0000000007540000-0x0000000007550000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVUkcXH\prefs.js
| MD5 | 98f9261958ea9363ce16c40567d4b742 |
| SHA1 | 7a6b46b58957c1952b8b2918a99d431585199fbc |
| SHA256 | 9d6e177be697b9eb900afda21243fe7a14ae42575bb5fa43d1c4b8b3f7747dd5 |
| SHA512 | e35cfc1dc27890dc3779de9a2170d980dc41613ba8707f0c13b135664da36f8942c853b72d155f72ed9d7226c2b6cbbcd5ec6f69e98ffe0794fa6a52db882661 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVUkcXH\prefs-1.js
| MD5 | e8d62ecbd85942b70ebb68357db63853 |
| SHA1 | e56e4defe3da2194b16186e61271ea9fb6a64b21 |
| SHA256 | b950051c4f96215569ee70589932fb4e865f116ee23f9438ae452f81f4eff2ec |
| SHA512 | 9c2dcea67757bdbbeeb63e07a3b35840adde3b2df90541ca330261d61fd429c2064763b4ff65fcec24cf0ad07d68b92f3b4610bee3ad8f49dc3adbbf887106ce |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 87ffedf5b88374a9b80b9e2105171987 |
| SHA1 | 0fdb3b790655cbb7e255939ddf3881219324b180 |
| SHA256 | 0f50c368f27453022d69a1bc87ef79f366bc7ff82275f77db1ef045b1785e70f |
| SHA512 | a88dac199c0a396b71a0ec3874e9fa3b40a111e5a2ab121539add7a8f2ebb6f666ca44764e9120b70195e0ec01fcbb6d5469766bc79e1f881a322ea1feab4a8b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileVUkcXH\prefs-1.js
| MD5 | f2662a050ffab8c89443f1455c348120 |
| SHA1 | b3d997e75cbedaebf650db52daf2dd15e0edd539 |
| SHA256 | b3dc9dc099773310b4bc3cd51a168a1048cd24c293fb9baff91d65beaad387d3 |
| SHA512 | b72e6e1de507fcd3cb47cc65caeda424c690ba48a10035bee39f379046e22a1e46edb32713e8bf0624eb90a89c7ee5a744a7fa227520335b453f94e52263aa74 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr\startupCache\webext.sc.lz4
| MD5 | eace6785f8eaa5a1324fdd7810fb4500 |
| SHA1 | 3d1a342ededfd6e519f9ba9c2a02c5072a0be11d |
| SHA256 | c3037daa063ab7bef314bc6135653e7f8cdc4326dff495eb6b52f88405048b1f |
| SHA512 | 2ac5c7a5b945c435948265093bc56c2b883e3be2c033482e6cc853a4b3484cca2f358260ae1a846cbf16698a3b5c434fcc39b44b230464314dcf2ce5763e6897 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr\prefs-1.js
| MD5 | c45b90280efce9a89ca50443ee739870 |
| SHA1 | ad475fdfbea2a44484cd6a26c12e3818d50cde42 |
| SHA256 | 2031fff968af75f723797ffba2c1bd7c899e845d27ab97b5e66f706b53f6fd0f |
| SHA512 | b76470402e750d8faf73ffdc174c1f52f9da8a65989a473055b6670eab61e53adf4dfe91225f5723a532299e4fd5153c77f2672cec898e9684820903a2e279dc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr\prefs-1.js
| MD5 | 585a190d93be1bbd944fd95cf8ad8e0d |
| SHA1 | a18399f438a1887872113c97c50686ed9f1f791b |
| SHA256 | 7cdfc514828749449b7d1987ff82596bb743e204d7323ba9f295d45d0af723de |
| SHA512 | 9928e8226336e1edb98721ecab5d2b9be25d2a25f61a173cad3b47d6f7cdce6baea721a4c86f2167d8a5282822f9567daa4a89bcb9dc1fe0598297082c65b9dd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileMCkSFr\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehXx9Bg\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehXx9Bg\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehXx9Bg\prefs-1.js
| MD5 | 6876ff910bbe12ddb5f038afc9ece0b4 |
| SHA1 | ce25873822f90d3738120d14efd3f5cbc03d7e63 |
| SHA256 | 1088e38ade3e6506a804463edc1ccaa2eb8026b65dd5bab7d88cc697b315de62 |
| SHA512 | a623be317332e79866dfdc5719436ae39dd2aa51ebfe2384da7b7b976ff5ad5f61caed607adb4049df67e282939d87984b03a822895f891b749dc2ca1b3c9b38 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehXx9Bg\prefs-1.js
| MD5 | c91bd0b67362e6c90972ef219162f928 |
| SHA1 | cced72c0e9a148bbec93a61814ed9af4df32f119 |
| SHA256 | cd92bd96f3c9b9d907fef650bddf6d84e5ec92a8a31aeba3550d5d996aecceda |
| SHA512 | 5334277d6e560ebc69cba2f5d3439b94f40ff6fd9c08a7ff152a34f0a04d0848461bc4e1e79b6995bd4aac4b8f7dbadc62c8ac8fa4fe4097c9b892f7f5165277 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilehXx9Bg\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win10v2004-20240426-en
Max time kernel
301s
Max time network
312s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe --port 59420 --websocket-port 59421
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEy9qdj
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEy9qdj
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2044.0.889387074\1362188234" -parentBuildID 20240416150000 -prefsHandle 1668 -prefMapHandle 1660 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {9f48df9e-0ecc-46de-b4f5-3b5942460eae} 2044 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2044.1.1416771902\402714688" -childID 1 -isForBrowser -prefsHandle 2468 -prefMapHandle 2336 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {f0444fb8-adc5-4bc0-89ea-49c5ddee09c4} 2044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2044.2.11531603\1996780435" -childID 2 -isForBrowser -prefsHandle 3184 -prefMapHandle 3180 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {bdd9b970-7252-4ea5-9d6d-5d9f1b845612} 2044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2044.3.2057660527\1663978151" -childID 3 -isForBrowser -prefsHandle 3600 -prefMapHandle 3620 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {81131f50-a025-4a7e-bf67-ca310a0ec36f} 2044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2044.4.1236427670\2091836779" -childID 4 -isForBrowser -prefsHandle 3664 -prefMapHandle 3644 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {0fa3a4f9-f1a2-4162-aa24-ee739dec3434} 2044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2044.5.1910677865\1615164327" -childID 5 -isForBrowser -prefsHandle 4064 -prefMapHandle 4068 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {8897de3b-259f-4f5f-bf95-b6afb20aa217} 2044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2044.6.892822869\2043655948" -childID 6 -isForBrowser -prefsHandle 4228 -prefMapHandle 4232 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {29845463-22fd-4ca9-816e-a18095c2bcac} 2044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2044.7.263299324\209819988" -childID 7 -isForBrowser -prefsHandle 4384 -prefMapHandle 4388 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {164098ec-09ed-46b5-b6f6-67c1de51987c} 2044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2044.8.2013710785\1223106821" -childID 8 -isForBrowser -prefsHandle 8840 -prefMapHandle 8816 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {8b5bcce3-49e9-4f84-898b-efb775d1ab20} 2044 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2044.9.262805217\2071754114" -parentBuildID 20240416150000 -prefsHandle 8596 -prefMapHandle 8592 -prefsLen 27362 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {ae83f68d-d1ef-4c4d-994f-bf860b7b3907} 2044 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2044.10.1131536349\347946155" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 8608 -prefMapHandle 8604 -prefsLen 27362 -prefMapSize 245849 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {f2dbc448-f2b6-4e3d-8927-45276300e351} 2044 utility
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe --port 59420 --websocket-port 59421
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCev8aI
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCev8aI
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="6140.0.1787719964\1715238102" -parentBuildID 20240416150000 -prefsHandle 1660 -prefMapHandle 1652 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {5a0dcfae-e398-4250-a074-e9a783321e07} 6140 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="6140.1.2064918116\1724100901" -childID 1 -isForBrowser -prefsHandle 2924 -prefMapHandle 2520 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {1a62f2eb-82d4-4f21-9fa9-e72a61e70a21} 6140 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="6140.2.1420726646\1994766826" -childID 2 -isForBrowser -prefsHandle 3192 -prefMapHandle 3188 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {09c790dc-610f-425a-954c-0bd64ce187f5} 6140 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="6140.3.2122297852\1465865428" -childID 3 -isForBrowser -prefsHandle 3308 -prefMapHandle 3228 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {64353ec4-df9d-46a0-9081-32924cbfe496} 6140 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="6140.4.149032816\1381358607" -childID 4 -isForBrowser -prefsHandle 3884 -prefMapHandle 3880 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {fc0435ed-a8eb-42cb-a1cf-2d56aca37246} 6140 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="6140.5.2119300628\1513989741" -childID 5 -isForBrowser -prefsHandle 4044 -prefMapHandle 4048 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {821eaf10-ce9f-4613-9ea3-48008d5961d5} 6140 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="6140.6.44070493\1167895421" -childID 6 -isForBrowser -prefsHandle 4204 -prefMapHandle 4208 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {d098f8d6-7a7e-43e6-a210-1b202b1c12b9} 6140 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe --port 59420 --websocket-port 59421
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile07SkDO
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile07SkDO
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5636.0.892452746\839366120" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {f8e14854-fad9-4146-9551-2a403f58f959} 5636 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5636.1.697541904\652517336" -childID 1 -isForBrowser -prefsHandle 2804 -prefMapHandle 2560 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {226fe0af-213d-472f-834f-23645f580817} 5636 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5636.2.1973001219\332867741" -childID 2 -isForBrowser -prefsHandle 3196 -prefMapHandle 3192 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {fb2304dd-eba6-4ceb-9603-fee89f07e960} 5636 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5636.3.2147208291\1117583595" -childID 3 -isForBrowser -prefsHandle 3580 -prefMapHandle 2296 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {585f8563-907c-4af9-85ac-62dbd120b290} 5636 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5636.4.998027389\1016178420" -childID 4 -isForBrowser -prefsHandle 3876 -prefMapHandle 3872 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {61d7eb72-649b-44ca-930e-f82417de6bd3} 5636 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5636.5.1772094803\527453022" -childID 5 -isForBrowser -prefsHandle 4028 -prefMapHandle 4032 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {e59a7984-b1bd-4c5c-8c8b-224e50aae323} 5636 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5636.6.2116354815\1394783903" -childID 6 -isForBrowser -prefsHandle 4220 -prefMapHandle 4224 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {bde246f5-acd4-4c1e-bd97-109737660eff} 5636 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5636.7.343128982\276164225" -childID 7 -isForBrowser -prefsHandle 4068 -prefMapHandle 1408 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {8f4c00c1-643b-4aa3-b17f-9a6e822778d7} 5636 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe --port 59420 --websocket-port 59421
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo3u0Pr
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo3u0Pr
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3912.0.1623797941\63810270" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {14958862-9d28-4054-8d16-7a3502f401ac} 3912 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3912.1.568578775\1382723771" -childID 1 -isForBrowser -prefsHandle 2668 -prefMapHandle 2664 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {ec912f06-f722-4ad8-bd60-8ad230cb8f1d} 3912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3912.2.1866324659\667332799" -childID 2 -isForBrowser -prefsHandle 3196 -prefMapHandle 3192 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {c05c1e75-4fd5-4389-9928-ad2489fe8833} 3912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3912.3.1128274995\1990660357" -childID 3 -isForBrowser -prefsHandle 3212 -prefMapHandle 3136 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {5b3cae84-1af5-4d8d-8bcf-a27eedc910bc} 3912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3912.4.938284603\428308927" -childID 4 -isForBrowser -prefsHandle 3808 -prefMapHandle 3804 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {543f9e6c-216c-42e8-a2ce-20cf7e8e8c23} 3912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3912.5.734789510\224921305" -childID 5 -isForBrowser -prefsHandle 3708 -prefMapHandle 3716 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {1ebd56ac-6395-4657-9d89-3436c22f3774} 3912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3912.6.792297018\42084266" -childID 6 -isForBrowser -prefsHandle 4100 -prefMapHandle 4104 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {0d21e01b-3dcb-4099-a6e8-2138aad697da} 3912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="3912.7.168066433\2061134772" -childID 7 -isForBrowser -prefsHandle 4748 -prefMapHandle 4744 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1260 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {53232aa9-ee54-4cab-9c2e-6dbc844238d2} 3912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe --port 59420 --websocket-port 59421
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYdSgYK
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYdSgYK
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4828.0.1800596248\1867764385" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {ad794210-6f41-486b-9815-cd450b3c4b25} 4828 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4828.1.992279215\700401532" -childID 1 -isForBrowser -prefsHandle 2716 -prefMapHandle 2712 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {46fc6800-7fe9-48b7-bc93-7b14eb62a26c} 4828 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4828.2.1680868873\452578707" -childID 2 -isForBrowser -prefsHandle 3204 -prefMapHandle 3200 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {8c56e21f-cd59-4144-9bcf-7ed4269c3daf} 4828 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4828.3.79832527\1450285999" -childID 3 -isForBrowser -prefsHandle 3760 -prefMapHandle 3776 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {b833884d-bb8f-4cf4-b1fe-c5d22f2c2ee5} 4828 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4828.4.786154634\465928909" -childID 4 -isForBrowser -prefsHandle 3220 -prefMapHandle 3256 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {dcaaab67-33da-4dab-8246-38aaf7ebe822} 4828 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4828.5.1200957251\404138353" -childID 5 -isForBrowser -prefsHandle 4012 -prefMapHandle 4016 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {9e888052-a918-4004-bede-c0f0e47b9464} 4828 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4828.6.1943263162\777540964" -childID 6 -isForBrowser -prefsHandle 4200 -prefMapHandle 4204 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1256 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {c34fe58f-2e54-4157-b4e5-9a3e024a39e3} 4828 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe --port 59420 --websocket-port 59421
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilec3Yp4d
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilec3Yp4d
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2500.0.214863593\827505269" -parentBuildID 20240416150000 -prefsHandle 1692 -prefMapHandle 1684 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {161f64df-622d-4055-a73f-115a218ed50b} 2500 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2500.1.1655560415\729590147" -childID 1 -isForBrowser -prefsHandle 2404 -prefMapHandle 2636 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {781fef7d-c460-4fbc-9341-5a6971d0d81b} 2500 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2500.2.1482320000\1758959999" -childID 2 -isForBrowser -prefsHandle 3148 -prefMapHandle 3144 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {cca7f597-5cf0-4739-b009-a4766706df9c} 2500 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2500.3.940095459\1723664472" -childID 3 -isForBrowser -prefsHandle 3200 -prefMapHandle 3164 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {466d2003-6f89-4318-a818-16b52405f94a} 2500 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2500.4.1903470767\1057709538" -childID 4 -isForBrowser -prefsHandle 3764 -prefMapHandle 3760 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {674f62f5-5855-4a30-ba55-5c1b5e686a12} 2500 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2500.5.1204639864\1393214171" -childID 5 -isForBrowser -prefsHandle 3972 -prefMapHandle 3968 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {ccd448a1-531e-4ad7-afe1-870c15ec2471} 2500 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2500.6.2046011097\1636432824" -childID 6 -isForBrowser -prefsHandle 4032 -prefMapHandle 4036 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {f1dba907-1344-4413-9510-b9e3b4569561} 2500 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe --port 59420 --websocket-port 59421
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQalQI2
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59421 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileQalQI2
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.0.458998959\2070450280" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {b3294eaf-29d0-4d8a-8f9a-5f79a58e44ab} 4620 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.1.1564424007\718061394" -childID 1 -isForBrowser -prefsHandle 2880 -prefMapHandle 2876 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {6aa19c40-8e7c-4121-bc10-f93ebb809ad8} 4620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.2.915696748\1762812334" -childID 2 -isForBrowser -prefsHandle 3216 -prefMapHandle 3212 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {46ba6a7a-675d-4db2-981f-b9c154ff6bee} 4620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.3.88371141\1954904166" -childID 3 -isForBrowser -prefsHandle 3456 -prefMapHandle 3204 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {e7cf3c98-7774-4965-8315-4dde22c579e3} 4620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.4.1132223981\2006891571" -childID 4 -isForBrowser -prefsHandle 3904 -prefMapHandle 3900 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {5ec0d852-af49-441a-8dd3-1dcbe83d8520} 4620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.5.17335926\1760080739" -childID 5 -isForBrowser -prefsHandle 3520 -prefMapHandle 3516 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {63491d56-dd18-4314-86ec-70e10e1732ff} 4620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.6.1989192736\1747440452" -childID 6 -isForBrowser -prefsHandle 3960 -prefMapHandle 3948 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {b9196519-6337-40e5-93f7-c077d300a201} 4620 tab
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4620.7.457355649\974940268" -childID 7 -isForBrowser -prefsHandle 4068 -prefMapHandle 4072 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\browser" - {174f7b69-b148-492e-9946-fab5e745fe36} 4620 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| NL | 51.15.150.228:443 | tcp | |
| US | 8.8.8.8:53 | 228.150.15.51.in-addr.arpa | udp |
| NL | 2.58.21.105:143 | tcp | |
| GB | 185.141.56.28:5000 | tcp | |
| US | 8.8.8.8:53 | 28.56.141.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.21.58.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.121.18.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:59523 | tcp | |
| N/A | 127.0.0.1:59525 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59628 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:59636 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:60048 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:60056 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:60327 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:60335 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| BE | 2.17.107.105:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 105.107.17.2.in-addr.arpa | udp |
| BE | 2.17.107.105:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:60687 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:60695 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:60987 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:60995 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:61327 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:61335 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:59420 | tcp | |
| N/A | 127.0.0.1:61610 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:61618 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI23522\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 3cc2eb7b27155019ab2a31af24e2b77b |
| SHA1 | ff87a8489db5317acf73c14fa8b24d75c0c18ea6 |
| SHA256 | f213cef728b851fb057964080e18433290e52b114ff7fcd7e93d12dfe3659d70 |
| SHA512 | 65061f2facd1d1d423dcb71c725676aba1197460453e189466036ab2bccad062ac867d320a2fe54a0c0540f32d1179f4531dce5d0fa7084cf2b14d4518d85328 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpsiswt8yk\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\tmpsiswt8yk\webdriver-py-profilecopy\favicons.sqlite
| MD5 | dfa3a4ce64626cc3964d930ba7b9fdcf |
| SHA1 | 530ba947eb29f5e795c14025e3daab79b433a86e |
| SHA256 | e4ba330d49ad29b868f5716e4d137f2cc141aabae38f598832b616a596183472 |
| SHA512 | 1ec099138fbbdc0f01c25ee802467a3b994577a353fa995f4dc45182cca9b5703b98faa46da022af077f7dcb51a466775421e6bcac9d655d395a7f411061e0d3 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI23522\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/3620-491-0x00007FFF2EB50000-0x00007FFF2EB51000-memory.dmp
memory/3620-490-0x00007FFF2DAE0000-0x00007FFF2DAE1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEy9qdj\prefs.js
| MD5 | 3e081c514d81feb1c9918e148414b0ad |
| SHA1 | bcc8e45d88d8fe2f4a6ac9fe5e072a1c7f614546 |
| SHA256 | 4605176f2e4c3f7de6f000b5005bb1cb448ac2f34b264637fd0cd62e0e3c2d17 |
| SHA512 | f5bccc245b17b4628d15232f8d78d02783aa4c8c3ab629787fc5c94d2b0c549bb06a9451c64008556ef2dbb894ce8104557e58c1cbe9d84c6852cb05bda721b4 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEy9qdj\extensions.json
| MD5 | cf7fe1bfc2f5292d6b9edd5727cafae1 |
| SHA1 | 74a0df4007ac749645c7be700552e050030f0c9a |
| SHA256 | 6640611aa26bb55e91be5785e75c293a007c9ba4e27225f3538fe94ef4ff821b |
| SHA512 | c50025e2d22a89fc96980b1315643a2fdd87c221826c6e4ba964c4dc8a56d9032eed7cd10fd65835c69ee124a0002bf69fa21bedc02b07ff271b4d46a6e67496 |
memory/2044-565-0x0000011F6BA10000-0x0000011F6BA20000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | e8b0183f378d8d68aefb10dea0b77846 |
| SHA1 | f1d46a4d490dc9bd55bf5677ce58f9adda89a3d3 |
| SHA256 | f2b37bf5d4d7c30a180bf50784ed9c331bb46b206c28ae47d668b5ad911c9357 |
| SHA512 | 9f3839d532e6f04de6798344a869e250526465f2f02b5a11e4a86a65d731550bd8c9182650bc51b00cfdf26648f03a7adead5711d77cd20723698431aef7a797 |
memory/2044-650-0x0000011F6AD40000-0x0000011F6AD50000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEy9qdj\prefs-1.js
| MD5 | 5c0d55006a5cc7ba293ad6f4481fdb0f |
| SHA1 | e296da42bcabb012eaa0b6203932a3096e57f1ed |
| SHA256 | 92b262a9b4629938ed6841425a3adea89b798d9806886df7bf3bf8159419aa86 |
| SHA512 | f5a71193d8bf6d2359cebc290c8ce7b7bcfd3c4538b300c5831592a1fd5042f87711f6ef5a59ae0633ef2e602515e0efe3cfe9fb1ebeb72539590732790e2963 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileEy9qdj\prefs-1.js
| MD5 | 3828a0a6346a56ffada062f17271ea40 |
| SHA1 | 48f1a65a7045cd8f6e70e747563feec035451c23 |
| SHA256 | 8aacbc6f189b17a52b47be64fc9d4c35d64701a8e7dba87bdb57701e0cf2f34b |
| SHA512 | 49b1d24b56d9134ae4d4647afa4d475c02d9060eeb5552d8fbd842879924a663907bf9cea5d9369fe56fe38c40f8b53b65bb8d94d38466eaa06e034c326fa1b3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCev8aI\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCev8aI\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/6140-888-0x000001DDD1F90000-0x000001DDD1FA0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCev8aI\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCev8aI\startupCache\webext.sc.lz4
| MD5 | 75c8e761f57d974f5181979d26bf1b89 |
| SHA1 | 447d061656bac5966f823393f181742733f908db |
| SHA256 | a6493a042f75c83b0811d6e80e3804e5fcfc6da28a84b2d2a552ad20119f5de6 |
| SHA512 | f38c997912d68f6d46f5993ca306fe4ad3f30969395a670f310bb80b646507c196109e7965e6354e973bc221cac594d5d71da8b0e55f352428051a1c77eefbb3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCev8aI\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCev8aI\prefs-1.js
| MD5 | b156d51d6044ca95be4021315ebb493f |
| SHA1 | fdb266d6f7a71d87fad37eb485d339db57e8b925 |
| SHA256 | 7e73166c442a3ef0bc9b39e73a26f5a0890782ee82a6b2ae731d5d48b4b962bb |
| SHA512 | 7d7e6b7ca29f70b7243ade9b858a46c6cb053c643229c60ede2d8c3daf233fd66467053ed99567591087c61acdb0ee5c82ea55a73cb1b40a0521da96ce5e95ab |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCev8aI\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCev8aI\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCev8aI\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile07SkDO\user.js
| MD5 | 736db8c9b955f72129a6644a9c797093 |
| SHA1 | 59f1c80c407e27ffe85407a82f7b7250c5ee3753 |
| SHA256 | 668694ca0485bfb77e7049bad327ba3f83534f31c1d50744f227c996eab4097f |
| SHA512 | 9916d339304272357ff56976bfcb9fd2d607ccbaa33dc40b88618c9ae31833923d3f2e8288cfc1f0090da90803b5e07404c41182155db2d2345df6f63020f217 |
memory/5636-1162-0x000001DC2CC70000-0x000001DC2CC80000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile07SkDO\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile07SkDO\prefs-1.js
| MD5 | d6a898c438a94ec6a9b35998a1bddad3 |
| SHA1 | 4ac1791079a4781b6d50e33ae9df6fcd8d7f51d4 |
| SHA256 | 7e672891ff8f498689be67a87d02c0d14894bc3c00e67c864ed22a504165e3e3 |
| SHA512 | a839ac4657172de1c471ffa036ffed19bb7ff5d3e3ad7352e5d99a17ffd8e41a3c9a2160169c66a44f62bdcc16a299b311639ec69b47ab90069aed7e7e61e8ee |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile07SkDO\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile07SkDO\prefs-1.js
| MD5 | 0fbc70ba696b0aaf21588f57ea0e7c3b |
| SHA1 | 9bbd293571a5948cbc91def535eb491c7baf76ea |
| SHA256 | 4181e72f7e9bc869a6f739f6df508e944fc346a9d3484913eb97f3a1276057bf |
| SHA512 | 27769cdad36fd3d42815529ee0003819cdd202a500d4342af2dd03939a869f6c4a9ae52b137a7837df8869277d2c3b42c725c828fe97ff360895189125570ff2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile07SkDO\sessionCheckpoints.json
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile07SkDO\prefs.js
| MD5 | e9d1406cdef0b4e4b75a60b3acad8d68 |
| SHA1 | 316b0c0de803ae59fbcb7584237bbebf729ac9e5 |
| SHA256 | b717a9d31c2d95091642ad17088b18f47f85b510e1287163462dcfbd7b517f7c |
| SHA512 | 2d3caa5a0d2d1d916ea9d71186751c032d8ecdd4e4eea6ba7756439cf2e155ba1aa135da44db8ff4411bee4ead88caf280974e4559365445923f726764908737 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile07SkDO\prefs-1.js
| MD5 | 0e5117ab6586eb5d51f72ce61615431f |
| SHA1 | ce0e242ebf74eacabda0a779c6133615ba61af0a |
| SHA256 | a9516782a2cf46d4860311459afdda109c481046cd92eae63cbb471252c8587e |
| SHA512 | 885b1b04719d10e033bc1b7d2a7333fefada3863b6ecf0efefa654788d97ae7ddd365ae4ca25700aac887defbca1228bdf82cdce247823e78c8b7462f48b6683 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile07SkDO\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo3u0Pr\prefs.js
| MD5 | f9303f65d93f62d919a8d416bac41c7c |
| SHA1 | 8460e18e0ab22aa1a742ec903ea2f657481de913 |
| SHA256 | c6c839d3a135a1e9a6d5afe95a39d72768c9b1c85a44355631b624fae856bfec |
| SHA512 | 8d9723dd70118a449acf6a5cddca9e37ad127d63365a1221e2b146095c7685d9e860ab6e080e4014ecf8cdb229c9c194acb659eae07cecbbca2a63e80a1b1892 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo3u0Pr\prefs.js
| MD5 | 29c51e80a6007b8079cecff557c7916f |
| SHA1 | 20332f355e9c6c322d3444c8eedd62cf6f8a37fc |
| SHA256 | 0d6d5506a8691ca1e31871383b852789abe70941b886a27667d1dd70ce5c90d3 |
| SHA512 | a6667e27f4d13263131c0ca82654dd8b786fa2e6495f349f011359136ab7c24f791811c9054da7be15cb8b9f4835cbebb8d7192f616f8405980d69090b8c488b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileo3u0Pr\prefs-1.js
| MD5 | cea39d17d6d3fa2d0bfeace21d509f34 |
| SHA1 | 5ead1a85a0f83e7d772901faffebd54580cd674e |
| SHA256 | 934d463f2b3476f1a7bd77953a92ca0c977fc6ac87621550c0ab51cb5a263de6 |
| SHA512 | 07c0409b8083a7d8337d0e9b560c1525bbeb9527d07f019c87148544ee41aba918ad7763edb695a1616b765aa9fb66d5b36c463b5ef38d7be8f98499855b4d33 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYdSgYK\compatibility.ini
| MD5 | ee4bc29cd6ea608902232e479d8bcb7a |
| SHA1 | 3e44c7e53b7b5814f566e7912637858e0bf924fb |
| SHA256 | b8c467f00a499b08938941f571e157520ccc1f248f06952d0c315bc4b0ddcd47 |
| SHA512 | af1fc30f68f44a9e9216f4e9c3d25eea5a86a67acf9d03989516298ccc0326125c6fb0dc253d3a9558445ec1fc2f6661b4b74cf86b123d81f026ca482d625122 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYdSgYK\WebDriverBiDiServer.json
| MD5 | b97bd8f843de3630884b3ac8be7983f4 |
| SHA1 | 23bf652d14de1a7373aede5493e529e871044a38 |
| SHA256 | 47b126e9ab756eaa5b12eca4728f9c0df6d5fb4c8cb289c975b52facb93f7a8a |
| SHA512 | c66e5d43a911a165c3114881a08f75a672b7de79ae094517572593fee721ab6bcf60afd27645b502ae3e778d123c6f778cdf2164300386f85364bcb8192df98c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYdSgYK\prefs-1.js
| MD5 | 8fa307eda148f9e11c87a7fa4642f0c8 |
| SHA1 | 49a342b9bf5f317b5b0da2da4e37a16ff1c50b6d |
| SHA256 | 18b80dba48bf6a09e737ff8f2f34a35972d5cee130b2cccee819bfcd276355c2 |
| SHA512 | 50a8d5d36cff2dbe928c8bff27de68fb2385b4e253bfe6ff61e8ab20576a4bad7fde66d1e0a65521fd46ecbd9506e256dd11c19a044e20110fdd429a134903cb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYdSgYK\startupCache\scriptCache-new.bin
| MD5 | 140578486209f94d8be52b52b11e98c0 |
| SHA1 | 6c24c017bbebdf415605fab7e8bf34cc1a0bdc14 |
| SHA256 | efc2d68439f21112a2eeb7f4256d053e92283f3ce8707f547f8015a9db19f16b |
| SHA512 | bb9b335a3030f350704b7def82b712ab9e459428633ea843fbf0b8c2512762e67078538204a6d38bf82d51e86aa420b7af9d8e0cad14455060104ad9f5adfebe |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYdSgYK\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 17b94603f6075bd5bf4b82f11d1a9fb8 |
| SHA1 | 37634d6b32a140be7ce4c87de036054a9f1b1818 |
| SHA256 | 83695455a7509ef61f75555991d920ed6afacbe06bcbad426c9bd62f6c054748 |
| SHA512 | 63e440f7ab9c5ceae00898330e356ab4afc3ed0ad322f5bc3512f8211ac43187fe4a6a85f7962e3da9bb6bfba794191f2caecb7af214b7b1f3950aa10e573423 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYdSgYK\prefs-1.js
| MD5 | a6a8cbff9e4554a753402c252d59867a |
| SHA1 | eea6f4eae2f344228bfd2d018b02321ee20cc56d |
| SHA256 | 2a8b940422f2d2ac9999acfca4acff9b5d6ce53d1ac6ba12cdacdbf9ba439bd8 |
| SHA512 | b595d99930dfde4f6bf8adf2f356197ac1639fba564ae33aa19945e062b5a350ec513d825f77ed247cdf773ff382fed29bb57052358f27df3d2fd4470cf4a73b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYdSgYK\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYdSgYK\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileYdSgYK\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilec3Yp4d\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilec3Yp4d\prefs.js
| MD5 | ba9fec31c00ef38dcd4ba761f05a053e |
| SHA1 | 7cc7c222189b3e00237843c62021518eae0f4f5f |
| SHA256 | 6ceb9f746a17581901698c9a592724e37f281bb3b0fb8eeaa28dad2d8f25d1de |
| SHA512 | 6f7f111c72f5a5bf1c7c672b88ab429d4a94430b55a2e1523f6e06b92fce57a526aa54a007e682f906dac8adae968e54a5efff95b6d1a35faa1a5ed51b3e71e3 |
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win11-20240426-en
Max time kernel
300s
Max time network
307s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1230210488-3096403634-4129516247-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1230210488-3096403634-4129516247-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1230210488-3096403634-4129516247-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1230210488-3096403634-4129516247-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1230210488-3096403634-4129516247-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI41722\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41722\geckodriver.exe --port 50020 --websocket-port 50021
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenpxfV7
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenpxfV7
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="2916.0.1138777646\1860640706" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {739a304e-514c-46cd-b683-c17dc3ee5d4c} 2916 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="2916.1.1592587749\202972711" -childID 1 -isForBrowser -prefsHandle 2852 -prefMapHandle 2848 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {423c3d04-c94e-45b5-89d7-c56a99b62a05} 2916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="2916.2.477165124\766029144" -childID 2 -isForBrowser -prefsHandle 3048 -prefMapHandle 3040 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {2cdd5e13-773a-49c1-b9fc-bb3fda2768be} 2916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="2916.3.742525627\1470612428" -childID 3 -isForBrowser -prefsHandle 3108 -prefMapHandle 3096 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {2d4e3ffd-bbdc-43e6-ace9-dfbd56768ddb} 2916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="2916.4.1156631166\551104731" -childID 4 -isForBrowser -prefsHandle 3792 -prefMapHandle 3788 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {fc0b7ef4-77ae-4cb5-8ada-c1bcfd169750} 2916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="2916.5.1150955649\1587324565" -childID 5 -isForBrowser -prefsHandle 3944 -prefMapHandle 3948 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {14e696c6-80c4-4f4c-a293-a0fee35c2f65} 2916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="2916.6.1617956235\53808457" -childID 6 -isForBrowser -prefsHandle 4152 -prefMapHandle 4156 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {6e3c9b35-6224-4947-a930-761324646751} 2916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="2916.7.1276358903\1681701268" -childID 7 -isForBrowser -prefsHandle 4168 -prefMapHandle 4488 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1220 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {0d59233f-ba77-48eb-9212-90e75bc86b44} 2916 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41722\geckodriver.exe --port 50020 --websocket-port 50021
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4912.0.450639256\1394515330" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {928c699a-cb69-474c-93b7-71daeb925048} 4912 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4912.1.1393622868\1342134277" -childID 1 -isForBrowser -prefsHandle 2624 -prefMapHandle 2704 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {ed221aa8-95c0-4935-baa4-f4669ba71ef0} 4912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4912.2.1237929073\1238586690" -childID 2 -isForBrowser -prefsHandle 3076 -prefMapHandle 3040 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {1376856e-4bea-4241-8a74-e6b08c52af04} 4912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4912.3.79865191\1780345974" -childID 3 -isForBrowser -prefsHandle 3572 -prefMapHandle 3504 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {78b1f757-3b2e-4228-b14e-85a1d407d9ba} 4912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4912.4.1926894300\1890470463" -childID 4 -isForBrowser -prefsHandle 3644 -prefMapHandle 3648 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {3c5c2e5a-e3fb-4da1-a629-6b3411d59f15} 4912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4912.5.1849917987\1499859350" -childID 5 -isForBrowser -prefsHandle 3300 -prefMapHandle 3624 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {903dd96b-97dc-4112-a873-78eecdedde1d} 4912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4912.6.1492857390\1436372341" -childID 6 -isForBrowser -prefsHandle 4128 -prefMapHandle 4132 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {4b8c1b42-4041-4dbc-9090-4eaf2dd357cf} 4912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4912.7.1694055152\190186852" -childID 7 -isForBrowser -prefsHandle 2596 -prefMapHandle 4568 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {402c1df9-25e7-4faa-a3e1-d8b0027b1eaf} 4912 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41722\geckodriver.exe --port 50020 --websocket-port 50021
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejNr5cd
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejNr5cd
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4788.0.274800805\1782545869" -parentBuildID 20240416150000 -prefsHandle 1716 -prefMapHandle 1696 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {5f081958-ba1c-409c-82c3-24873294de08} 4788 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4788.1.908424031\1405340160" -childID 1 -isForBrowser -prefsHandle 2780 -prefMapHandle 2736 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {0efed60a-8530-4ecb-ba45-53577625deab} 4788 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4788.2.2045188247\658634747" -childID 2 -isForBrowser -prefsHandle 3040 -prefMapHandle 3036 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {94af6f62-60dc-4150-8adb-66dcaaee6c74} 4788 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4788.3.1986714436\612347191" -childID 3 -isForBrowser -prefsHandle 1428 -prefMapHandle 2940 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {c986c70a-b704-465b-8b4a-8df3bd09ab6e} 4788 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4788.4.1747894786\154867324" -childID 4 -isForBrowser -prefsHandle 3936 -prefMapHandle 3112 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {9c20f3ac-558b-4a5e-9e9a-cf7536503a0a} 4788 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4788.5.1582366143\874126940" -childID 5 -isForBrowser -prefsHandle 4048 -prefMapHandle 3120 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {f293e361-53b6-4c55-8682-63459dd6c2e2} 4788 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4788.6.90926308\1738272883" -childID 6 -isForBrowser -prefsHandle 3400 -prefMapHandle 3284 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {60cc3435-0ac7-43e0-a366-ea314cf015a2} 4788 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4788.7.1634717322\51425367" -childID 7 -isForBrowser -prefsHandle 4428 -prefMapHandle 4424 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {3f5550b1-385e-48b7-b1df-037873facd37} 4788 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4788.8.1504516158\1896184190" -childID 8 -isForBrowser -prefsHandle 4340 -prefMapHandle 4840 -prefsLen 25535 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {6052ccf2-6dd7-48b4-9345-a9c05397092f} 4788 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4788.9.748903675\1079062655" -childID 9 -isForBrowser -prefsHandle 5524 -prefMapHandle 5528 -prefsLen 25535 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {8846974d-c7f3-480c-98d7-296ed9c7cc85} 4788 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4788.10.1235181591\1442074156" -childID 10 -isForBrowser -prefsHandle 5396 -prefMapHandle 5392 -prefsLen 25535 -prefMapSize 245849 -jsInitHandle 1304 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {b1730353-46dc-452b-bb0b-f440a5d31a07} 4788 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41722\geckodriver.exe --port 50020 --websocket-port 50021
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCAHi6Q
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCAHi6Q
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4732.0.1508001949\203350400" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {9f12d8da-f1c3-4eae-87c5-98880306e306} 4732 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4732.1.371538732\1735076833" -childID 1 -isForBrowser -prefsHandle 2848 -prefMapHandle 2740 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {fc666756-63c0-4762-bdaf-b8db50654677} 4732 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4732.2.121691750\271835470" -childID 2 -isForBrowser -prefsHandle 2980 -prefMapHandle 3016 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {a7cc4dd0-5a0a-4a37-a273-436d635e53e2} 4732 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4732.3.1498941193\1879364798" -childID 3 -isForBrowser -prefsHandle 2972 -prefMapHandle 3192 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {62e1616b-c749-4312-bd5e-3c5e67505f58} 4732 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4732.4.711116680\1909053593" -childID 4 -isForBrowser -prefsHandle 3828 -prefMapHandle 3824 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {fd4a527d-829e-4e09-b835-97e536be7c4e} 4732 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4732.5.1222675072\962335803" -childID 5 -isForBrowser -prefsHandle 3972 -prefMapHandle 3968 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {a5d9e0ae-2d05-4d63-a994-b75f85f4b439} 4732 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4732.6.55069534\474466977" -childID 6 -isForBrowser -prefsHandle 3300 -prefMapHandle 3216 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {2c4aa098-1f32-4d71-b775-922d813d30b7} 4732 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="4732.7.157338318\856332477" -childID 7 -isForBrowser -prefsHandle 4416 -prefMapHandle 2484 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1316 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {e4770cdb-6e69-474c-8f1d-d448ab9e2779} 4732 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI41722\geckodriver.exe --port 50020 --websocket-port 50021
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuV8Caf
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50021 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuV8Caf
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1556.0.472800473\2077251896" -parentBuildID 20240416150000 -prefsHandle 1716 -prefMapHandle 1696 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {ffb81189-136b-4dd2-8311-cf459eb0e702} 1556 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1556.1.684083574\124416575" -childID 1 -isForBrowser -prefsHandle 2872 -prefMapHandle 3056 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {0cd278c2-3c3f-4d98-8973-d9b276bb8120} 1556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1556.2.657521942\537390643" -childID 2 -isForBrowser -prefsHandle 2652 -prefMapHandle 2600 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {d2ac81a2-a556-457e-a85a-6e23bb7a1981} 1556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1556.3.1102152488\1089964788" -childID 3 -isForBrowser -prefsHandle 3100 -prefMapHandle 3180 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {02b05816-37c6-478a-9b0c-a07a1225363f} 1556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1556.4.976792916\681195985" -childID 4 -isForBrowser -prefsHandle 3788 -prefMapHandle 3784 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {c5754601-d702-44c9-916b-e76607e6e116} 1556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1556.5.1387488078\141094331" -childID 5 -isForBrowser -prefsHandle 4004 -prefMapHandle 4000 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {105a6a42-4a5a-42d7-bb8f-01efe85fb614} 1556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1556.6.606746780\1297634790" -childID 6 -isForBrowser -prefsHandle 3976 -prefMapHandle 3984 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {1b00f8d2-110b-4283-95eb-47fff0f2626a} 1556 tab
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe" -contentproc --channel="1556.7.1399524945\726801439" -childID 7 -isForBrowser -prefsHandle 3984 -prefMapHandle 4496 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1364 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\browser" - {132d7a5f-b33c-4d40-bd9c-563601652c8d} 1556 tab
Network
| Country | Destination | Domain | Proto |
| CH | 195.176.3.24:443 | tcp | |
| US | 8.8.8.8:53 | 24.3.176.195.in-addr.arpa | udp |
| DE | 162.55.84.59:9001 | tcp | |
| FI | 37.27.30.181:443 | tcp | |
| N/A | 127.0.0.1:50123 | tcp | |
| N/A | 127.0.0.1:50125 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50228 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50236 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50592 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50600 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50940 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50948 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:51336 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51344 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:50020 | tcp | |
| N/A | 127.0.0.1:51729 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51737 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI41722\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\top-1m.csv
| MD5 | 0bb41c540a54e3fd2eee9689c7a4d23a |
| SHA1 | 40062442cb48102a1671749bed9e6cbb369284f0 |
| SHA256 | 94b70bb532a798d6b732267e11a90de78b0a7dd3f8a41ecf1525f52fa8409c86 |
| SHA512 | 3589975776e6cbfcf013e7461212676f6900c930347599e39fd102d37139e9636dce0577ec269d4dc90395c9f53936def2886dfef7fad938fc1a78dc3ed2015c |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 549e54a44c7326c30548c998a1d16424 |
| SHA1 | d4375f9ead356aff85d60375b08db168195d5089 |
| SHA256 | fb2df7a858dbfacbedb5ce100bc71dff2b1e1991b2d574c1d3d46701ceea5433 |
| SHA512 | 7325a6d2ed8cf43c4665f2cda3f4f9578de7a87cf70178eff7e927bb8b58f0dceff4b4bf6029593ff64fab052718cf2da8228275580071de2d0fb77fcb4bb897 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | dff7c11471a2f55c9dcdbffacbdd24e6 |
| SHA1 | a86bf99113b0118aaeca6ff79a53d2b1a68b85a8 |
| SHA256 | 88a08a38f16810abfce451d234a6e02bf61a808bce1a897b6dbc399d0e1a90f5 |
| SHA512 | f56698f649e4b688dcc2bd4b4f573bcf5ef4a5464290f82766e5bfe35c9f85ca2d619f6800b86356c31b9d4875d8e46909a07166593da8cca5f612069d836b48 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | cef7e290b89aea3372d2ca019c5ed6a1 |
| SHA1 | 2def39d23c90ec7099b0ae7fe160b82505dac63b |
| SHA256 | f2c482fe41b468e670ca6b93c3be99e805a8f65ddfa5b24a47266876b6ddfc2a |
| SHA512 | c905b7ce4e3e9c67d8453d225f5f54e224ce151816723f8f44cd3ddd0ce3d9d69e024d00a37d8cb33817f381273e478097eb68121794b7c67666b13da5c60018 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpm1mkyqhj\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\tmpm1mkyqhj\webdriver-py-profilecopy\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\tmpm1mkyqhj\webdriver-py-profilecopy\places.sqlite
| MD5 | 4b184e153a4175d0a83f8282c45eb9be |
| SHA1 | 6f9d49eacea2706ae1b1b47264897544c7c57257 |
| SHA256 | b319a9b68017b1e6ee839ccd1df238fe01fe5e721126aad96cc671d7d17ca898 |
| SHA512 | 33dee2bafc4ccb6aad7c5f6349693e8fda421e12225b1ef3b239a7d41385c7da01561e6b0b6d993f889b371784bde9fc69a8af0132ad05c7a0273c037b14b6e4 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\geckodriver.exe
| MD5 | 644e41a4c9066b625e72a8db737de2a7 |
| SHA1 | 197fde91c657018f144e448c4d8b15560a16cd8e |
| SHA256 | 1553d817bf4961cefce8d9ff21c78a84e7c058e398f1dc5eb79ba107cbe7b63e |
| SHA512 | ccc5acc068352adf39abfaa8e5eee140bd5fa54d75d9109d5e8962ed2771adfef6887cf7ea267ed58dbc4be0d0c661af7f6515c92dd1bd1813a3c2409e2946a1 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus
| MD5 | 5be1294eb3b2c41b9a650ce10a0700c2 |
| SHA1 | b78b0211f3c307bd4d8500d73b31a1ab917def2c |
| SHA256 | 1dd4549547c3f6b3e96c60818f2770ff483429dc2315d81ff6f118cc7f393745 |
| SHA512 | 2f9068f39a903b6676ad1a38de556db1ebd0582ccdeb459f24ea7ed9deb37285bc447130ba8eb690fd31a1499fbdaa5ef848ea292233023da798e2a4c8e73a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI41722\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/4600-491-0x00007FFAA61C0000-0x00007FFAA61C1000-memory.dmp
memory/4600-490-0x00007FFAA4AA0000-0x00007FFAA4AA1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenpxfV7\extensions.json
| MD5 | 11daf15861da6d77a8de761a75beadf7 |
| SHA1 | deecf769ea750d44b227e9d7b90eae38b211d76f |
| SHA256 | 4d6d953f370082eca1a9ce2e6dff8955c3d9366a7cf44f52ba8f6322c1903307 |
| SHA512 | 39be85c011c1fb6b6d1c6155d6fc34e3570f80b0b8c37372cabb008b919a55bd93401cd2824ab4b0a842ab677019d1b7c7f6abba4940f0e19936c82fc99ce830 |
memory/2916-555-0x000001CF453E0000-0x000001CF453F0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenpxfV7\prefs.js
| MD5 | 7aa8f5dfabc20cd6f51122789b4ef1dd |
| SHA1 | 8add884d24bd77b4678bd5d9713b959d1f558c80 |
| SHA256 | 29a6df5d900e53f5655fc134c398edf1f4ccdbe8ad2cad8fbfd10aaf09fe4a8c |
| SHA512 | a398ea8114c7f343025167f3d0039cd133011d7d9b21e9d6da50d2939b42bd3dea560dccf71bd86e4e5647da3205a2d5d998f9fc8075676666a9360fb1ce5530 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenpxfV7\prefs-1.js
| MD5 | 1879d0d9abaa9fb71a5bf35f95e70f2b |
| SHA1 | c3067268883ab9242c5086c098232dbe67a95076 |
| SHA256 | fb058e3cf1eb451e5e657bb13a02fc2996ca06543a5a150bcf859c766b6500e4 |
| SHA512 | 31a9fdfd96b2f3757dbdfe952ffc442ab920946b78308640d01d5166f69612d4265ec41ee6afbc17e09cbad1bbb0c727e884b83c3a52ba3636e276b376b88e85 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 0af9602133257bf1317823e59caefd23 |
| SHA1 | a5f34adf29ae3360a789d78e9dc0667d4d894b7a |
| SHA256 | e2a753deece5a7dfe217c17e422065f6ea929fc5ec95f47dd836e3cc7d468653 |
| SHA512 | a89c455de1ecd48fb0cad0c8f590122699c0c6aafed92eb0a57fcaaccab8b177ab0dc49999200cbe04695e02979e06d9329c52dcaf952665737a8a2b4be7fc28 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenpxfV7\prefs-1.js
| MD5 | 3a249c0211d84bc9ce63803b1731f1b4 |
| SHA1 | 6844599d38900024c10f0eb969cbf9471f8f3696 |
| SHA256 | 0d7d5ab4c362d95760ee4aa25e4d9bfb0189a9a099f064d9c295066a0f970939 |
| SHA512 | dd1bb58062ae76e81b45399ef5480236718775e68435f8388764997e8a85477391fe398505cbabca6ad0eae0eed8cac090107dce4f2db91da254dc3148518c51 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilenpxfV7\prefs.js
| MD5 | cc8feefd3f535ed3de4d43c2a608b017 |
| SHA1 | 6046ad00b1d2c2a4f850122709f08bc2b59026ab |
| SHA256 | 6b7e83dd41b1eb1ac9e3687d878cc3f063ce08238fc55c0de04ac7b27eb7e80b |
| SHA512 | 3e1d6c26d0f9d0844a12606384b859936f5116b10a514dad4e6124dde03dea6a5496a40ed5ea664e61fae14d58275c1618cff557a60f0ad8edf5bcdcf2603c08 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\prefs.js
| MD5 | c174a76c955c78d14b715b89cb0d42d3 |
| SHA1 | 55235b560de6bc47895c6f9f488012441e630c90 |
| SHA256 | ca7713fc2132d5e9664da1250562fbc8de2e3c5cc38ecd3ae3acd4e01888a2c2 |
| SHA512 | 244fb79d15eb303d73c61412ec15c7d3038f92e53e9fac0410797fbbb128eff467ef6b3ad3cdfdae5dcb8d5c30b5e711ed775cbfa999b0bb537759511e961b6c |
memory/4912-897-0x0000020945AF0000-0x0000020945B00000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\prefs.js
| MD5 | 38a8b5708385d096be090f7ecb71a45d |
| SHA1 | 0a23fe95ff95adf07a7f6bad00a1f0e6261de020 |
| SHA256 | 4e6e104bd89820b67b6c48d703ee09e5858e96e4a05f42832364fdcfe2c7edc2 |
| SHA512 | 7fc319bd14e973b3b5c633c4e07b4ec72a5080200822f2652773ad1a264220e00ad44d5cd196b23c2a9802aeb50492bac0bb109de446f622b370d446b9974cd8 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\startupCache\webext.sc.lz4
| MD5 | a2c62cf2c302f6d94a786a259ae999a8 |
| SHA1 | 5e2b6ab0520d8b8e08b0d8bfb5fb02b7d4f1dd31 |
| SHA256 | 4e1f8d1292c199f209aaac8ae06540d4fc9e76459f02e901273a448c360992db |
| SHA512 | 8c64ad6cce0d7ad03966fc2699787a3278d5da52d8970362bd5001240ba4ceb01511bdd7e6ed6a4d103aeba9f82711bf471a60dab34cf0dd21107aedcdde82d0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\prefs-1.js
| MD5 | 59713dfb01943c9094c1ca3e98647554 |
| SHA1 | 7fbf623fdb77afb4f1cd087506237bd51688915e |
| SHA256 | 915b0d04a05838fbe5c4e00c30e4a0861c4fdf90f57b58ad77a7f2bf0a800852 |
| SHA512 | 16fddb448e6614d04e59fd7cf5d06e4873b445e0a4973b16cebb6f1c906155459554b55646c49cbf9e5d5b969ca5b40570d4dee899c7e0446a4e4f213f89a1c9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\prefs-1.js
| MD5 | 223568a4cc20378d4c655473522fee15 |
| SHA1 | e028d3767c14561cb61353488b59ddfcc2b7f1bc |
| SHA256 | 83652ae98f5957862b8b5b5dded95e0cf1f2920d2df27a8afc7b1f5137469f02 |
| SHA512 | 7e7da62227e11145061b3733ca501324bab691d6305ec740fc759646efe291b634402ce67b4ee462af57c3b52bb8ee317e541e69b24dc83f9ec39c5dcc56b46c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexGBqLg\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejNr5cd\user.js
| MD5 | e32dae9d26c7249ca980bea3bc3b8fa4 |
| SHA1 | e68cec0405e657f73c7d8bae469a082797d1e27b |
| SHA256 | f12cb050492505726638cbceaafb3621e3601017cb637c82e74858bef9a2d8ec |
| SHA512 | e66c9b24ffc9e6a9fe3ba5c9faea1f3e238d9fdf4cd72ba9f84d46be41570a075e145724a1eb223f5fb0cceae0d8b5174e958d0b9097684184432cb5e612f035 |
memory/4788-1115-0x000001B28F890000-0x000001B28F8A0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejNr5cd\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejNr5cd\prefs-1.js
| MD5 | 0a60b1ffc39dd12e0457a0d9fbd1940a |
| SHA1 | 4b92e85044222c1f06d5205cb25ca14cc4cb9bfe |
| SHA256 | 976d1e79b698dbb94ff96e4ab8f97100c76cacc0842e0ec0b55b30697f1d69d2 |
| SHA512 | 436d78a5ea2ba690805eb7cd1d038f2f36e6a034375763787e1f202827fb70312877689904f9c4645ad792f0025b2bd6a5a4de0cc9d63a22b89d5f5fd1c082c5 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilejNr5cd\prefs-1.js
| MD5 | 1fda5fc7ffbf04ffecf24a082b629201 |
| SHA1 | ea90961c57107fde89d8d1707d4cca1a74efa5e2 |
| SHA256 | cf91aef2962e3c74ea0a53813ed02562ceeb9bd090dfc2f9bf9e83eec1af4575 |
| SHA512 | 0abf78b138e17a66ba73faf8ae06a6a0259e3713c1df6d35d6eb56a2da65796c8eeedb06eacecddde2d711558339efc6286d1f41e7187ee216a7642e6e1c9637 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCAHi6Q\prefs.js
| MD5 | c0c782acbbecf1d3590bd9755213e284 |
| SHA1 | 8c7e1a6f77ebad0c1c6a9ed7ebfe89f064642d93 |
| SHA256 | f60146cbd92b6364865a0cc7ef54341328b410df93f78457adeeb8f7d0066cb5 |
| SHA512 | 6e35281eabbb9c2cb0f88cce29f9f02f7d830e0ed9e4412379e321f694a8657e3b93ed9c811c52bf6bc6a27e579bf0ce406c77f6db6af3747fba71fdfbcb791e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCAHi6Q\prefs.js
| MD5 | a48f47abeb1192dfe16812bcfda7593a |
| SHA1 | d8504b1bc0dbf59bf7c47dbeb8831b637d314885 |
| SHA256 | 0f6b4aa6b57c0539d7a14e90e45d2887692b0df8d4c971d8191b128dbfe3b846 |
| SHA512 | 1506db27849bb8fc5f6db937c38ee70739eec6a7ffd619e2feada67bcfffd92f0d8d0c67b219b763a749248778185fddf38de14c5e3e30437cff81996651f2e1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCAHi6Q\prefs-1.js
| MD5 | 0e776dff76f548075d8bcbd53a4a98cf |
| SHA1 | cddf54571988ca3e9b9c9df660c8857cecccf205 |
| SHA256 | 80d243486a9849ad1a22b9324d69de6ffc6ad7421e12d32d4c845c53437bb97b |
| SHA512 | 3a794498dd67474529dcd37390c40d0846f0a5021ae8ee315d050062a6e097f2250ddd5d7559177e0de16190286cad37a17473e4b2370f85cab81cf757c64c7e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileCAHi6Q\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuV8Caf\compatibility.ini
| MD5 | 877e4b755af71c77780a94bf9bfcc9c2 |
| SHA1 | bf58ad60a6b08fbf76139d81066533ad3903d14a |
| SHA256 | ae6f5923f8610f80d8ed3213f527424387a3a40683fb70f04669f3eab9b8a8c3 |
| SHA512 | 26d87ffe4cda8599ccf25593b78750dcb5159efc3148de4c85e997baacc2c5e5f9f1e9ef78d54ee1394bf386786b5ec28dd864e8c6815e3b8801b2405e2b7a4e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuV8Caf\WebDriverBiDiServer.json
| MD5 | 7bba2bfb0fc31680a470dd67bab34123 |
| SHA1 | f2e27cb94acc00445bb363207fa09122f1649cf6 |
| SHA256 | 7e15088a1ba4716b59c9efa21aebb8b0d135465a29b78404125530164ba109aa |
| SHA512 | 8e38cad5221710d105ec4a9ab2634fbc87478b270bdae208afa8ca53ca6b66b50113c41d6568173274241b25791352642c12c3b8eb4abd59d1148313189705dd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuV8Caf\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileuV8Caf\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 3e6a65025152a7b7f0cbb9092185f528 |
| SHA1 | 80c13f4c4e2979657b76a7890669b4a023743e5c |
| SHA256 | 698ae23e0b35b69b1f94d1ef24d952e979b425620a6db0f66df34a4d91b3dc93 |
| SHA512 | 1dd27c44e337a19e090a25331dc8145987f55cbd2f07754179d32777a3d04b872682e555b048db55570b09382d7e41d552c45cadcb203ff1875f7c5b4ee22c78 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win10v2004-20240508-en
Max time kernel
301s
Max time network
311s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe --port 59634 --websocket-port 59635
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKjxWcz
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKjxWcz
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="3212.0.60665267\1436826105" -parentBuildID 20240416150000 -prefsHandle 1732 -prefMapHandle 1724 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {b193280f-7cfe-4a94-97df-0e247995c9e2} 3212 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="3212.1.644343435\2135676387" -childID 1 -isForBrowser -prefsHandle 2552 -prefMapHandle 2548 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {21252936-48ca-4663-b7df-f3ca703459cc} 3212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="3212.2.1063771332\1065215631" -childID 2 -isForBrowser -prefsHandle 3268 -prefMapHandle 3264 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {63e238a4-6da0-4774-8faa-70b0751d0027} 3212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="3212.3.2079568615\320551893" -childID 3 -isForBrowser -prefsHandle 3676 -prefMapHandle 3308 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {d3a72107-e03d-4f2d-9093-e7dda107d08d} 3212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="3212.4.1929349023\1330179879" -childID 4 -isForBrowser -prefsHandle 3748 -prefMapHandle 3768 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {429d991f-0bbd-4c60-b4c0-e163005b9bb2} 3212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="3212.5.138836547\1672307271" -childID 5 -isForBrowser -prefsHandle 4048 -prefMapHandle 4040 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {2615cae0-df36-486b-8e14-8881b1d4a5bf} 3212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="3212.6.1313937\1679568257" -childID 6 -isForBrowser -prefsHandle 4216 -prefMapHandle 4224 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1252 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {015fd2c9-afd8-4471-94b9-c162847e8c59} 3212 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe --port 59634 --websocket-port 59635
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4224.0.1368361010\315323881" -parentBuildID 20240416150000 -prefsHandle 1664 -prefMapHandle 1656 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {79a108e8-3583-4bad-9870-04e8af40557c} 4224 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4224.1.2018298049\929708965" -childID 1 -isForBrowser -prefsHandle 2824 -prefMapHandle 2820 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {0032a37e-33bc-452a-bed0-ebf0e5348b63} 4224 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4224.2.894573747\683314047" -childID 2 -isForBrowser -prefsHandle 3176 -prefMapHandle 3172 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {dfca8c8d-fcb2-4e24-9a2b-7b0ad31692e9} 4224 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4224.3.1768787968\999711527" -childID 3 -isForBrowser -prefsHandle 3732 -prefMapHandle 3740 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {2fafc23b-6e68-4629-bb25-6d4659341082} 4224 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4224.4.155100931\1839620454" -childID 4 -isForBrowser -prefsHandle 3828 -prefMapHandle 3832 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {7a13997f-8fde-47b4-9d54-2e798758ab4a} 4224 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4224.5.587908621\1495290863" -childID 5 -isForBrowser -prefsHandle 3936 -prefMapHandle 3940 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {8cdce14a-c20a-4205-92c7-1e5c865f878c} 4224 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4224.6.1341892247\90556845" -childID 6 -isForBrowser -prefsHandle 4104 -prefMapHandle 4108 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1268 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {8e63c08e-97be-4a30-bb93-913eab58d489} 4224 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe --port 59634 --websocket-port 59635
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8xDaPG
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8xDaPG
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1972.0.2100620502\519296572" -parentBuildID 20240416150000 -prefsHandle 1656 -prefMapHandle 1648 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {fd78bde5-ddfb-4319-b0b2-367f4d6d4965} 1972 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1972.1.1291859490\203715729" -childID 1 -isForBrowser -prefsHandle 2660 -prefMapHandle 2656 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1240 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {5a03e6b7-2ef6-463b-868a-04b8b62e3e71} 1972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1972.2.2057216007\2030506108" -childID 2 -isForBrowser -prefsHandle 2696 -prefMapHandle 2940 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1240 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {733a65e6-69bf-4d5b-9f19-8b9fabf69f16} 1972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1972.3.442867311\331073709" -childID 3 -isForBrowser -prefsHandle 3364 -prefMapHandle 3368 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1240 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {15050609-81ad-4bdd-8ebf-bdd5b87b871a} 1972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1972.4.1233153876\947725670" -childID 4 -isForBrowser -prefsHandle 3304 -prefMapHandle 3300 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1240 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {1e5c2572-6f3b-4e12-ae32-26335212edb3} 1972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1972.5.20736956\1076206284" -childID 5 -isForBrowser -prefsHandle 3964 -prefMapHandle 3960 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1240 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {7004ae9e-a644-4256-b13c-13c5289df367} 1972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1972.6.663102836\1903219113" -childID 6 -isForBrowser -prefsHandle 4112 -prefMapHandle 4116 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1240 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {16ddb3d9-3838-41de-89d5-13c59df7a11e} 1972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1972.7.1319672755\264463656" -childID 7 -isForBrowser -prefsHandle 4520 -prefMapHandle 4532 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1240 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {d6c2a508-5e89-4134-a0d0-76bf924e8004} 1972 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe --port 59634 --websocket-port 59635
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHmFPJH
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHmFPJH
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="2336.0.381357676\244263819" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1520 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {c9414264-d258-487f-9a9d-a73b8e10d86b} 2336 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="2336.1.889614126\1299178066" -childID 1 -isForBrowser -prefsHandle 2668 -prefMapHandle 2664 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {16978b95-3f6c-46c0-8968-973e03d7c2d1} 2336 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="2336.2.1420982194\278407224" -childID 2 -isForBrowser -prefsHandle 3032 -prefMapHandle 3004 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {598333c5-7feb-4c72-92a4-13223d6c36b2} 2336 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="2336.3.1388742075\1989835006" -childID 3 -isForBrowser -prefsHandle 3288 -prefMapHandle 3676 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {dca963b5-dcd5-4ec3-a280-d3b4e80eb334} 2336 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="2336.4.954748491\1666831847" -childID 4 -isForBrowser -prefsHandle 3856 -prefMapHandle 3852 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {981e84eb-eb49-4767-bf78-3400fea7b0b4} 2336 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="2336.5.233503562\590623357" -childID 5 -isForBrowser -prefsHandle 4004 -prefMapHandle 4008 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {12f4c193-f13e-4c75-bda7-e4414913d53f} 2336 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="2336.6.365137737\1662782044" -childID 6 -isForBrowser -prefsHandle 4264 -prefMapHandle 4260 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {a40cabde-121e-42a9-a52c-8c8820d94da4} 2336 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="2336.7.235756325\397178174" -childID 7 -isForBrowser -prefsHandle 4652 -prefMapHandle 4656 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1296 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {97aaf8fa-cd33-4d89-875d-d221aad37d97} 2336 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe --port 59634 --websocket-port 59635
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJ1ci1m
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJ1ci1m
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="948.0.986634496\9313807" -parentBuildID 20240416150000 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {00c2ac02-a7f3-456e-bbe2-51a1b69f6938} 948 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="948.1.515264731\1900267058" -childID 1 -isForBrowser -prefsHandle 2660 -prefMapHandle 2656 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {670807ac-ae94-46d7-9b5d-fb833d17b55c} 948 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="948.2.1467314102\817444129" -childID 2 -isForBrowser -prefsHandle 3196 -prefMapHandle 3160 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {7059a47d-3cfa-4faf-9f82-5e14a5193e1e} 948 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="948.3.1767766398\1432957158" -childID 3 -isForBrowser -prefsHandle 3640 -prefMapHandle 3644 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {3a79f7fa-81ef-44d0-9e6b-1e00cc6daab4} 948 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="948.4.1353415827\655712662" -childID 4 -isForBrowser -prefsHandle 3812 -prefMapHandle 3808 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {dd46eb7b-7256-4acf-a3f3-d83c8ae3ab8b} 948 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="948.5.878481359\1107975999" -childID 5 -isForBrowser -prefsHandle 3976 -prefMapHandle 3980 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {7172bb82-b290-49c9-96b8-8ac8669f5161} 948 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="948.6.778640154\337477375" -childID 6 -isForBrowser -prefsHandle 1436 -prefMapHandle 1544 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {9d162315-51ba-463b-a84b-3a17db794e9a} 948 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="948.7.1976881798\1557626938" -childID 7 -isForBrowser -prefsHandle 4712 -prefMapHandle 4708 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {c849c287-241b-4a67-847b-1f349a418622} 948 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="948.8.514335565\924397123" -childID 8 -isForBrowser -prefsHandle 8712 -prefMapHandle 8752 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {0cf46e08-0f8c-4666-bc6d-809058374efb} 948 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe --port 59634 --websocket-port 59635
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBTZH3k
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBTZH3k
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.0.547923488\894173538" -parentBuildID 20240416150000 -prefsHandle 1676 -prefMapHandle 1668 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {1d957d32-ea0d-40f5-a853-dfbe4b17cf4c} 4896 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.1.2044467060\679190739" -childID 1 -isForBrowser -prefsHandle 2664 -prefMapHandle 2660 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {c4d5a53c-ed57-4203-884a-584460e15902} 4896 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.2.1211091462\745115933" -childID 2 -isForBrowser -prefsHandle 3172 -prefMapHandle 3036 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {b3a492ed-0cfb-47d1-ac16-fb811462ed71} 4896 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.3.205200134\1538460894" -childID 3 -isForBrowser -prefsHandle 3744 -prefMapHandle 3748 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {ac952e53-a49e-4907-9e09-b29c81b51f6c} 4896 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.4.76553814\1145187883" -childID 4 -isForBrowser -prefsHandle 3708 -prefMapHandle 3704 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {d4236fcf-59f5-4965-8b87-53b46373ad7a} 4896 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.5.2015922059\1014120517" -childID 5 -isForBrowser -prefsHandle 4024 -prefMapHandle 4028 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {ba20b0e6-1599-4795-b47d-2b8bda0cf5b6} 4896 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.6.532664455\779689232" -childID 6 -isForBrowser -prefsHandle 4180 -prefMapHandle 3996 -prefsLen 25243 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {ee5d34fa-c34f-4f5c-a210-27fd04fe7c5c} 4896 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.7.979271997\1105547568" -childID 7 -isForBrowser -prefsHandle 4508 -prefMapHandle 4516 -prefsLen 25367 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {60fb33dc-1e80-4cbf-9119-4d0022bb6737} 4896 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.8.1499248411\1575577409" -childID 8 -isForBrowser -prefsHandle 4824 -prefMapHandle 4828 -prefsLen 25491 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {ad0e3fbd-644a-44ef-bb25-340367ce9120} 4896 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.9.610803193\697582857" -parentBuildID 20240416150000 -prefsHandle 3264 -prefMapHandle 4708 -prefsLen 27675 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {72bd643f-bc83-433c-a70e-efad8cd0a5de} 4896 rdd
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.10.588937177\841665455" -parentBuildID 20240416150000 -sandboxingKind 1 -prefsHandle 4584 -prefMapHandle 4724 -prefsLen 27675 -prefMapSize 245849 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {944e3e5e-675f-4bec-bd90-c44679798f60} 4896 utility
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.11.804071723\335458890" -childID 9 -isForBrowser -prefsHandle 1396 -prefMapHandle 5168 -prefsLen 25535 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {7dad644b-1156-46e3-b1b4-4f52258242b6} 4896 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="4896.12.1728371657\698739752" -childID 10 -isForBrowser -prefsHandle 6816 -prefMapHandle 6852 -prefsLen 25535 -prefMapSize 245849 -jsInitHandle 1320 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {fc6e8b43-e043-4a3a-8b30-12557fbadc37} 4896 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe --port 59634 --websocket-port 59635
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLIPPd9
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 59635 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileLIPPd9
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1260.0.1080421737\347084068" -parentBuildID 20240416150000 -prefsHandle 1684 -prefMapHandle 1676 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {b55e6077-721f-4908-abcb-dd986d26110f} 1260 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1260.1.943974674\2079594373" -childID 1 -isForBrowser -prefsHandle 2696 -prefMapHandle 2716 -prefsLen 24301 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {dfde40c7-fe0b-426d-bf80-128055c0d955} 1260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1260.2.901096287\127273156" -childID 2 -isForBrowser -prefsHandle 3196 -prefMapHandle 3192 -prefsLen 26460 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {a8f8646e-8c30-4f71-84d1-ec2833d147b8} 1260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1260.3.984358527\1362984697" -childID 3 -isForBrowser -prefsHandle 3780 -prefMapHandle 3784 -prefsLen 27313 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {7182ef36-f0ad-4f6b-8cf1-970678e55d83} 1260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1260.4.1638503779\188674824" -childID 4 -isForBrowser -prefsHandle 3844 -prefMapHandle 3840 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {ba3c96da-2307-4148-88be-76a9b14bdf92} 1260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1260.5.49791846\456187122" -childID 5 -isForBrowser -prefsHandle 4020 -prefMapHandle 4016 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {710035e0-43f9-4155-8ed3-13051f8ac342} 1260 tab
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe" -contentproc --channel="1260.6.143216107\1119148756" -childID 6 -isForBrowser -prefsHandle 4124 -prefMapHandle 4128 -prefsLen 25194 -prefMapSize 245849 -jsInitHandle 1264 -jsInitLen 240916 -parentBuildID 20240416150000 -win32kLockedDown -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\browser" - {b7fef84b-5f59-448c-acde-973698179eda} 1260 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| CH | 185.195.71.6:443 | tcp | |
| US | 8.8.8.8:53 | 6.71.195.185.in-addr.arpa | udp |
| PL | 193.56.240.157:443 | tcp | |
| FR | 94.23.172.32:444 | tcp | |
| PL | 95.214.53.96:5443 | tcp | |
| US | 8.8.8.8:53 | 157.240.56.193.in-addr.arpa | udp |
| N/A | 127.0.0.1:59737 | tcp | |
| N/A | 127.0.0.1:59739 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| US | 8.8.8.8:53 | 32.172.23.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.53.214.95.in-addr.arpa | udp |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59843 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:59851 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:60186 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:60198 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| US | 8.8.8.8:53 | 35.56.20.217.in-addr.arpa | udp |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:60488 | tcp | |
| N/A | 127.0.0.1:60496 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:60850 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:60858 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:61231 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:61239 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:61626 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:61634 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:59634 | tcp | |
| N/A | 127.0.0.1:62147 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:62155 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI14882\python38.dll
| MD5 | 26ba25d468a778d37f1a24f4514d9814 |
| SHA1 | b64fe169690557656ede3ae50d3c5a197fea6013 |
| SHA256 | 2f3e368f5bcc1dda5e951682008a509751e6395f7328fd0f02c4e1a11f67c128 |
| SHA512 | 80471bfeeab279ce4adfb9ee1962597fb8e1886b861e31bdff1e3aa0df06d93afeb3a3398e9519bab7152d4bd7d88fa9b328a2d7eb50a91eb60fead268912080 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\geckodriver.exe
| MD5 | f60c542253cbe94f762e15c7b064b55d |
| SHA1 | 7a32f034217266db6d799893edc976e891a82944 |
| SHA256 | 989c9e22c08924ecb0ce8901889dcb4dc8db33b0b4c8c88ffea38fe89f04c6aa |
| SHA512 | 1a91ba760e9893521e417a4b6ab4a25c1a1d8aadf89ad98a60eb114f65a88f9d2616f3cc102c08b95a0e91d0cb7245ecc2b4fdbbbc17465c57844e6db2b2e8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\top-1m.csv
| MD5 | ba0857be5e9736dde1f5cc44edd5d21b |
| SHA1 | b130759907909cc97bfe0d9a1fd65b8942c931aa |
| SHA256 | 7800cdef850c31931b2b520a42f858c4feb5ca86d6b3789e6173a02e909595ca |
| SHA512 | 08446902bc588e323b8fc551502ff869be6c2bb64f788d1bebfcc30a04c3e589b0616e84fc55de3d81d7b19b26e690024a442e6a27096808bc613bcecf3f6db4 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 2eeb46e1c58ff1cce4ac2d4d725b2cc6 |
| SHA1 | 89aa36e77e51da31fbbfd682a2acc91f6016d275 |
| SHA256 | e99e5ee165f2a0d5d39c5cc5a1d994c0534cf7caf8779f314f0e92b2d59d2b6a |
| SHA512 | 23d5e39c25375ef4a83713f44615078878253411cd6ca6c4a149de915cd491b328046ddd189a113585361faad6a47ebd6ead31f062681ab25b0f2832a988265e |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmpcvwmx_6f\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | 47539d0337e97e22a728afc2638d461f |
| SHA1 | d97b37079543b33b9b605c787945f809aed66fd6 |
| SHA256 | 262e52c5bbaa9bcd2dfcb4cf7da83a1efa95ebd0299f82031ad31a6ab19405a5 |
| SHA512 | 3810ebe80173d41785a42459fc5c4a8a31e56294f2c03fe99416925a34d242b88023565057201c9b6dcbdb97c8396d8305a723c0e31bb5b560b031b299672d4a |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | d262b8dc568b34fa0a37e37335db737a |
| SHA1 | 477338dfa2a841eaadcdeadb210ed0e9e419241f |
| SHA256 | b11b2168de48ecb6a5daec15e1d8eebc52fa4597d174d3a55a930466f665b0ed |
| SHA512 | ae2b0b4477d7d61c2ccbc948041e79407a140919da3dae63486e47b30ed9c041519bd3ce3cee62bc3c2ed780650abb8c54002c4197c6611af512f39da8e56f64 |
C:\Users\Admin\AppData\Local\Temp\_MEI14882\Tor Browser\Browser\firefox.exe
| MD5 | 65aa9b0f57d72e4d70e9226322221adc |
| SHA1 | 85fec174d0977afd8c0100c9d9b53c958e1949bf |
| SHA256 | 51b63860fd996d6d5b1753ba6bb7f3a4303f13187fbfecc96ba2b6bae52a7410 |
| SHA512 | f84416a5e9293b8b82993e9424b13d5bb8542d1a379d04f498b60f0b5805626b7c97bcc6f86f6cfd33031b0d65d0ad23ce6d836995b5a481ed29f62ef89b2c85 |
memory/4536-490-0x00007FFAF7E30000-0x00007FFAF7E31000-memory.dmp
memory/4536-491-0x00007FFAF62B0000-0x00007FFAF62B1000-memory.dmp
memory/1008-516-0x0000029FAE600000-0x0000029FAE955000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKjxWcz\extensions.json
| MD5 | 26b9f0d8c4da654c2afe39020f917c59 |
| SHA1 | 22ed7f8c179b6d18759b5c3c352400813f6b8c8f |
| SHA256 | 5ff724a45ce5d944c08fa8553e30776411bf5ba346d235e6a8c1b9ca48e7ea54 |
| SHA512 | 4f46ca8b9ed5ffc5d935dda5babaced6820061394676bf3791d414915fd9a91e7fece4ae414a454c22776150a027f7df0de8b13ba1b8d71f683cb47d602ac1e4 |
memory/3212-594-0x00000281D0840000-0x00000281D09B0000-memory.dmp
memory/4044-602-0x00000189CD000000-0x00000189CD355000-memory.dmp
memory/4944-605-0x0000021701900000-0x0000021701C55000-memory.dmp
memory/692-604-0x0000016D19B00000-0x0000016D19E55000-memory.dmp
memory/4192-603-0x000001E4FB100000-0x000001E4FB455000-memory.dmp
memory/4536-601-0x0000021984E00000-0x0000021985155000-memory.dmp
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | f712bdcf3bfc9fb58a75e436a2494b7d |
| SHA1 | a433c589b2c3f0c84c3505b2c197fde63a05735b |
| SHA256 | bcc93f85928614725be7d053400a40068ae22b5ba1f2dc1e7eed7549b83ad804 |
| SHA512 | 7528f7584ece3a43482cb22940e9ba6ec438e67ec36eaa043b41d17e8ce4b2afb9e6a57ad86e49d843611d211c1114b7b7f729ad599db2ffffc56e173d0923bf |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKjxWcz\prefs-1.js
| MD5 | 9e302cb6f63b35a4043342a799e562dc |
| SHA1 | 54b705c17220bd385558f63c3e03a51a8ba35b81 |
| SHA256 | 41709fe74492e1847200ec34caa9a9d915cad9c1b455c71bfd2713f2dd6d25ae |
| SHA512 | 7ead8e0ea9cbd508270f030ed920237724abb68965e5fb5ef5b5300c23f7a5ad2466580e606986d4ffb7acf84d407d789b44ee148b55a146fa759bbcab460c00 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileKjxWcz\prefs-1.js
| MD5 | fdaecb3ddc7a79fdc7e9f7dc22fc85d6 |
| SHA1 | 6cd80dcbbcf900280763ada39d3d24e5d87ed9c2 |
| SHA256 | e0783eda329466249981bcac0ce09998a963a101cfbe6719388ad45229159f8c |
| SHA512 | 1bdfd73628eb6f0294450b2d0e5be555babc65d6165ee6f04cb113af225932c71140e118f3e64b21be393dc9c2ea31a18688a92ade161e8fa1b3dcac721b411f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
memory/4520-841-0x0000026113F00000-0x0000026114255000-memory.dmp
memory/4224-861-0x000001DFC66F0000-0x000001DFC6700000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi\startupCache\webext.sc.lz4
| MD5 | 1b799cc5b6cf681cfa54d37c8ce8cb06 |
| SHA1 | 2f0fae44eb2fe74542df923e37f0c7e23a74fd17 |
| SHA256 | ce654b3257aec215ee980682aa6a48628dac50252a09301efe8686ff3f406a03 |
| SHA512 | 10263e878623c9375095f150a83e5fe42fb5feccea139e107d37b2337f0c68c4f8a47952247d7e8517876a12dcd696202b8ecdf115577c0e416a489a280451d3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi\prefs-1.js
| MD5 | 53a840719817e1355200fa9afd235e3e |
| SHA1 | 3275a59cd3311ae4a827717edd7080fec7f20bdc |
| SHA256 | 7c8dc58d7c9fa22b78824cf9cddd214b521fcc1e1b8ca5ebd7e5bfcce6dddbc1 |
| SHA512 | 3ec85614acb36f744b2a8c4320bb31ed9106eaf11e112a3d32fe68786cea08e7368b3a758cd9ebdfde4d0a33a71969dc1a63c31e2891be5e3a5502fc53b5eceb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
memory/4008-937-0x000001AA81700000-0x000001AA81A55000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi\prefs-1.js
| MD5 | 88680e8868d30182dca9bfb3ade4311d |
| SHA1 | 0ac13ccf8362dd915a35201c31ca023824ed372f |
| SHA256 | 847869aa48b8fd4545f664ec0795cac0d4b63526f25e27fc296be2a8797cd459 |
| SHA512 | 13a93dfdd66e05105fe47d91af3150cf68201e78f4b3fe63e56f7e77ee598b21aec497a0a01bfe3de0b0feec20a881c65da3c6369a9abdcab8ef67e96339e84f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilexfoIqi\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
memory/4416-985-0x00000176DD100000-0x00000176DD455000-memory.dmp
memory/2504-986-0x0000022CBE700000-0x0000022CBEA55000-memory.dmp
memory/4140-975-0x0000014FA1700000-0x0000014FA1A55000-memory.dmp
memory/468-956-0x0000017F46E00000-0x0000017F47155000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8xDaPG\user.js
| MD5 | fabecc1f2f9211cfb2669b19d504faba |
| SHA1 | b94e1452a320e49e7e6c48c4cb8c7a1fe3ae1a9c |
| SHA256 | 41aeb5c7bd40f1fbe0edc80a05d5099a0abe8f356291500e1044cf72a81b722a |
| SHA512 | 98b2ae8057364021b63eedfe29eb3134a4b1f767b76508e4e7c4b39855b4e8eb0dc8934077e3c1152ada1bcce001674bc9e5bb1bd1f91252e8b3165d0babdbd4 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8xDaPG\prefs-1.js
| MD5 | 9403b3a523fdceb12b4142ae73876329 |
| SHA1 | 5cc894ed8a12712f71b8617c7010953de9d23eb2 |
| SHA256 | 80dd21524c8af1ccca2b3693e8cc627e00589f2bf4e22df724ea0c55f5dc3c40 |
| SHA512 | 652a2be83b55c18fffe287f04c567cb5398f6583a933455aeb00f95b70264d7b085dd784686bbaa71c341e56fb657000c695cf27de632a192491115c3f82a3cd |
memory/4520-1122-0x000001D124200000-0x000001D124555000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8xDaPG\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8xDaPG\prefs-1.js
| MD5 | a4811b5a060e45a732ba818d950c4938 |
| SHA1 | 94ae0dcc7a42536d75829a66b6820988a810e734 |
| SHA256 | 4ed6ae4c83e8d76783f0be18e52faea9ad787089205b1b64eeab73506090b220 |
| SHA512 | 7a9caef61551bd98b8b504aea809869ea767f6a6c1c91e9c2ecd637399ec4dd73f4f3fcf591b97b8b8f63d0fb740fe5609edb448fe257c56af9fbca49fd081ec |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8xDaPG\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile8xDaPG\prefs-1.js
| MD5 | c98ccaab0f369be46a26940913e309d4 |
| SHA1 | a4c46650fc779336900837d92c33e730d47f0588 |
| SHA256 | 24952e411ca74020d48fb21d4fb3045ac0b2a91d894ee64910578bdf719bf9ab |
| SHA512 | 0b76b9e0fb88b95f7bd8ea5737ae765567c43ca2b865fc20c3565c63591b5d014ece21dc574a426cb3fa6fb9a3c0ddb1c71b93162d0a01cf3dc22bb4a99c2cb0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileHmFPJH\prefs.js
| MD5 | fb01c277fd4f675a2e8754569e5a055a |
| SHA1 | 2dfc95d0b40a12487eec44d11f21db0143c9e098 |
| SHA256 | d1bfd687c99d93c0bb0b36d08a86838b529a917d58efa5f30e35f4f9ab573503 |
| SHA512 | e987b26667ec3fd44548861cce037d4818cd1e0615b9a667ec26f8c2ecad81bd1004fa18afa6a4904f47507709471b26eebd02ac9b6ba97a758676c64c76e98a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJ1ci1m\compatibility.ini
| MD5 | 0f569cdc086785dbb41fda4d9d22bb73 |
| SHA1 | 1abfae46d94d87060f94ece24ded5704bfe7b78d |
| SHA256 | 26cb491b3f4239ac53d5905df95532ad5aa2d93675167a0ba71a25335875e434 |
| SHA512 | 712cbbeaa014605caf01eee01e579f3f82aca4bb5c45d6e73bb71b9965ca9202c817640e9bba192536b12313993f6ce1babda70b67f26cb086542cfa859299cb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJ1ci1m\WebDriverBiDiServer.json
| MD5 | 3854b424e200b7074cb70d60d35b8301 |
| SHA1 | 78a4f2ee91a281df451426b8b6c20499fb99e6f5 |
| SHA256 | d503b8e6d84ed9ed9a7a3cb18ec9c0e773f53e4f23fde796c523ffce6d45fc6e |
| SHA512 | 396cf7f0f638846e57a899b1ccefb04b21a7f7df9c9be3dda04ff36a9e730657899055d13f79905a47140b551d55c64b56914a61b77d50cee8890f491fe4e68b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJ1ci1m\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJ1ci1m\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | 9e2db09a74fca438e483127351a6df93 |
| SHA1 | a62aa22df704cdfa9c16689749062a87bd1be3c8 |
| SHA256 | e11f1b66ad7eaf6fbe3eb9eaa12ff793c068f448c7de0c9cc92231315e3b1a23 |
| SHA512 | acf0faf25c4cbdd4aa18a5189b818048b6a7f02dee22b5dd1cef8968fc3fffaadd58570964a53dfe3997bf80f05c0507f968eb52e37c27c4fb615d8e43bb35bf |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJ1ci1m\prefs-1.js
| MD5 | db015294a1fa33105ae0f8a31af2373c |
| SHA1 | d499bf9abddd5daf855b9d5d298358570ca7bac1 |
| SHA256 | 8943daaa9c32906973b90dfeb62ef87133c42dd75a6cd70d490907748e8a87c7 |
| SHA512 | ba1e8e14fb690f9befd7d044cfaf22bbeab416f41d67dcbca236b87593bc27333c0938505cc28a4dd4630d49c0ad1344f04a3ba2f3fb001b124566604e2b023d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJ1ci1m\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJ1ci1m\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJ1ci1m\prefs-1.js
| MD5 | 0adb0ead5a57cea23c4b55d8f4cf0584 |
| SHA1 | adf026ddc25ca9d17cb2d56d2f86cbff558f8765 |
| SHA256 | d4e6198b3ff7c4d123c00f21f24b24d788294e6b5f7e5ca821f5498afdae33f9 |
| SHA512 | 6b876cc4884e064f05eb21eccedbb6f11553a16ef3db18b5a07d9027605fb70c18be5e8912579949d87c103462672764eda8ca4ceed03b53dd26340b847f0d0b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBTZH3k\datareporting\glean\db\data.safe.tmp
| MD5 | c58234a092f9d899f0a623e28a4ab9db |
| SHA1 | 7398261b70453661c8b84df12e2bde7cbc07474b |
| SHA256 | eaec709a98b57cd9c054a205f9bfa76c7424db2845c077822804f31e16ac134c |
| SHA512 | ae2724fc45a8d9d26e43d86bcc7e20f398d8ab4e251e89550087ace1311c4d2571392f2f0bed78da211fcb28766779c1853b80742faa69f722b2c44c283569fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBTZH3k\prefs.js
| MD5 | e7e41fe66ac1f3163fb0d81bfefece9e |
| SHA1 | f1a02ebd37a05f9746e408d4e9855bdecd3a8418 |
| SHA256 | 5b25536fa754b3d039ecef766b9f5737196e50ba18d58d62295facc67515e7b3 |
| SHA512 | 427df350de30442be702e3745305933c7783109732062d677ff138159129a5afdd00b3ef64159971d2d60416761a754bd94837cdeab64058a005b0a39954bf0a |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBTZH3k\prefs-1.js
| MD5 | 83ef0a78f58f7471ab0c1e9de004c7e6 |
| SHA1 | 4b15c9a8c25e0983b151e0ee3f9192baea9d1509 |
| SHA256 | f9951174af78803044971c2beaf3f30ec13e37377427aaff090e4f75cba686f0 |
| SHA512 | 7b29f99e026342ce7e510db862107495a6a97d31d190606443e70c24bf4b9370f0b603413f5fb19d92016cb9bd2499f61792a5f8005f6102df4a1f89254ab87b |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileBTZH3k\prefs.js
| MD5 | 15374b428e22fa5fbcbc7b7252e104ef |
| SHA1 | 432ea5efcb4d5eb63750d71408ad385b5f2de8c6 |
| SHA256 | 12f361edf2f66ac2ecc57e224343e07fac1cce3edf986a719fa6ad1daf5dc1e7 |
| SHA512 | 9816ae72bc89236220c03a45abdfc56e38c9ab9926926d9b0dafaed9c02ef918d1f7955e8cf054f758a295c8c9022b3b42f07ae8ba675613b8f362f05965e379 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-09 01:04
Reported
2024-05-09 01:14
Platform
win10-20240404-en
Max time kernel
298s
Max time network
310s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Users\Admin\AppData\Local\Temp\heavy.exe
"C:\Users\Admin\AppData\Local\Temp\heavy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Tor\tor.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser/Browser/TorBrowser/Tor/tor.exe"
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe --port 50040 --websocket-port 50041
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJQXrw5
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJQXrw5
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2936.0.1600672289\1547575464" -parentBuildID 20240416150000 -prefsHandle 1492 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {eac86abf-4fa6-43aa-80cf-79876f12fe95} 2936 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2936.1.660995336\1079498009" -childID 1 -isForBrowser -prefsHandle 2316 -prefMapHandle 2164 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {17f7c28d-724f-492e-b460-eb78074497b9} 2936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2936.2.2109611828\846034904" -childID 2 -isForBrowser -prefsHandle 2948 -prefMapHandle 2944 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {9b18d79e-9e4b-41be-90ad-e3831c4c0da6} 2936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2936.3.517316445\646880266" -childID 3 -isForBrowser -prefsHandle 3024 -prefMapHandle 3028 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {bd4d438e-068b-409d-b603-db22e44bf7ed} 2936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2936.4.1420140241\179982849" -childID 4 -isForBrowser -prefsHandle 2952 -prefMapHandle 1360 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {a80a5c42-1174-4387-8625-0354a7dcfb85} 2936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2936.5.1040811082\1296343176" -childID 5 -isForBrowser -prefsHandle 3720 -prefMapHandle 3724 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {f063555d-f5b1-4f90-b883-36f9775b2386} 2936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2936.6.618875673\473498019" -childID 6 -isForBrowser -prefsHandle 3924 -prefMapHandle 3928 -prefsLen 25239 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {cc9acc58-3672-4db0-9bc9-c6093394d2e1} 2936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2936.7.1353785325\404101954" -childID 7 -isForBrowser -prefsHandle 2088 -prefMapHandle 4208 -prefsLen 25536 -prefMapSize 245849 -jsInitHandle 1168 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {db3cd324-a357-4cb7-b28d-f51e2d5cd44e} 2936 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe --port 50040 --websocket-port 50041
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5060.0.2025618106\1924586285" -parentBuildID 20240416150000 -prefsHandle 1464 -prefMapHandle 1440 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {577239b6-3f88-4d51-b863-c32711131f37} 5060 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5060.1.666502648\141309441" -childID 1 -isForBrowser -prefsHandle 2424 -prefMapHandle 2608 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {e3ad6289-5fab-47cf-8e96-99fdffad8b95} 5060 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5060.2.1283203854\1834313905" -childID 2 -isForBrowser -prefsHandle 2956 -prefMapHandle 2952 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {312f5c05-8d28-4642-a992-cce569ff24ae} 5060 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5060.3.2124728165\1278574145" -childID 3 -isForBrowser -prefsHandle 2968 -prefMapHandle 2964 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {48170307-ac7a-4c14-95a6-acba7be36847} 5060 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5060.4.1253747832\1530476716" -childID 4 -isForBrowser -prefsHandle 3600 -prefMapHandle 3628 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {a4025a5c-b93b-4737-ae00-2f0afbcf2711} 5060 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5060.5.1063139704\1747993651" -childID 5 -isForBrowser -prefsHandle 3776 -prefMapHandle 3780 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {212e1953-c82c-4723-b5ec-7b589afec6e2} 5060 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5060.6.1487674980\1356574295" -childID 6 -isForBrowser -prefsHandle 4000 -prefMapHandle 4004 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {2b65171c-dc7d-4e7e-828e-a30a0b4cbee7} 5060 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="5060.7.2058324548\1122075865" -childID 7 -isForBrowser -prefsHandle 4144 -prefMapHandle 4336 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {a00882a6-556e-4167-a605-535183c2a2ac} 5060 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe --port 50040 --websocket-port 50041
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFl9kbc
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFl9kbc
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2268.0.251260746\763817813" -parentBuildID 20240416150000 -prefsHandle 1464 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {dbbb1f22-8344-4088-850b-3490c4afcbd9} 2268 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2268.1.1603927741\131487642" -childID 1 -isForBrowser -prefsHandle 2444 -prefMapHandle 2468 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {33293eee-c921-4117-9a9d-21688332555c} 2268 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2268.2.444027993\1339203121" -childID 2 -isForBrowser -prefsHandle 2944 -prefMapHandle 2940 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {e5850d79-d7a6-48dd-98e9-aaa6e6eebde1} 2268 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2268.3.1605933753\33264136" -childID 3 -isForBrowser -prefsHandle 3048 -prefMapHandle 3012 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {44dbd79e-2b02-4dfb-944f-9383bbc2ad77} 2268 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2268.4.617201057\1379690579" -childID 4 -isForBrowser -prefsHandle 3644 -prefMapHandle 3640 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {ad44af13-d588-4214-9811-38fc4e607b48} 2268 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2268.5.921144153\2091224667" -childID 5 -isForBrowser -prefsHandle 3800 -prefMapHandle 3804 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {614912c6-1d69-45af-9288-a32c143a17b5} 2268 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2268.6.415089340\428110003" -childID 6 -isForBrowser -prefsHandle 4036 -prefMapHandle 4044 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {87f1abeb-58f7-4b2e-b7a8-98f7845e44f9} 2268 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="2268.7.1411311491\2140424605" -childID 7 -isForBrowser -prefsHandle 2964 -prefMapHandle 4384 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1184 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {bc0f5347-e9b8-4a54-a8fe-667f87761797} 2268 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe --port 50040 --websocket-port 50041
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegqyRk6
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegqyRk6
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="688.0.2081677406\1452642397" -parentBuildID 20240416150000 -prefsHandle 1492 -prefMapHandle 1480 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {72575920-9fa1-4d03-ad90-c9fa091ad5cc} 688 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="688.1.2102538441\1891514389" -childID 1 -isForBrowser -prefsHandle 2556 -prefMapHandle 2096 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {cbd5badc-88e7-4263-b435-cf6e1a416dc1} 688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="688.2.1282427331\561733098" -childID 2 -isForBrowser -prefsHandle 2944 -prefMapHandle 2940 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {12c469d2-f982-4cab-91ca-9eb87ec94cdc} 688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="688.3.186573220\1244895116" -childID 3 -isForBrowser -prefsHandle 2960 -prefMapHandle 3076 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {b914721d-94b8-479d-bc0f-3e161c8aadc2} 688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="688.4.180614163\1700688064" -childID 4 -isForBrowser -prefsHandle 3656 -prefMapHandle 3652 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {1dd8938d-7ddc-4956-8b50-f2b02e966760} 688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="688.5.1117383902\449646807" -childID 5 -isForBrowser -prefsHandle 3844 -prefMapHandle 3852 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {d537af00-b87a-416b-89df-e079b8d01c28} 688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="688.6.1059866441\1250140167" -childID 6 -isForBrowser -prefsHandle 3908 -prefMapHandle 3912 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {66aa460b-2579-4be9-80e0-6b0eff10bb81} 688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="688.7.1695168286\534571441" -childID 7 -isForBrowser -prefsHandle 4320 -prefMapHandle 4324 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1144 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {002b974b-35e0-4053-bad5-60e3ed92d7cf} 688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe --port 50040 --websocket-port 50041
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileweYNwS
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileweYNwS
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4696.0.1269730071\1716235083" -parentBuildID 20240416150000 -prefsHandle 1480 -prefMapHandle 1456 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {2ddd24ad-4cc5-469b-945b-7ca75a1c6a6d} 4696 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4696.1.2146811722\883313883" -childID 1 -isForBrowser -prefsHandle 2252 -prefMapHandle 2268 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {619080c6-705f-42a9-8cfb-12ebad2669b7} 4696 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4696.2.1263585937\1412349763" -childID 2 -isForBrowser -prefsHandle 2936 -prefMapHandle 2932 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {b48c2bb8-651b-436b-b5ab-b3deb1402a53} 4696 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4696.3.682407991\998030179" -childID 3 -isForBrowser -prefsHandle 2940 -prefMapHandle 2944 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {cce92ccd-cefb-4d95-b354-66a26b241743} 4696 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4696.4.33673086\2037272280" -childID 4 -isForBrowser -prefsHandle 3652 -prefMapHandle 3648 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {93f3e7b8-4fdf-45b1-81c0-2c112df5f094} 4696 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4696.5.177890596\1144452508" -childID 5 -isForBrowser -prefsHandle 3796 -prefMapHandle 3864 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {bc1f2323-8b48-4d64-a3b4-e3afb76ec593} 4696 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4696.6.162749896\1679030357" -childID 6 -isForBrowser -prefsHandle 3976 -prefMapHandle 3980 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {8465e538-365a-4e4c-8ddc-f279dc6912bc} 4696 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4696.7.514736789\551788498" -childID 7 -isForBrowser -prefsHandle 4396 -prefMapHandle 4400 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1124 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {860ac0ab-9984-4237-a826-dad94c5be8d5} 4696 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe --port 50040 --websocket-port 50041
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileIlhAxY
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileIlhAxY
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="1196.0.1368107443\2034287192" -parentBuildID 20240416150000 -prefsHandle 1476 -prefMapHandle 1420 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {a5490f7f-925a-4940-bf73-8a98a6a25e29} 1196 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="1196.1.899758057\1261498128" -childID 1 -isForBrowser -prefsHandle 2436 -prefMapHandle 2432 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {a7f12249-cf31-441e-8a39-ebae1ac160a4} 1196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="1196.2.1697880597\550676777" -childID 2 -isForBrowser -prefsHandle 2932 -prefMapHandle 2928 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {623a0b3a-4258-427f-9d51-6cb3ce883721} 1196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="1196.3.507638545\1506843753" -childID 3 -isForBrowser -prefsHandle 3032 -prefMapHandle 3020 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {25a8ad10-4370-4f70-9474-d5347fd6b20e} 1196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="1196.4.1656862434\2004070475" -childID 4 -isForBrowser -prefsHandle 3628 -prefMapHandle 3624 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {4099a1c8-bebe-4c24-a302-bb066a2bebb9} 1196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="1196.5.1905196934\542683584" -childID 5 -isForBrowser -prefsHandle 3848 -prefMapHandle 3844 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {a8d26ac7-b7a4-4135-abc9-ac8dd3851984} 1196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="1196.6.112237808\1573212795" -childID 6 -isForBrowser -prefsHandle 3748 -prefMapHandle 3752 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {0d5e075b-a392-4961-83e4-234f7bcd96fc} 1196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="1196.7.2089486905\474598702" -childID 7 -isForBrowser -prefsHandle 4332 -prefMapHandle 4340 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1132 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {7c24de05-50ce-4974-a197-339e9011c62b} 1196 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe --port 50040 --websocket-port 50041
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser/Browser/firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxbKBQ
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" --marionette --remote-debugging-port 50041 --remote-allow-hosts localhost -no-remote -profile C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxbKBQ
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4688.0.569080140\905986187" -parentBuildID 20240416150000 -prefsHandle 1488 -prefMapHandle 1464 -prefsLen 21882 -prefMapSize 245849 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {74d9ebbe-b2a3-4320-a5fd-2a55ca43fd93} 4688 gpu
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4688.1.141948165\1444700350" -childID 1 -isForBrowser -prefsHandle 2508 -prefMapHandle 2564 -prefsLen 24346 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {b2b27105-fa88-4e60-90ac-99df87bad7c2} 4688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4688.2.2113835016\1640350581" -childID 2 -isForBrowser -prefsHandle 3004 -prefMapHandle 3008 -prefsLen 26505 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {11af5dd2-02ee-452b-8c1b-17e9c4ab1d24} 4688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4688.3.2035702451\1471959310" -childID 3 -isForBrowser -prefsHandle 3088 -prefMapHandle 2980 -prefsLen 27358 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {0394e8fd-21c7-4e79-8c63-6e809c557e2a} 4688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4688.4.2031362238\2135426029" -childID 4 -isForBrowser -prefsHandle 3708 -prefMapHandle 3696 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {a62be892-97ec-4b75-a9ab-9d24ed25ebb6} 4688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4688.5.37272660\404549329" -childID 5 -isForBrowser -prefsHandle 3284 -prefMapHandle 3300 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {9d9e0eda-2fb4-4500-a279-60b23c65870c} 4688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4688.6.462993589\1002629929" -childID 6 -isForBrowser -prefsHandle 4024 -prefMapHandle 4028 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {71519d47-c9cc-4f54-8d1b-ca71c2939835} 4688 tab
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
"C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe" -contentproc --channel="4688.7.1673468096\1283693585" -childID 7 -isForBrowser -prefsHandle 4068 -prefMapHandle 4072 -prefsLen 25288 -prefMapSize 245849 -jsInitHandle 1136 -jsInitLen 240916 -parentBuildID 20240416150000 -appDir "C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\browser" - {f17ceec0-c6fe-4ca0-b32b-1ac2e122b126} 4688 tab
Network
| Country | Destination | Domain | Proto |
| FR | 178.33.36.64:9090 | tcp | |
| US | 8.8.8.8:53 | 64.36.33.178.in-addr.arpa | udp |
| DE | 159.69.71.228:9001 | tcp | |
| FR | 163.5.159.230:9200 | tcp | |
| US | 8.8.8.8:53 | 228.71.69.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.159.5.163.in-addr.arpa | udp |
| N/A | 127.0.0.1:50143 | tcp | |
| N/A | 127.0.0.1:50147 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50238 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50246 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50604 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50612 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | 30.73.42.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:50040 | tcp | |
| US | 8.8.8.8:53 | 98.56.20.217.in-addr.arpa | udp |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50918 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50926 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:51200 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51208 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:51494 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51502 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:51799 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:51807 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:50040 | tcp | |
| N/A | 127.0.0.1:52097 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:52105 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9151 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI44522\python38.dll
| MD5 | 093cc8dedee3c0d9a59761fd91d267d9 |
| SHA1 | 7a92e7b5133dab7464a8dc0915e14802e03f3107 |
| SHA256 | 602be727a80ce61151fbf5ca567750db0ff9de0b3bf9671b7b66b3f6e43d1a7e |
| SHA512 | 6a06d0bc8be52844995fcd677bbd51356fcda5a3bdeb0a4326ec0e9d5c962eb56adbf98795e52fa68ecc1130c570b02fb8da4ad7df13d219e0f79b380961b424 |
\Users\Admin\AppData\Local\Temp\_MEI44522\python38.dll
| MD5 | 20071da7faf33c2b02e74f43f55a946e |
| SHA1 | 78a10c8cb10e2ad4ce2a9cb23938388c87944909 |
| SHA256 | e19bad0c7aea54ef1b905f7f78142ea3513c4c388b3d54541e55c95ced167841 |
| SHA512 | 252c61343cdb2da1d581113b489910aade479ace4b42a4e07c7f4a5a0acf2642271248a2c70dbd29175e5eb5ce41a7efee77f1b6fc103587e88692220302efcd |
\Users\Admin\AppData\Local\Temp\_MEI44522\VCRUNTIME140.dll
| MD5 | 4a365ffdbde27954e768358f4a4ce82e |
| SHA1 | a1b31102eee1d2a4ed1290da2038b7b9f6a104a3 |
| SHA256 | 6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c |
| SHA512 | 54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\base_library.zip
| MD5 | 09f7062e078379845347034c2a63943e |
| SHA1 | 9683dd8ef7d72101674850f3db0e05c14039d5fd |
| SHA256 | 7c1c73de4909d11efb20028f4745a9c8494fb4ee8dcf2f049907115def3d2629 |
| SHA512 | a169825e9b0bb995a115134cf1f7b76a96b651acd472dc4ce8473900d8852fc93b9f87a26d2c64f7bb3dd76d5feb01eeb4af4945e0c0b95d5c9c97938fa85b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\_lzma.pyd
| MD5 | cf9fd17b1706f3044a8f74f6d398d5f1 |
| SHA1 | c5cd0debbde042445b9722a676ff36a0ac3959ad |
| SHA256 | 9209ccc60115727b192bf7771551040ca6fdd50f9bf8c3d2eacbfd424e8245e4 |
| SHA512 | 5fe922c00c6f7fd3cd9bc56fc51de1f44adffbdb0afc0583f1bb08008be628b9ac16f8560b0c3ba16138e1cdcaf1c525ef24241bed804804cdeb5961aed6385a |
\Users\Admin\AppData\Local\Temp\_MEI44522\_bz2.pyd
| MD5 | a49c5f406456b79254eb65d015b81088 |
| SHA1 | cfc2a2a89c63df52947af3610e4d9b8999399c91 |
| SHA256 | ce4ef8ed1e72c1d3a6082d500a17a009eb6e8ed15022bf3b68a22291858feced |
| SHA512 | bbafeff8c101c7425dc9b8789117fe4c5e516d217181d3574d9d81b8fec4b0bd34f1e1fe6e406ae95584dc671f788cd7b05c8d700baf59fbf21de9c902edf7ae |
\Users\Admin\AppData\Local\Temp\_MEI44522\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
\Users\Admin\AppData\Local\Temp\_MEI44522\_ctypes.pyd
| MD5 | 291a0a9b63bae00a4222a6df71a22023 |
| SHA1 | 7a6a2aad634ec30e8edb2d2d8d0895c708d84551 |
| SHA256 | 820e840759eed12e19f3c485fd819b065b49d9dc704ae3599a63077416d63324 |
| SHA512 | d43ef6fc2595936b17b0a689a00be04968f11d7c28945af4c3a74589bd05f415bf4cb3b4e22ac496490daff533755999a69d5962ccffd12e09c16130ed57fd09 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\_socket.pyd
| MD5 | 4827652de133c83fa1cae839b361856c |
| SHA1 | 182f9a04bdc42766cfd5fb352f2cb22e5c26665e |
| SHA256 | 87832a3b89e2ada8f704a8f066013660d591d9ce01ce901cc57a3b973f0858ba |
| SHA512 | 8d66d68613fdba0820257550de3c39b308b1dce659dca953d10a95ff2cf89c31afe512d30ed44422b31117058dc9fa15279e5ac84694da89b47f99b0ad7e338a |
\Users\Admin\AppData\Local\Temp\_MEI44522\select.pyd
| MD5 | e21cff76db11c1066fd96af86332b640 |
| SHA1 | e78ef7075c479b1d218132d89bf4bec13d54c06a |
| SHA256 | fcc2e09a2355a5546922874fb4cac92ee00a33c0ed6adbc440d128d1e9f4ec28 |
| SHA512 | e86dba2326ca5ea3f5ef3af2abd3c23d5b29b6211acc865b6be5a51d5c8850b7cda8c069e6f631ac62f2047224c4b675bbe6ac97c7ba781de5b8016ebaffd46f |
\Users\Admin\AppData\Local\Temp\_MEI44522\libssl-1_1.dll
| MD5 | 50bcfb04328fec1a22c31c0e39286470 |
| SHA1 | 3a1b78faf34125c7b8d684419fa715c367db3daa |
| SHA256 | fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9 |
| SHA512 | 370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\compatibility.ini
| MD5 | e50a617598b0f635e6f9ae4a9d445b78 |
| SHA1 | a372ec393dd6271bd00cf02f894152887765da8b |
| SHA256 | c9053fe76caf2607aa3043fa8b60070956198590dd8aab868145e0644cee30f5 |
| SHA512 | e851c226c38d4a6dfe43074d455fd75483d6c9b4d9521280a64f5b1913a055084d7764f13a8d0a12142a716a4031cc2ca4916c131d41c18a4d7a95128cb03bc0 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\addonStartup.json.lz4
| MD5 | 85de06e3d4c6f39404776f3c7162c59b |
| SHA1 | 3e4b8ecebaa9c903d220ee23d367be8e8ba27619 |
| SHA256 | 33d83687f45f4dbe12db0a0ce697cbce2c228d71ed474ad10a839ff7ce95012a |
| SHA512 | 6cd4cac7bd74ac01de30d242b2bc75e7dc2e23c0871250ae8176cc947553dbfc702a2392380acdad6bec355aea6dfa95708af54c560330c36c05bb0f34169963 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\xulstore.json
| MD5 | 8d689c06cb844185099c0398a280537e |
| SHA1 | 57073c7526ec37e94bb9db44fedc6d50276f7a6b |
| SHA256 | 96729e9b38f216605ff10715f96f364be32f02e2de23ede7e74b78244605124d |
| SHA512 | 3c7df326c695143915df1068cb2c0f58e93e4881b2c4d94b33948b80e954fbd4cf944ae53b4d15002b79fcdb8e88f8e9cf4c89ca50f56b7cfd8a13ea7dd6fff8 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\webappsstore.sqlite
| MD5 | 41c22c9f81a84b1b0e5ee7ec2ff7c545 |
| SHA1 | d12424cba9e4e9124bf3f15e556c562b95c9b6a3 |
| SHA256 | 4ffdc78433817da79ad2e84b26a2ffaf62d8c1baf80421751d752c3d8723328f |
| SHA512 | 8b690c55ae0b25aeede62a09dea1ef6b7daa9880ca63c6d4ce192160daded05fe0dc44b115216ce10523e2ec45991873c249f159fe8608712818f5ead327897b |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Tor\tor.exe
| MD5 | dff7c11471a2f55c9dcdbffacbdd24e6 |
| SHA1 | a86bf99113b0118aaeca6ff79a53d2b1a68b85a8 |
| SHA256 | 88a08a38f16810abfce451d234a6e02bf61a808bce1a897b6dbc399d0e1a90f5 |
| SHA512 | f56698f649e4b688dcc2bd4b4f573bcf5ef4a5464290f82766e5bfe35c9f85ca2d619f6800b86356c31b9d4875d8e46909a07166593da8cca5f612069d836b48 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\times.json
| MD5 | 797325af481a14ae243f10d5f24b4a0d |
| SHA1 | 718b6ed3d9d839b8fe0a0e097b9ac5f5770ed5a1 |
| SHA256 | 1d70eaebce1c81e3241ae47deb92aab50f90dd8baa4c7cb5e9f7eb6b1e66abb1 |
| SHA512 | ac9aa2b028bdffe24831ba50894fb48eb70b100f6973875987e24f075a3e9196f96699667eb3a5d2e4f86041d510447c75fe6e55562813451712878a3411c3b1 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage.sqlite
| MD5 | 7f2754df6a4a580b15910f449892766d |
| SHA1 | 9dcaad98563ed89781f53941cbc43db5454de7f5 |
| SHA256 | d3765d63c380e5a79296d566b7869c08b1f4e079787176f29cf2ddcd76330654 |
| SHA512 | 25f0205a8c4aed02e9e1f9ecafffb36cb3bb795ef9f06cc12ede9e8b0459ae5b86573b3b4980b92073a59204eaf314cba34c03b99e90ab98f804fe378fe02839 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | ecb1dedf5ef99417494e424ca42eb67f |
| SHA1 | e2a293cbba50c6624e75cdaffe472967f3961023 |
| SHA256 | cccd56daa3559a54db61113fbdb5b6c96649cdd65b5cf14bd442c3f2e3b738be |
| SHA512 | 5ea0645775933d5bd2f913d58e344253a58578c920af95bd0fb81ff4f13a4998a919f0856ffdc97541abf9fc3797558b0f2467bc73214b63c7ce568ba87e550b |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\.metadata-v2
| MD5 | 7abc816e004d9ed0f292770cfa8876cb |
| SHA1 | 4a1eeb702543f0819ef7c64b9f3bfd53be292106 |
| SHA256 | 2960d61c10694d76f29beca0eb96c06608cf4bbf479811449a39197e8580842e |
| SHA512 | 9883b894e65a426227ea9808b69e2259f206df76bd9bb9e7c0ebd7521acbdad0a92c4a531f739c93b1e53001eca8a1a42e122baa1e1885b11d4ba34aae24961a |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\ls-archive.sqlite
| MD5 | d277f533f1d77e26d09bb66764bbeea6 |
| SHA1 | 082920ebe7dfb870cf94a99fc601fd5ae8b456ee |
| SHA256 | 3c957f8d69ccfe73b66c28d378bf301bb1bcb0ceb5c59ac0dafeb5787b24f3c3 |
| SHA512 | 510c78685b20a68160d9041d5a55a022a281fc0fd5777f978dc422d132961bf52ac23a0a95ca47b15715641ecb7a39b359da8d00d305c8543d553c00db54747d |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | cbb1daad9fc48ab13e35fcd3621a5999 |
| SHA1 | 0eec8ece735465aea259f8223762f93fb13a97a0 |
| SHA256 | 8a03ae38ee38cf04dd9a5e2c5563bfd930886cae2170ed4200829288e5c155da |
| SHA512 | 818629d68123ae629bd5a1c7e768ed79707360457be1b7c50f7c59447bf9ee398fe78c925f037649d6b1ca529a9cf3bf8077b6f525f3e88142c56bc7e5451e8b |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\.metadata-v2
| MD5 | 2c740091198dcf20b9c600791e2bcc3c |
| SHA1 | dd6f376ba9139ddec20ece64da0760054133db96 |
| SHA256 | e39504c71ba91c438c682a8c83c7ecfc5410b853d7788a4c561a8c6e90bdbe59 |
| SHA512 | a677a432a4af6b5ad0131d224d2e4c999c2340a54ba770f9f39429fd28ad05a921fcf65a1b714af5deae2419abcf8ab38472e15f0f8758ccf7b7769a40bafffc |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\sessionCheckpoints.json
| MD5 | 48fcad918c62db97e9af1dba1d131473 |
| SHA1 | d89381594d3241b0e645033f67572a5d8c166764 |
| SHA256 | dd8349e2789db1125b477971c5d445b6afb2f6ea3b57de65080631040900fe8c |
| SHA512 | 2278d074aab519859188b047c77fe7b4db718e0af237b63e06a1b095d7a1eb4e07d6ea59cab5d7b1325aae0047fadea36eae12a80bfefe112aab85fc18aa1ca3 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\search.json.mozlz4
| MD5 | b6d7fc9b6ebc5f46500acc52bf6c9808 |
| SHA1 | 4fd8111c436d89b83890e98b4cb7d0343e568340 |
| SHA256 | 2bd35c40d02dfca6c685a001287d89c1ec743b8d4d87a0a568c1cbd0b5ba4974 |
| SHA512 | 7e7111112af9448be4da527ae1d76ed93ec1e236dd00db63ff30d93d1f29cd699193e1e2635b110dda3ec36502c25065ef7d1613537451916ea301eb0f3e084b |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
| MD5 | 8565a303ddc83b03f8662b034597de18 |
| SHA1 | ce6453779eb52055599ddba097a95ab82512ae5b |
| SHA256 | b6ffe8a2973d7050fd5ffcf7ee1c995eef8d8dc5d58cb0a05a6ca0953bd4c6bd |
| SHA512 | 2b667252645b7f1202582beb353fbb2320f81b1f2e42a8327792309709434092a953727b222a5d81bac1482a547a498ca5c9d3d2c772858746cf29d18c684566 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
| MD5 | 53979ab0bb6af588eafd096e7ddec628 |
| SHA1 | 6a8efe246b23c243d93d8f020b21cc2d49c81816 |
| SHA256 | a0b39a28c4af2db84121332570441aabd2ff293b19e5728424686f0dc87454c7 |
| SHA512 | 3107d390f3588bdae429d05b7c6a3afc5d037cd7957a1b11a59ce493781a7e140a3df0cb8bd1183e6b762dc7254d0448f36673d448d109440920c8d0c664086c |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\favicons.sqlite
| MD5 | 0351b833a5c095852e821535974441c8 |
| SHA1 | bcbf5c294852c2d80af7862d19791b994aea7706 |
| SHA256 | dd13400afe7ebe5d0be37c951ff961be293b63588cc3635a62fa5f071ab69eef |
| SHA512 | 3eaefe9e400fadf0b947036e15b4dc5c7b42fbbcb716426ba478073eff1e7d7bddf3f72c44dfb5fafe6712d7ea9f2c52c172607d719f238a22e432afdb618b97 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
| MD5 | e2e8f9cf938f81b1185086b12c5c9d90 |
| SHA1 | b67c857a7002b3262f09ffc9fa8524c58a01e5b9 |
| SHA256 | a053bba02f38179197090a9a9849aab872af5b09dc61b2f69efb0d8ea2d0f5e2 |
| SHA512 | 3bab571f5c43ff72ce1dd654b584d053cba937a3d3cc4d07cbf57ac7acc821b199b90fab66abc62dbe32e75297143c810c995d87df076e75a583e321d081d87f |
C:\Users\Admin\AppData\Local\Temp\tmplscw9533\webdriver-py-profilecopy\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
| MD5 | a3fb2788945937b22e92eeeb30fb4f15 |
| SHA1 | 8cade36d4d5067cd9a094ab2e4b3c786e3c160aa |
| SHA256 | 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd |
| SHA512 | 4897aefe3a0efffaa3d92842b42fe223f0b9882031a65bea683f4554d1fec92b8a66ea15c67e9b95c7fc12991cde3245010ccfb91768ba233711ced3412c13bc |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extension-preferences.json
| MD5 | d2e8aceaa00ad916618bea2eee81aedf |
| SHA1 | 28b26f0db0b4b2504a418983089795761c56e4a1 |
| SHA256 | fc52b830f384921b69b457fed04dfb4239fb08e9fe7d8ac07c4c269bd9f6f622 |
| SHA512 | b6cb1f872dfc024d28524976aca3ad8840943ca0fc212326e8b6ee6fe0a57d5120a6c1da824ab70d7f9ee8dd674bdd32ace038db4d893b893830bf3267c6e59d |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.bin
| MD5 | b1c8aa9861b461806c9e738511edd6ae |
| SHA1 | fe13c1bbc7e323845cbe6a1bb89259cbd05595f8 |
| SHA256 | 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70 |
| SHA512 | 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\cookies.sqlite
| MD5 | 5caa766855d5613a999f71b7812d6451 |
| SHA1 | ad0d9a52a0d5cc7f11858301dbe47377ed99ee37 |
| SHA256 | 3a8ce2b07e3e8678a13aa58ef5b942c4dccd8f9c84511bdeb8847ef270797e27 |
| SHA512 | 17bb0f4c87ec178910795b25ce85e74cf599190c769592472c3e872f42930c93f28faf0ff3e448816a9abcc8af0459852bed52bee08cfe25d068879c6dfd8eba |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\content-prefs.sqlite
| MD5 | 2ec530a71bdac21f299f9ddb823be222 |
| SHA1 | 5425aaf19c0832cda06be506e88f2435f432d287 |
| SHA256 | ccad2cafe84d27b3be67a87f0e32b7670e451c7ceefce6f2aa38f658976334b3 |
| SHA512 | 94eec8b0f59c68331d9187dd4dd4aa2b2c31d844e72bf707cd9e0c7c72c64982a3babcacf3d09a996422281ac5479ee304b41a577e54a74308d7a31a7d7091d4 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\containers.json
| MD5 | 26dd091069531a62061de8ca1c56d46b |
| SHA1 | 6c9daa73f096174f28f86c9bb245cb8a540f5c2d |
| SHA256 | 2cde4e7f9f1c6ab6fcf729370237845c72314a6c6d942fab1989f37e6c610a9a |
| SHA512 | 180d42c642f5d1126efbf89af33f1b4d1aa936aa530834b508eabcf3ec845aad91daa871ee6517e1181910f5720edbc3788d6a4b2455f1255d7b52b95de2d66d |
\Users\Admin\AppData\Local\Temp\_MEI44522\_queue.pyd
| MD5 | dd146e2fa08302496b15118bf47703cf |
| SHA1 | d06813e2fcb30cbb00bb3893f30c2661686cf4b7 |
| SHA256 | 67e4e888559ea2c62ff267b58d7a7e95c2ec361703b5aa232aa8b2a1f96a2051 |
| SHA512 | 5b93a782c9562370fc5b3f289ca422b4d1a1c532e81bd6c95a0063f2e3889ecf828003e42b674439fc7cd0fa72f64ad607bab6910abe9d959a4fb9fb08df263c |
\Users\Admin\AppData\Local\Temp\_MEI44522\_ssl.pyd
| MD5 | d4dfd8c2894670e9f8d6302c09997300 |
| SHA1 | c3a6cc8d8079a06a4cac8950e0baba2b43fb1f8e |
| SHA256 | 0a721fc230eca278a69a2006e13dfa00e698274281378d4df35227e1f68ea3e0 |
| SHA512 | 1422bf45d233e2e3f77dce30ba0123625f2a511f73dfdf42ee093b1755963d9abc371935111c28f0d2c02308c5e82867de2546d871c35e657da32a7182026048 |
\Users\Admin\AppData\Local\Temp\_MEI44522\libcrypto-1_1.dll
| MD5 | 89511df61678befa2f62f5025c8c8448 |
| SHA1 | df3961f833b4964f70fcf1c002d9fd7309f53ef8 |
| SHA256 | 296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf |
| SHA512 | 9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668 |
\Users\Admin\AppData\Local\Temp\_MEI44522\_hashlib.pyd
| MD5 | 5e5af52f42eaf007e3ac73fd2211f048 |
| SHA1 | 1a981e66ab5b03f4a74a6bac6227cd45df78010b |
| SHA256 | a30cf1a40e0b09610e34be187f1396ac5a44dcfb27bc7ff9b450d1318b694c1b |
| SHA512 | bc37625005c3dad1129b158a2f1e91628d5c973961e0efd61513bb6c7b97d77922809afca8039d08c11903734450bc098c6e7b63655ff1e9881323e5cfd739fd |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\unicodedata.pyd
| MD5 | 601aee84e12b87ca66826dfc7ca57231 |
| SHA1 | 3a7812433ca7d443d4494446a9ced24b6774ceca |
| SHA256 | d8091e62c74e1b2b648086f778c3c41ce01f09661a75ea207d3fea2cf26a8762 |
| SHA512 | 7c2d64623c6cfd66d6729f59909c90aa944e810ff6514c58b2b3142ee90e8660b7ddf7fa187389dd333e47efe8b19e935dd4e9119c15375b69b4880d043877d7 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\top-1m.csv
| MD5 | 11136fa0eb32dbafb2979b5c07816a51 |
| SHA1 | 783b6bba1043b11a3850ba5c922e39bb1409d094 |
| SHA256 | 98c29fb0f6ecdff973c17b62389b8892a69bda49e2dd0c0ca888ebf4ae1f322f |
| SHA512 | 3f20d5d0f977dc1661bdf98394674ac5c3b1d85873d6ddc1c2a430ae2d0d46d517473c9884e60474093dcac5436d8aab64d98c0e56532edc49b449822aecec49 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\pyexpat.pyd
| MD5 | 2ae23047648257afa90d0ca96811979f |
| SHA1 | 0833cf7ccae477faa4656c74d593d0f59844cadd |
| SHA256 | 5caf51f12406bdb980db1361fab79c51be8cac0a2a0071a083adf4d84f423e95 |
| SHA512 | 13052eb183bb7eb8bb2740ff39f63805b69e920f2e21b482657a9995aa002579a88296b81ec415942511d2ed146689d1868b446f7e698e72da22f5c182706030 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\nss3.dll
| MD5 | 71747091d34cc634b9ad3c360b45b0a9 |
| SHA1 | 111cf483836f6a392f64bc9398a327be1c43dfc8 |
| SHA256 | 6e69c7c93a9d06c34c5f5429813d3763fe7ae4fb09c1dc5b0f0290b2dd8befcf |
| SHA512 | b911fd3b201a84c7663135c2dbf72e2368d68557181f5e1a32be271b0e73181f34990575fba44002fc92bae7d90caf530b7ec9212d3d022b4526906f0c2eb35a |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\mozglue.dll
| MD5 | 3e4d1ec1d2a6e85593459601b5a0a828 |
| SHA1 | 92ee422285282dcb170cbc7808299d14d8d27963 |
| SHA256 | eefcf97ee8a298c85c9d4d44bb8747c0cca1ef5922e25000814148fd0fbfb2f5 |
| SHA512 | 4fe70fdbf8c902497537fbcda6e96373c636521aba2db52e3047abad37a9b857ab1668f203bcdf2815bbe0c485ec751dd6031043f459fd4af968c5d495e44ba4 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\mozavutil.dll
| MD5 | 4ecbb73d44518fc2b601a1ac9a38dcad |
| SHA1 | f7c96e85d5b32af8efb784e75164ec4f0c6f4f10 |
| SHA256 | 7f629ecfd36353139e9b067dc5ba84b411ed74132aef01b4430ccb016af46a52 |
| SHA512 | 12946996b2bdd87dd08cf046b37ff21dc23ab336c92d2b42cfa2000743c79524205004623b67505294080f60f9b5433005457f8a385e0461cef2cded6aa3d610 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\libcrypto-1_1.dll
| MD5 | cc1e00a19e4ef6f25141e7e8adadaf6a |
| SHA1 | f710a49c7c95fcfb2349bc8dbed9f17155366194 |
| SHA256 | 3cdb90b4a75d918c960a26fd0c271e7f54dce21671c21d3246e7fd5b78cef210 |
| SHA512 | b18fd424a691ebb290fdd6c7ca902a4e6b67a0f039c922a9634f2d816998b5847e2f9d2fc6bc302c087e27f49f59fdd06e31b750db9b7688be75e4c12baf5f94 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\lgpllibs.dll
| MD5 | 726abf1280adf3129481b94b2bc644c4 |
| SHA1 | 404f69e71296f2d199535e8a6d9fb56707fcbc5f |
| SHA256 | 8969747ecb7dfd4a6dcb9150017e14ebbf90ce558f6fb469f6b558d039e9259a |
| SHA512 | 160b57aa1a28ff35210cf958fd7821aa2cc1cf6fca1ea38d768fa90111826b096518363b00b6818d21743aefd6bbbfa358fbe2fe3afa95edacb330a747c6e5f3 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe
| MD5 | ecd8efd4cab1e6f7d84483c09c9ce6b7 |
| SHA1 | aafe438def0edbe9176f462d1e4e8c4a1883540c |
| SHA256 | 5032f5bb47f24f8e677397e347fdb4a501b0eda42f5d5aa2f5186edadf9838ec |
| SHA512 | eb40225be2070f88465d35b56d5fd2f94ef4a9ead2306ce5c81bb2fa31b1c252e7b8f57befad32130023c5893fd1cb499c387daeb9b760ce2d008691c5359ea9 |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\geckodriver.exe
| MD5 | 5ce293634917b535b9980244a5600710 |
| SHA1 | 98fd55b185c0af2a4f1c81dd946fd24d2113756f |
| SHA256 | 3f6716f70262cdb08b625bc472d2e8f5e40ca6c2f210b6de8bb91c64065bb9be |
| SHA512 | 2e039038c0b2de9996ccaa1430d5db47d6e6d09f89c59f6b386f59742074ce0bbcfdacdddef645746af48cdd50ca82c3379652445a0d162e976a12c098679f7f |
C:\Users\Admin\AppData\Local\Temp\tmplscw9533\webdriver-py-profilecopy\favicons.sqlite
| MD5 | cef7e290b89aea3372d2ca019c5ed6a1 |
| SHA1 | 2def39d23c90ec7099b0ae7fe160b82505dac63b |
| SHA256 | f2c482fe41b468e670ca6b93c3be99e805a8f65ddfa5b24a47266876b6ddfc2a |
| SHA512 | c905b7ce4e3e9c67d8453d225f5f54e224ce151816723f8f44cd3ddd0ce3d9d69e024d00a37d8cb33817f381273e478097eb68121794b7c67666b13da5c60018 |
C:\Users\Admin\AppData\Local\Temp\tmplscw9533\webdriver-py-profilecopy\places.sqlite
| MD5 | 1ed7c2bd7ffbaf447f5206e035d8bdfa |
| SHA1 | 8455c9b465e9abe8a90f394a8ab5fb769b10fe15 |
| SHA256 | aa15d65dde814599e444b377f36d090400b18206edfea6f5d3086be4a01338d9 |
| SHA512 | eb3faeb0ab14060722e69e216ea27907679d02a09965ba2b2757da64a086932ff721ae1d4daf65028c86ca354575a4c1cea6637242925a3f5bd79e176704844d |
C:\Users\Admin\AppData\Local\Temp\_MEI44522\Tor Browser\Browser\firefox.exe
| MD5 | 4b8a97c46229512e9cdd73103b9dd509 |
| SHA1 | 6b00b5f1ae7f031ab3df533bd0ee620100fc9e39 |
| SHA256 | 3f00fd6dd1d025f9639e1bd3a5e0f01dd273abc095bce9886a5cbdfa2da23c0b |
| SHA512 | d0b554cdfce241affc78e0b47a9ad605d41fb28771fe155f642f00c0824272cddb54a706eff77a3bafd84c7124e28ce09a51da10ffc97d862eb9bcf8faff381d |
memory/2936-532-0x0000029D005F0000-0x0000029D00600000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJQXrw5\extensions.json
| MD5 | c1088c776dde5df0f4f6250f86a6185a |
| SHA1 | 1e700d97ba35974466a1cc5f91f18a16de018de3 |
| SHA256 | a5dde5240f055dadae7413d8d8c4b023b85ebefa2f15812dbf42a781e75949c7 |
| SHA512 | d4fea5feea737157d73cef68d3c49fbdaaf848e18ecbe68f80f8100cd257584b9d14530a43c11f80187643ced60d74af40a76098af1a0f21257f972130da0a5d |
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus.tmp
| MD5 | 4c17d8aab9d46a4167d874cad4e3a7e3 |
| SHA1 | 243133d6f00280d4a85c5700c178e5801020a193 |
| SHA256 | 6cf46d9fa63bb1c4d252204aae09e4f5f5ea0ffe634a1cf7b30272d8a1f334f9 |
| SHA512 | 2880b24cd4cf54e494bf939e59f2b4180e68f7372a6a55e3c378652df4c1f5d45a443b07c6ea47a7363c939e94c0d57a2eb16462acbd92d232e4a7a218ac4f6a |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | c45271376a43dabf05b8474940f4d65b |
| SHA1 | 1289999a70461fd49d559043b983d7258242fa75 |
| SHA256 | 35621dd1e58b34fbffb75ed6e9ae1e894a165edc72c0a5020a9041cdc91b562b |
| SHA512 | a8432905430ed89914d1462aadad2a860c824c13d129cdbc7aba3e5d828fa2a77d23317dbcb937a93bba7108e36659b58f07aad7a8a40023be5d52fe693e45f3 |
memory/2936-581-0x0000029CF52A0000-0x0000029CF5410000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJQXrw5\prefs-1.js
| MD5 | ad29c60f9448603137db5ca1daef3b60 |
| SHA1 | db20b0b639fb9387f748e7fda3ed1f8afbd2f861 |
| SHA256 | 8b2bd3e4720bd4a7bfdcd5365c66c586938fa4fdc0207d7c0ae63dc00d3d96a4 |
| SHA512 | ed628b94d39762de022c0b6316b2f5e7587e44a98a3721d11508c5913d79e4033ede4c7e4564f7c6e4c25b0fbb18a6bdd73ced25237583a91ed3a43b588de334 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileJQXrw5\prefs-1.js
| MD5 | 37deaeec1c1ed405d1f1738f2062f3f7 |
| SHA1 | 2b02d34fca6092be97e3d6d7748791b993622e35 |
| SHA256 | 8c3ebccd1d62aab7f67a48d97cd7014d164e1c454bbf546157fd439d94fb709b |
| SHA512 | 2762c2a8c78b08193852160fd27acc3e59b0dc46b1ecb254fba6ee3ad25839218a3fc4e98c57b8bb94142b1a2b59006b1a529bf32e7f94fecfdab5599aadbcb1 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd\extension-preferences.json
| MD5 | b4298c9a240d6b7b63346daf94013802 |
| SHA1 | 9ce98168437854b51b198c16186c05129f0c273b |
| SHA256 | e120cdbe8994b9c61e74492f0fad161abb5b4e18f64d4b786a8c245ae5a384d5 |
| SHA512 | 545becc42b35be10b4c24fdc38ef6b664d167e4288111f31478f476c2c06794efb802ac0fa2b782cddea1283d295a56053e96520b033258bd596ff6fbb4f1b4c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd\startupCache\webext.sc.lz4
| MD5 | 1b799cc5b6cf681cfa54d37c8ce8cb06 |
| SHA1 | 2f0fae44eb2fe74542df923e37f0c7e23a74fd17 |
| SHA256 | ce654b3257aec215ee980682aa6a48628dac50252a09301efe8686ff3f406a03 |
| SHA512 | 10263e878623c9375095f150a83e5fe42fb5feccea139e107d37b2337f0c68c4f8a47952247d7e8517876a12dcd696202b8ecdf115577c0e416a489a280451d3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd\prefs-1.js
| MD5 | 98263aca0538d7e6ca0069ba910cf52d |
| SHA1 | b42b6691181fe98a3c068bea7ca53bf85225e02e |
| SHA256 | 3195d582aa2afb493bbe7c1fd3bf55094d8246896d339f840caa5c5e268dd09a |
| SHA512 | 4d230da6745e5136d1d5469cc8a596ede61e29e4a8fd3255ce4c8f7daf68b28f88905601f7f9b147a5b191041fe3adc2b5cd259c12cbcde2494e9bf2e48d087c |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd\broadcast-listeners.json
| MD5 | 97c3738563a9448365a735f5f29ed3d5 |
| SHA1 | 15a81433236ca6e6ecc4e1c8d0fdb8523b265c57 |
| SHA256 | 63221253f5c30efa214c2cd2adcf51a9c9f9a2c05f119b00a51c9579825c2c24 |
| SHA512 | ed98f42d5d02ab53a9e50f80b312bed4b5d05d053bec582cf9d619ef91251e86cf4f4d1123c645500fc1dc4673b49a8b7badd3f3a39f565ac643ca4fd0157ae6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd\prefs-1.js
| MD5 | 63d1b125fd6f082925bd06c9c6195c6e |
| SHA1 | bc01260b30cb295ee568f7df17b49d6ce398e01a |
| SHA256 | fe9f8554bbb55ce3e2a3c7c45b59226e802b9cdb5dcb64aaf0fa97ba7f86c0fe |
| SHA512 | 9f9eea56c0316e705c5ba6572c96548baa3a4da28b1ee0b6808dce3a538760ce94c43496098a431791dfb47d91a176e926e1fa50d0e59719a2ecca656e07f7f6 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd\sessionCheckpoints.json
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofile45vvOd\xulstore.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFl9kbc\user.js
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFl9kbc\prefs-1.js
| MD5 | 9a7617e6fcc645f5143b9abec2b7336f |
| SHA1 | c844d60759a5e654864a188391f9b5bcd6687bf4 |
| SHA256 | 0c02937ea1754b3c917aaec407c2dd49b85680911a484c97df53447e38f38381 |
| SHA512 | 5988ebd7361a4d72053e9c8acbf4559a8a0b7164cdf779cfc131de81f371c86705552cbd56b84ba5779eea1b89e1e8113c68f458f42cdd686acf8e36261a9c74 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFl9kbc\sessionCheckpoints.json.tmp
| MD5 | 29ce37dc02c78bbe2e5284d350fae004 |
| SHA1 | bab97d5908ea6592aef6b46cee1ded6f34693fa2 |
| SHA256 | 1bfee61e2f346959c53aa41add4b02d2b05c86c9f19ffefe1018f4a964bf4693 |
| SHA512 | 53a9eb746e193c088210d8eaa6218d988f3a67ee4cb21844d682ff0178db040932404f5ce2f3cf8b4576313ba0ec33c04ca288c3412bfa5df7dd8230cc2068bb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFl9kbc\datareporting\glean\db\data.safe.tmp
| MD5 | 63b1bb87284efe954e1c3ae390e7ee44 |
| SHA1 | 75b297779e1e2a8009276dd8df4507eb57e4e179 |
| SHA256 | b017ee25a7f5c09eb4bf359ca721d67e6e9d9f95f8ce6f741d47f33bde6ef73a |
| SHA512 | f7768cbd7dd80408bd270e5a0dc47df588850203546bbc405adb0b096d00d45010d0fb64d8a6c050c83d81bd313094036f3d3af2916f1328f3899d76fad04895 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFl9kbc\startupCache\scriptCache-child-new.bin
| MD5 | 2724d7dd31542eea53805994d9290cd8 |
| SHA1 | 7b5d8536b060269d79848eaa6e2362333bc0f8ec |
| SHA256 | 72f0d983fa1c2017f7402b19caf50305d7bd8001ed4e7797bc3dc0528f3081a1 |
| SHA512 | 6ea98f95ca46f2b83081b546bf6238de11a829853105233bb29cf9ceeb69ace8c69ae90e94c9b5143f91f05713cfbf82f63265733f6233ecf5acb867758c1ee0 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileFl9kbc\prefs-1.js
| MD5 | 94905b07058d331f2b2f3e5c9ed9e242 |
| SHA1 | 42ca8c1f7935168f936edf4fe1fc38f69ac58756 |
| SHA256 | faf601e21d0ff02a7df03e8e9522874c96604ba84d0c2c05620034586a6eedf6 |
| SHA512 | f84fb4231edb5045d8c90b7f41225796952f96fb6e0e58d91c2fc43c90a6c855b0f7be6b23b596c2e050d39033d74b73c03eef747143748154057a0236934210 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegqyRk6\datareporting\glean\db\data.safe.tmp
| MD5 | 1c3c58f7838dde7f753614d170f110fc |
| SHA1 | c17e5a486cecaddd6ced7217d298306850a87f48 |
| SHA256 | 81c14432135b2a50dc505904e87781864ca561efef9e94baeca3704d04e6db3d |
| SHA512 | 9f6e9bcb0bba9e2ce3d7dabe03b061e3fda3f6d7b0249ecf4dbc145dc78844386d047ee2ac95656a025ef808cd0fc451204dc98a1981cf2729091761661a3b49 |
memory/688-1361-0x0000017B2C5A0000-0x0000017B2C5B0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegqyRk6\prefs-1.js
| MD5 | 7f68dc61d45f2b81879cb87285750f64 |
| SHA1 | 73888a1ab7e6bd47e7ff4f261cddfd9b5ee87356 |
| SHA256 | 638c762b67e36898c390d556174b457e1080adfdf2fa2e63466776278ff95c1a |
| SHA512 | bd1c7014beba4dd7b71a172667f9053ddee567fdf4da9ed88bb1757d379038d4dccc3f08fd8e1994e0507cd323fc1a7194edfbf2f3196f0ed5fab0d265373da3 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofilegqyRk6\prefs-1.js
| MD5 | 9f4a9b67c1ef78ecbdce7a561b031595 |
| SHA1 | b01a15295c9e4e78523d6949510a36347633126d |
| SHA256 | 1b3c6e4b1d2f1a3bfb12a0e4675414fd6002d1723908f334593330f292fb21be |
| SHA512 | 684e8788b4423837f10cfa1412937aac2951b2d216c777216033520528a24cbc011a6fb9cc158c4aea6b19905521836320c2e3962cb7cd81e8fb21ede64c4d19 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileweYNwS\compatibility.ini
| MD5 | 45b0e81f02447c0ab47a4cfea12a66eb |
| SHA1 | 3a34edc1723333127101bcaf97f43dede1a09e1d |
| SHA256 | 0801cb7d52d17f4d8cdcaaa724236c2d2305f4a49a2f159015150cce9fae9a34 |
| SHA512 | e4eafc57fbd571642010045d9ea38a7f6ce3a2d0ab17a54cebaa4ec89f97be76c48cbd193080367af843aa1e8fc9df8586478e3b19abde9db468d071413b3863 |
memory/4696-1539-0x000001C94B810000-0x000001C94B820000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileweYNwS\WebDriverBiDiServer.json
| MD5 | 525480f86e467bd41ad500fd525ca413 |
| SHA1 | 4d9e10e2c4dfe1388a7d31f3fdc6be922da8a2dd |
| SHA256 | fff08780b374ce7a1332627ebf6187a9531d73615c1b62373334158310195ce2 |
| SHA512 | 78c286e8e5c00516273ed2e8666f03ad1e5e140e04a5facab61d646f2059776bfef4d355e8d2ab9ab2fa32f850c5b8733a85ffa1a8d784e046e6907423dbca56 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileweYNwS\datareporting\glean\db\data.safe.tmp
| MD5 | 7fba44cb533472c1e260d1f28892d86b |
| SHA1 | 727dce051fc511e000053952d568f77b538107bb |
| SHA256 | 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf |
| SHA512 | 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileweYNwS\prefs.js
| MD5 | 9f67805083f7b1c9a45af2685c4da35d |
| SHA1 | 6e027374c1b0edc95641db4e7045fda875f4d51e |
| SHA256 | c14c113564c7e55a2f34db1849ada473f5bdbdfe5ef535b523903be7da4ad990 |
| SHA512 | e59fcc982e2d0050e1bf2a7d94bca673ad1953d7d1d8799a4637a584095dfad0311cb6796ba3975c2dc7ea400c7c73ce2489f2a55ecd8ed936576de1b661bedf |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileweYNwS\prefs-1.js
| MD5 | c6e3e8ba3f6126354677a0860f742f9c |
| SHA1 | 721137e6b01cbeb7640b8971d0742db66693091f |
| SHA256 | 50ff30f2eff205c848c9c25e6374b395cfdf68aca903ae1d9fb44ee8f3661817 |
| SHA512 | f5887c4086aff7caf6c38681a466324c61766ee03a7fcece12bf1949ee0e2a4a54813ab3f7ec47a63f8d7989ff6e0a10f9c7e3bc317462508e9d3ba929ed5aeb |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileweYNwS\datareporting\glean\db\data.safe.tmp
| MD5 | 7d3d11283370585b060d50a12715851a |
| SHA1 | 3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3 |
| SHA256 | 86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9 |
| SHA512 | a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileweYNwS\storage\default\moz-extension+++bdbcb9a0-4eeb-4091-b596-7b6a565a3d0c^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite
| MD5 | e275b869e7da572b48b9a72fab90b159 |
| SHA1 | 64fc52d945e0365ba5daa3983e6e45848a4c5a74 |
| SHA256 | b02d7e2cb2e8e858b189ad412655e6f01d89aba22b2d506d9ff34ec4c691ad00 |
| SHA512 | 7e65115fe8011a2a53cf00c350b9d5db369d38371245e360c9fac13ef6998d540fd387b0ba4ba7e1ca9b243c6280b6e83aeb1214ac2e4145ccf891846bd6b058 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileweYNwS\prefs-1.js
| MD5 | 91f09ecf5fc74ddb296d09dce289089d |
| SHA1 | 5c487c311b7cb79a012039aabd6f855eedc037e2 |
| SHA256 | 1c25d6496c507a1ff37686fa61810019b12c978fcd84acb293e38b7dd8d93866 |
| SHA512 | dde0db125fd075e232a4e28ba5027eb0134c3334dc7ffbd788bf9501b45b7bd9ec0042bdb96b9c72a645f2178e20bea12d5abe6e26804a94bc60cdfd6a1e0197 |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileweYNwS\storage-sync-v2.sqlite
| MD5 | bff4d6361e4126d963ab7dffdc7550ce |
| SHA1 | e2660c2f00b0aef4a81972c6a6093935d5aa40d5 |
| SHA256 | ad0828e5ff9d4188151772cd9af85827a431d122901486590c5734b62b4af2d2 |
| SHA512 | 8d967c085d343d50a76cf14e88ed2fb742a7195034ddbaacd57d2c47abf0218a5f6878528a8f37c8f3b61496f61b5e254d205003af87a3cf156ba12ea59f65bc |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileweYNwS\content-prefs.sqlite
| MD5 | b15425d1f21f5708184e35493e63c8a1 |
| SHA1 | e944c1fdf56a3f6a5150b77980e89d48c7b57be2 |
| SHA256 | 7a9012d1846763fe9dcb059035972a023ec29f2b9c03f865f0a6f6df6ef2a6c0 |
| SHA512 | 6b54e30e0a060261bdac98ef818d1053fbabf0d6b8a17efc729942729ed6e6dddb29063b079ddb1dcd1b4edfc85a0311cf821b4b3291372c834a00733456423f |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileIlhAxY\prefs-1.js
| MD5 | df6ff4de805256be12ce9285f0bed0c8 |
| SHA1 | 6e9dd0c8f4ca0da37ac2db78fb2c308f6d8db345 |
| SHA256 | 735e6ced65b75e7d575c44bf6a17432d1efd02c6f32ac68ca490d28a0370221d |
| SHA512 | e5dea3b04b1683ce799ceb6a428e0b619c2058b7b31d48f6d57a6f39f1169557efd4a109fa500797c07873f2a95e8e5e871363a3a2e182172a43a82675a9f75d |
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxbKBQ\prefs-1.js
| MD5 | 7353696755220b1b8248d9f036e5410a |
| SHA1 | 0221f30ff83aca6acbf1cad4ddff8fdd49c41be3 |
| SHA256 | 24fde2a8e5c2286f1e8bd8ed6c1b4366bad2d46b77cccce768a7c23d19a29757 |
| SHA512 | 33c31f7be208850d934ea99452ff56fc38431442da2b0716049d9bea80f628f5735142b486fcf53be0f278c60c82f25ee67d4d9c6f7aa86ace63b0b10de00abf |
memory/4688-2145-0x0000029C70530000-0x0000029C70540000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rust_mozprofileXxbKBQ\prefs-1.js
| MD5 | 59b629911fb51a92f7f7320e3d3bcc13 |
| SHA1 | 40b2b4335eae5ceda0a2f4daf981589cc8387570 |
| SHA256 | 3dca88dcbfe478ade360b13d52f209c77f862c705f8bebdbd3801f628cabe98b |
| SHA512 | f9203628b1e8c3072bb13eaacc216374208daf4aa98ab2bd432ad06d198c3b7657a36e3181a9fa5b6af3688c64b9bf9f8d8062da4adc5b4d003193b92a50dd41 |